I've been asked the above question by a penetration tester
Currently its bundled with version 2.8.2.
we did an audit on securityspace.com ,,
and it reported that the version of postfix was 1.1.12 or older ???
The remote host is running a version of Postfix which is as oldas, or older than 1.1.12.
Is there any way to SSH/telnet into the appliance to manually verify,,,
port 24 is open but the connection closes as soon as you enter a userid...
and OS seems to bastardized to limit regular Linux root logins...
thx
Yes that is the result our pen tester got too, hence why I raised the question.
I have had the Version 2.8.2 confirmed by support as stated above, however I also had no way of checking this myself.
what service did you use to do the penetration test... ?
The test was conducted as part of our Cyber Essentials certification which is a government led initiative into Cyber Security here in the United Kingdom.
we used securityspace.com,,
their tools reported that our sophosemail appliance was version 1.1.12 or lower....
