From owner-freebsd-questions Tue Jun 12 18:13:27 2001 Delivered-To: freebsd-questions@freebsd.org Received: from snipe.mail.pas.earthlink.net (snipe.mail.pas.earthlink.net [207.217.120.62]) by hub.freebsd.org (Postfix) with ESMTP id 0362A37B401 for ; Tue, 12 Jun 2001 18:13:25 -0700 (PDT) (envelope-from ipthomas_77@yahoo.com) Received: from scraemondaemon.my.domain (1Cust27.tnt15.buffalo.ny.da.uu.net [63.57.105.27]) by snipe.mail.pas.earthlink.net (EL-8_9_3_3/8.9.3) with ESMTP id SAA14994; Tue, 12 Jun 2001 18:13:15 -0700 (PDT) Received: (from ipt@localhost) by scraemondaemon.my.domain (8.9.3/8.9.3) id VAA02765; Tue, 12 Jun 2001 21:11:58 -0400 (EDT) (envelope-from ipt) From: "Ian P. Thomas" Message-Id: <200106130111.VAA02765@scraemondaemon.my.domain> Subject: Re: Yanking Sendmail need something easier to understand To: scanner@jurai.net Date: Tue, 12 Jun 2001 21:11:57 -0400 (EDT) Cc: freebsd-questions@freebsd.org In-Reply-To: from "scanner@jurai.net" at Jun 12, 2001 08:06:30 PM X-Mailer: ELM [version 2.5 PL5] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Where did I say Postfix was insecure by design? It is a good replacement for Sendmail due to the fact that unlike Sendmail, it does not use any setuid programs. Its design is actually rather secure. Configured properly, I beleive Sendmail can also be quite secure. I get most of my information from online sources and the O Reilly books. In fact one in particular, Building Internet Firewalls, has many good points to make about all MTA's. It makes a point of recommending Postfix if you choose not to run Sendmail. Ian In the last episode, scanner@jurai.net stated... > > On Tue, 12 Jun 2001, Ian P. Thomas wrote: > > > I've never used postfix, but from what I've heard, it was built as > > a replacement for Sendmail due to Sendmail's numerous security problems. > > YMMV. I run Sendmail with the smrsh option, this allows Sendmail to use a > > shell other than sh for its activities. The smrsh was developed as a > > secure replacement for sh. You can even specify which user commands smrsh > > will execute by putting them in /usr/adm/sm.bin/. Performance wise, I can > > only speak from my own experience and say that Sendmail has always worked > > for me, but I only get around 200-300 email through my machine daily. > > Hahah. Where did you hear this? > > Postfix has as one main goal to be a drop in replacement for sendmail as > in compatability thats all. It's more secure then qmail and sendmail. And > performs 300% faster then qmail. Where ever you heard Postfix is insecure > by design, I would find a new place of information. > > ============================================================================= > -Chris Watson (316) 326-3862 | Sr. Unix Administrator > Work: chris.watson@twa.com | Trans World Airlines, Kansas City, MO > Home: scanner@jurai.net | http://www.twa.com > ============================================================================= > WINDOWS: "Where do you want to go today?" > LINUX: "Where do you want to go tomorrow?" > BSD: "Are you guys coming or what?" > ============================================================================= > irc.openprojects.net #FreeBSD -Join the revolution! > ICQ: 20016186 > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message