Topic: Security issues
==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release):
- Deployed with iRedMail Easy or the downloadable installer?
- Linux/BSD distribution name and version:
ubuntu 18:04 LTS
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Web server (Apache or Nginx):
- Manage mail accounts with iRedAdmin-Pro?
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
I realise this is a postfix but just throwing it out here please
When running security scans bank demands it fails with the below
Banner Based Vulnerabilities for Postfix smtpd
One or more vulnerabilities have been found that affect this service. Please see the relevant CVEs for more details.
Apply the latest vendor patches to the Postfix smtpd service running on port 25.
CVE-2009-2939 6.9 CVE-2008-4977 6.9 CVE-2011-1720 6.8 CVE-2011-0411 6.8 CVE-2012-0811 6.5 CVE-2008-2936 6.2
CVE-2020-12063 5.0 CVE-2017-10140 4.6 CVE-2008-3889 2.1 CVE-2008-2937 1.9
AV:L/AC:M/Au:N/C:C/I:C/A:C AV:L/AC:M/Au:N/C:C/I:C/A:C AV:N/AC:M/Au:N/C:P/I:P/A:P AV:N/AC:M/Au:N/C:P/I:P/A:P AV:N/AC:L/Au:S/C:P/I:P/A:P AV:L/AC:H/Au:N/C:C/I:C/A:C AV:N/AC:L/Au:N/C:N/I:P/A:N AV:L/AC:L/Au:N/C:P/I:P/A:P AV:L/AC:L/Au:N/C:N/I:N/A:P AV:L/AC:M/Au:N/C:P/I:N/A:N