Date: Thu, 1 Feb 2001 01:15:22 -0500 From: "Richard Ward" <mh@neonsky.net> To: "Christopher Farley" <chris@northernbrewer.com>, "Fenix" <fenix@xs4some.net> Cc: <freebsd-security@FreeBSD.ORG>, <freebsd-questions@FreeBSD.ORG> Subject: Re: sendmail vs. postfix question Message-ID: <001701c08c16$5e989140$0101a8c0@pavilion> References: <01020104192002.01203@xs4some.net> <20010131235613.A7019@northernbrewer.com>
index | next in thread | previous in thread | raw e-mail
That's very true. One of the features that stand out in the "Sendmail verses Postfix" war is that Postfix doesn't "need" root. With some modification, neither does Sendmail. Though many won't take the time to do this, it's one of the reasons Sendmail is deemed one of the most insecure "common" daemons. I prefer Sendmail over Postfix simply because I was brought up on to the Internet running Sendmail, it feels more like home. I do however have Postfix running on my local machine, and with keeping up-to-date on mailing lists such as this, none are a huge threat to my network. I would have to agree, doing anything in Sendmail takes some reading, though for the basic e-mail setup, there's little need to bring out O'Reilly. Both Sendmail and Postfix have a home on my network, I suppose it's just how much time you want to put in to it that depicts which MTA you will be running on your next computer. Just my two cents. -- Richard Ward, CEO richard@neonsky.net Neonsky Internet Services 877 249 6707 - US/Canada ----- Original Message ----- From: Christopher Farley <chris@northernbrewer.com> To: Fenix <fenix@xs4some.net> Cc: <freebsd-security@FreeBSD.ORG>; <freebsd-questions@FreeBSD.ORG> Sent: Thursday, February 01, 2001 12:56 AM Subject: Re: sendmail vs. postfix question > Fenix (fenix@xs4some.net) wrote: > > > I have a little question about sendmail vs. postfix .... > > Are there any known recent problms with sendmail security ? > > what about postfix ? > > Sendmail is a large, monolithic, complicated program that runs as > root. Historically, it has been responsible for some of the most > notorious and widespread security holes on the Internet, but I > don't believe there are any (known) gaping holes in it today. > Sendmail configuration is complicated and arcane -- it is the > subject of one of the thickest books in the O'Reilly catalog. > Actually, configuring sendmail is not that bad once you understand > it -- you edit a human-readable config file which is processed by > the m4 macro processor to build the much less human-readable > sendmail.cf file. However, if you are like I am, and infrequently > make configuration changes to your mail server, it may take more than a > few minutes of grepping documentation to make even a tiny change. > > Postfix has a different architecture, but strictly conforms to the > 'sendmail api'. That is to say that Postfix is more or less designed > to be a drop-in replacement for Sendmail. Postfix is actually > several small, specialized daemons that do not run as root (!), > which has some positive security implications. Configuration of > Postfix is very easy; there is no m4 macro processing here! I have > always been able to make it do what I need it to do, although my > needs aren't very great. According to my ISP (visi.com), Postfix > outperforms Sendmail. > > -- > Christopher Farley > www.northernbrewer.com > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the messagehelp
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?001701c08c16$5e989140$0101a8c0>