Those users are "useful" if you have the associated applications installed. They're typically used to run those apps as non-root. I've never used xscan so I don't know whether it was simply detecting an open port or detecting a vulnerability in the smtp application. You may need to dig into that one. If you don't need them (ie oracle), then whack them.
On a side note, I once worked for a company that hired an outside firm to do a "security audit". Their report noted that one of our servers was vulnerable because port 25 was open. Umm, yeah, it was our smtp gateway. When asked how they determined it be be vulnerability, they replied that they had a "highly specialized network detection tool" which later turned out to be some cheesy Windows-based port scanner.
|