I would like to change the SMTP 220 Response. Currently I am receiving “Hi, I’m a Mail-in-a-Box (Ubuntu/Postfix; see https://mailinabox.email/ “. Can anyone help me customize this response?
This would not be a supported change, however this is done in Postfix I believe:
Backup the configuration before editing.
/etc/postfix/main.cf
...
smtpd_banner = This is a greeting / banner.
...
Variable for the hostname is $myhostname.if you need to use a variable in that string.
This will be overwritten with every update.
I will try it. Thank you for your quick response!
Actually, it may improve security, as broadcasting that the server is running mail-in-a-box gives a potential attacker the advantage of knowing the security policies and server configurations, since Mail-in-a-Box has a standard configuration.
I forgot who/what the theory is called where it is a security consideration where or not the protocol or system is known, because an unknown system/protocol is more secure, as attackers are at a disadvantage at approaching an unknown/unfamiliar system. If only I wrote it down…
A simple scan of port 80 on this server already describes it’s MIAB. So changing the banner for security is moot.
Well, if you change all the banners/responses to NOT include MIAB, then there would be an improvement of security.
Security by Obscurity
which some argue is no security at all …
1 Like
I’m new to hosting mail servers, so there’s an awful lot I don’t know, and then there must be more that I don’t yet know I don’t know, but all week now I’ve been reading articles on the subject, many of them discouraging the use of private mail servers, making the point that deliverability is a significant problem without reputation - mails often get sent to junk or spam folders.
So, I’ve just read this article How can I prevent my e-mails getting marked as spam? - Blog - Contabo about normalizing the SMTP banner for that reason, nothing to do with security.
Would you guys agree - that an smtp banner which concisely identifies the sending box with its name is a good policy?
I would leave the banner, as is. MiaB has depending on where you look >10k or >20k installs. It has something of its own footprint, so if we’re going with analytics tools and how they interpret the 220 response compared to other responses, just go with keeping everything default.
I don’t care what the haters say, and I’m glad there are more people who feel the same about hosting their own mail server. Given everything that Google, Microsoft, et al, have their fingers in, I can’t fathom a tech company in any space using their email services and paying for it. I think less of those companies and their I.T. decisions every time I see an MX record with aspmx.google.com or protection.outlook.com.
After enough time, you won’t have any deliverability issues, especially if you keep the same IP address, which is what I’ve done.
That makes very good sense. MiaB clearly has far greater reputational authority than my wee operation ever will. Do you also believe that MiaB may have a good reputation at receiving ports everywhere? Is it possible that some users may have behaved ‘badly’ and tainted the name?
There will be even more with package defaults, particularly postfix.