samiurrahiman mohd
asked on
Exchange 2016 http Headers information hide for external world and Undeliver Emails are showing servers headers information
Undelivered Emails are showing Exchange server 2016 servers Host name and IMSVA Headers information. How to remove the Servers host name and postmaster Emails.
Recently i worked OWA - to remove the Servers Headers information in IIS. Kindly suggest me how to remove the servers headers information.
1.https://mail.domain/owa ----->it's not showing the servers information as per the Microsoft Technet article.(https://blogoffice365.com/secure-owa-headers-for-exchange-server/)
2.If i use https://mail.domain --->it's showing the servers information in sniffer information in sniffer tool.(http://www.1-hit.com/sniffer.htm).
HTTP Response Header : HTTP/1.1 302 Moved Temporarily
X_FESERVER : "SERVER HOST NAME" it's appearing. Need to hide for external world.
3.Undeliver emails are showing Exchange servers headers information for External and Internal Emails.
Please suggest me, how to disable the Exchange 2016 servers host names in undelivered Emails and https://mail.domain.com server X_FESERVER: "SERVER HOST NAME"
Your help must be appriciated.
Thanks-Sami
Recently i worked OWA - to remove the Servers Headers information in IIS. Kindly suggest me how to remove the servers headers information.
1.https://mail.domain/owa ----->it's not showing the servers information as per the Microsoft Technet article.(https://blogoffice365.com/secure-owa-headers-for-exchange-server/)
2.If i use https://mail.domain --->it's showing the servers information in sniffer information in sniffer tool.(http://www.1-hit.com/sniffer.htm).
HTTP Response Header : HTTP/1.1 302 Moved Temporarily
X_FESERVER : "SERVER HOST NAME" it's appearing. Need to hide for external world.
3.Undeliver emails are showing Exchange servers headers information for External and Internal Emails.
Please suggest me, how to disable the Exchange 2016 servers host names in undelivered Emails and https://mail.domain.com server X_FESERVER: "SERVER HOST NAME"
Your help must be appriciated.
Thanks-Sami
ASKER
So you mean to say Microsoft and google will not recommend to hide the http headers info.
But.security advisories!
How to improve security enhancement to hide the server information like X_FESERVER and X_poweredby etc in exchange 2016.please suggest.
But.security advisories!
How to improve security enhancement to hide the server information like X_FESERVER and X_poweredby etc in exchange 2016.please suggest.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks Al-Habshi.
Google, Microsoft ...etc not hide that information.