Unfortunately, sophisticated spammers can expand mail lists using the SMTP EXPN command. Also with EXPN, spammers can discover the address to which Majordomo's resend script sends mail. For this reason, administrators should disable EXPN when serving mailing lists.
A good way to tell if you have EXPN enabled is to actually telnet to the SMTP port on your machine and try it. If EXPN is enabled, you will see something like
[root@majordomohowto ~]$ telnet localhost 25 Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'. expn test 220 majordomohowto ESMTP Exim 3.35 #1 Wed, 27 Nov 2002 19:05:02 -0500 250 <|/usr/local/majordomo/wrapper resend -l test test-list-XXXX,discard>
In sendmail.cf, add the line
O PrivacyOptions=noexpnIf you prefer to use M4 macros, add the following line to your sendmail.mc file, and regenerate sendmail.cf.
define(`confPRIVACY_FLAGS',`noexpn')
In exim.conf, you can specify the hosts that can execute the EXPN command. To disable the EXPN remove the line that sets the smtp_expn_hosts option. For example, if your configuration file has a line that reads
smtp_expn_hosts = *simply delete it.
As far as I know, EXPN is not implemented under Postfix; so there is no need to disable it.