On Tue, 28 Nov 2000, Max Lindner wrote:
Hi!
I'm must make a decision wether to install sendmail or not. I've heard that sendmail is unsecure, but it is also used very often. My case would be a server without really sensitive data, only public html-files on apache and so on. What do you think about sendmail? Do you know other mail-deamons which are more secure?
Here we go again. ;-). Sendmail if you use the current version is totally secure (if anyone knows hacks for sendmail 8.9.3 or later I'd love to hear them!). You can use postfix if you want, but the differences are mainly in the configuration, which for someone new to mail might be a little easier. Next to that the system load generated by postfix is probably a little smaller. Qmail I don't know, but I'm getting a little tired of people who call sendmail insecure without having a valid example of where postfix or qmail is superior to sendmail in the way of security. Sendmail's userbase is a lot larger than that of the others, and (partly because of this) it might not always be the first to implement new features, but it's never far behind.
Thanks for help, Max Lindner
Stefan