Ruprecht Helms wrote:
Hi,
On 13-Apr-02 Jon wrote:
Well thousands do use Sendmail.
and use an old and not secured mailserver. Change to qmail and you will have a secure mailserver that needs less ressources and if you follow the instructions of lifewithqmail you are independent from inetd, because qmail use Dan Bernsteins tcpserver.
[...] some versions of sendmail had their share of problems, but neither the actual version, nor most of the older 8.x variants are unsafe in terms of security holes; the ones which are vulnerable (e. g. to certain BoF attacks) have been patched in no time. Unauthorized relaying is another issue, but that has been changed per v8.9 (sendmail does not relay out-of-the-box anymore). I agree that it might be a better approach for really small mail setups not to use the relatively big sendmail as a primary MTA (for practical reasons, not because of lacking security), but in most other cases, sendmail provides reliable mail services, with high performance, stability and security, and a bunch of features you can't afford to miss if you implement bigger scale solutions.
Regards, Ruprecht
Boris Lorenz <bolo@lupa.de> ---