The SMTP service HELP command must not be enabled on AIX.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-215417 | SRG-OS-000480-GPOS-00227 | AIX7-00-003122 | SV-215417r991589_rule | 2026-02-06 | 3 |
Description
The HELP command should be disabled to mask version information. The version of the SMTP service software could be used by attackers to target vulnerabilities present in specific software versions.
ℹ️ Check
Run the following command to get the "HELP" file location:
# grep "^O HelpFile" /etc/mail/sendmail.cf
The above command should yield the following output:
O HelpFile=/etc/mail/helpfile
If the above command does not yield any output, this is not a finding.
The "HELP" file should be referenced by the "HelpFile" option.
Check to see if the "HELP" file exists:
# ls <helpfile_path>
If the "HELP" file exists, this is a finding.
✔️ Fix
To disable the SMTP service HELP command remove the HELP file using command:
# rm <helpfile_path>