The SMTP service must not have the EXPN feature active.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-4692	GEN004660	SV-35076r1_rule	ECSC-1	Low

Description
The SMTP EXPN function allows an attacker to determine if an account exists on a system, providing significant assistance to a brute force attack on user accounts. EXPN may also provide additional information concerning users on the system, such as the full names of account owners.

STIG	Date
HP-UX 11.23 Security Technical Implementation Guide	2015-12-02

Details

Check Text ( C-36575r1_chk )
Perform the following to determine if EXPN is disabled: # telnet localhost 25 expn root If the command does not return a 500 error code (command unrecognized), this is a finding. OR Check the sendmail.cf configuration file by: # cat /etc/mail/sendmail.cf \| tr '\011' ' ' \| tr -s ' ' \| sed -e 's/^[ \t]*//' \| grep -v "^#" \|\ grep -i privacyoptions \| egrep -c -i "noexpn\|goaway" The O PrivacyOptions should have the noexpn or the goaway option (covering both noexpn and novrfy). If the EXPN command is not disabled, this is a finding.

Check Text ( C-36575r1_chk )

Perform the following to determine if EXPN is disabled:
# telnet localhost 25
expn root

If the command does not return a 500 error code (command unrecognized), this is a finding.
OR
Check the sendmail.cf configuration file by:
# cat /etc/mail/sendmail.cf | tr '\011' ' ' | tr -s ' ' | sed -e 's/^[ \t]*//' | grep -v "^#" |\
grep -i privacyoptions | egrep -c -i "noexpn|goaway"

The O PrivacyOptions should have the noexpn or the goaway option (covering both noexpn and novrfy). If the EXPN command is not disabled, this is a finding.

Fix Text (F-31943r1_fix)
Edit the /etc/mail/sendmail.cf file and add or edit the following line: O PrivacyOptions=goaway Then restart the Sendmail service.