The SMTP service HELP command must not be enabled on AIX.

Severity	Group ID	Group Title	Version	Rule ID	Date	STIG Version
medium	V-215417	SRG-OS-000480-GPOS-00227	AIX7-00-003122	SV-215417r991589_rule	2024-08-16	3

Description
The HELP command should be disabled to mask version information. The version of the SMTP service software could be used by attackers to target vulnerabilities present in specific software versions.

ℹ️ Check
Run the following command to get the "HELP" file location: # grep "^O HelpFile" /etc/mail/sendmail.cf The above command should yield the following output: O HelpFile=/etc/mail/helpfile If the above command does not yield any output, this is not a finding. The "HELP" file should be referenced by the "HelpFile" option. Check to see if the "HELP" file exists: # ls <helpfile_path> If the "HELP" file exists, this is a finding.

ℹ️ Check

Run the following command to get the "HELP" file location: # grep "^O HelpFile" /etc/mail/sendmail.cf The above command should yield the following output: O HelpFile=/etc/mail/helpfile If the above command does not yield any output, this is not a finding. The "HELP" file should be referenced by the "HelpFile" option. Check to see if the "HELP" file exists: # ls <helpfile_path> If the "HELP" file exists, this is a finding.

✔️ Fix
To disable the SMTP service HELP command remove the HELP file using command: # rm <helpfile_path>