Ralf Koch
I know we had the discossion some times ago. Do you know anything about actual (!) security flaws of sendmail? And if not - why should postfix be more secure? (See discussion of "secure" FTP daemons)
Well, I'm not up to date with the latest releases of sendmail (when I left it for postfix, two years ago, a buffer-overflow bug had been discovered in its then current version), but while the probability to encounter a buffer-overflow bug in general C software such as sendmail is quite high (2/3 ?), postfix has been programmed from the start with special considerations to all these kind of security-related problems, and while I've only browsed lightly the code of postfix, it's programmed in a way that make the probability of one of these dreadfull buffer overflow bug very low. The fact that it's very modula, with several subprocesses, neither of them running as root (postfix would refuse to run as root), implies that if ever there should be a problem, it would be confined to a small part of postfix. Each processes (and even some internal functions) do constantly validate the data it gets from the other parts of postfix or from the exterior world. -- __Pascal_Bourguignon__ (o_ Software patents are endangering () ASCII ribbon against html email //\ the computer industry all around /\ and Microsoft attachments. V_/ the world http://lpf.ai.mit.edu/ 1962:DO20I=1.100 2001:my($f)=`fortune`; http://petition.eurolinux.org/