[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: To Sendmail or not to Sendmail.



Sendmail has been extensively scrutinized, and there are no publically known
security holes in the current version.  Of course this has been said in the
past, and holes later came up... If you are worried, try out qmail or
postfix, which are (supposedly) more secure through design (and faster too).
My personal preference is postfix, which drops right into OpenBSD and
replaces sendmail with minimal configuration....

Sendmail is the de facto standard, so it won't go away from the Unix world
any time soon, if ever.  You can customize and configure sendmail to the nth
degree, and deliver mail anywhere, something that you can't do with qmail and
postfix, also because of the way they were designed.  This makes it
indispensable for some sites, and is why it comes standard with *BSD, some
Linux distributions, and most other commercial Unixes out there.

Large parts of the internet rely completely on SMTP, and a little UUCP, if
your site is this way then one of the more modern mailers will work.

On Thu, 30 Sep 1999, Joe Pepin wrote:

 | What are people's opinions of Sendmail from a security standpoint?  Is
 | running an 8.9.x sendmail 'secure' as opposed to some of the 'drop in
 | replacements' available?  I want to run as secure a mail server as possible
 | on OBSD 2.5.  If there are more secure alternatives, what are they?
 | 
 | TIA,
 | 
 | Joe Pepin
 | 
 | 

---
I dress like a pimp
I walk with a limp
I see the Browns for free in
My low-rider blimp.