The SMTP service HELP command must not be enabled.


Finding ID Version Rule ID IA Controls Severity
V-89663 VRAU-SL-000610 SV-100313r1_rule Medium
The HELP command should be disabled to mask version information. The version of the SMTP service software could be used by attackers to target vulnerabilities present in specific software versions.
VMware vRealize Automation 7.x SLES Security Technical Implementation Guide 2018-10-12


Check Text ( C-89355r1_chk )
Check the permissions of the sendmail helpfile:

ls -al /usr/lib/sendmail.d/helpfile

If the permissions are not "0000", this is a finding.
Fix Text (F-96405r1_fix)
Run the following command to disable the sendmail helpfile:

# chmod 0000 /usr/lib/sendmail.d/helpfile