Good morning !! Security of a mail-system seems to be really important and I wonder why SuSE still keeps on using Sendmail as MTA. I walked through a lot of docs and howtos and thought it as VERY difficult setting up a Mail-System. YaST is doing a really great job in maintaining the system, setting up etc... BUT why does SuSE not provide the possibility of installing qmail. I switched from Sendmail to qmail and think it's great. It is easy to configure, works fast, is secure (I've been told the guy who wrote qmail even rewrote some of the libc-functions, because he didn't trust the common ones, also there is a reward of some money for security-bugs in qmail) Will there be use of qmail by SuSE sometime in the future ? (I think the mail-server of SuSE itself is qmail - right ?) -- MfG, Christian
Good morning !!
Security of a mail-system seems to be really important and I wonder why SuSE still keeps on using Sendmail as MTA. I walked through a lot of docs and howtos
Show me a root hack in sendmail recently (and no, the Linux kernel capabilities bug doesn't count, you can use programs other then sendmail to exploit it). Sendmail has a nasty track record, but has made a lot of effort in the last 2 years to clean up (because they are selling it commercially now, heh). I would use it if I had to, but since Postfix is out I don't =).
and thought it as VERY difficult setting up a Mail-System. YaST is doing a really great job in maintaining the system, setting up etc... BUT why does SuSE not provide the possibility of installing qmail. I switched from Sendmail to qmail and think it's great. It is easy to configure, works fast, is secure (I've been told the guy who wrote qmail even rewrote some of the libc-functions, because he didn't trust the common ones, also there is a reward of some money for security-bugs in qmail) Will there be use of qmail by SuSE sometime in the future ? (I think the mail-server of SuSE itself is qmail - right ?)
Qmail has a terrible license, basically you cannot distribute binaries of it to easily. I have talked ad nauseum about this with people like Vincent (Mandrake security guy who had to package it, it caused him a huge amount of grief). This means vendors prolly won't be backing it to strongly (personally? I wouldn't back it at all). I'd put my money on Postfix (which BTW I haven been using for 2 years). The IBM license is MUCH saner and postfix has many advantages over Qmail (regex filtering of headers, database as the back for config files, etc).
-- MfG, Christian
Kurt Seifried SecurityPortal, your focal point for security on the net http://www.securityportal.com/
"Bockermann, Christian" wrote:
Good morning !!
Security of a mail-system seems to be really important and I wonder why SuSE still keeps on using Sendmail as MTA. I walked through a lot of docs and howtos and thought it as VERY difficult setting up a Mail-System. YaST is doing a really great job in maintaining the system, setting up etc... BUT why does SuSE not provide the possibility of installing qmail. I switched from Sendmail to qmail and think it's great. It is easy to configure, works fast, is secure (I've been told the guy who wrote qmail even rewrote some of the libc-functions, because he didn't trust the common ones, also there is a reward of some money for security-bugs in qmail) Will there be use of qmail by SuSE sometime in the future ? (I think the mail-server of SuSE itself is qmail - right ?)
I dont' know about qmail and the SuSE-distros. But I know for sure you can select postfix as an MTA directly out of the SuSE-install-process (as of SuSE 6.4). I work as an independent consultant for Internet-services, with hot topics "email" and "security". In my work, I was satisfied with postfix under Linux/SuSE. Bye the way, yesterday there was a thread like "SuSE should be as secure as OpenBSD". AFAIK OpenBSD still uses sendmail... --emmerich
participants (3)
-
Bockermann, Christian -
Emmerich Eggler -
Kurt Seifried