Date: Thu, 16 Nov 2000 21:59:36 -0500 (EST) From: Tim McMillen <timcm@umich.edu> To: gdunn@mac.com Cc: =?iso-8859-1?Q?Boris_K=F6ster?= <koester@x-itec.de>, "Hiu F. Ho" <hiuho@yahoo.com>, freebsd-questions@FreeBSD.ORG Subject: Re: Help: Is Sendmail secure? Message-ID: <Pine.SOL.4.10.10011162134580.26082-100000@qix.gpcc.itd.umich.edu> In-Reply-To: <00111614455500.02423@shf102107.hi.pac.army.mil>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 16 Nov 2000, Gary Dunn wrote:
> On Thu, 16 Nov 2000, Boris Köster wrote:
> > At 12:54 15.11.2000 -0800, Hiu F. Ho wrote:
> > >Hi all,
> > >I need to set up a mail server on FreeBSD 4.x. Sendmail is installed
> > >automatically when I install FreeBSD 4.x, but I've heard quite a few people
> > >saying Sendmail is not secure and suggest me to use qmail.
> >
> > Most people saying sendmal is insecure are not very known with sendmail.
> > They do not know how (anti)relay is working and the do not know how
> > anything about configuring sendmail. The most of these people never
> > configured a sendmail.conf file and they not understand how it works.
> >
> > My favourite mailer is sendmail. If you know how to configure it, you will
> > have a really great mailer. You have to learn how to configure it, and this
> > will take some weeks and you have to read a lot of sources and examples. If
> > you have understand some things, you will wondering about the power of
> > sendmail.
> >
> > If you are a newbie, maybe sendmail could be a problem for you. If you have
> > enough energy to learn, sendmail is the best for you.
>
> Is there a tool for configuring sendmail.conf (and whatever else is involved)
> that would guide a newbie towards having a secure installation, or a lint-like
> checker that will warn of vulnerabilities? I want to see FreeBSD (and Linux)
> become as popular and widespread as Windows. Whenever I see a phrase like "If
> you are a newbie, maybe xxx could be a problem for you" I cringe. Sure
> it's fun being proficient at something as thorny as UNIX, but if we defend it
> on those terms we will not win wide aceptance.
int rant()
{
As much as I would like to see anything other than Windows become popular
and widespread for the masses (just think how much more productive the
world would be if the computers everybody used didn't crash several times
a day like MS products), maybe UNIX should not be run as a desktop OS by
the masses. Your average Joe down the street that only knows how to turn
the computer on and does not care about how it works has neither the
ability nor cares to understand the security implications of running a
unix box. When Redhat has its 80th root exploit of the year does Joe know
how to or care to patch it?
Unix isn't easy--it wasn't designed to be. It was designed by
people that knew how to write compilers in 5 different types of
programming languages. So I'm the opposite: I tend to cringe when people
talk about unix being easy to use. It was desinged to be powerful and
efficient, not easy. Maybe in 5 years enough shell will be built around
the unix core that it will protect the user from themselves. Maybe
MacOSx has already done that.
I mean come on I love FreeBSD becuase I can see the source code to
everything and I can run traces to see EVERYTHING that's going on in my
computer and it hasn't crashed yet in 2 months while my roomate's
computers crash several times a day...
But lets be honest. We recompile our kernels to include sound
support, patch source code to get programs installed, and the entire
thing can be destroyed with a mistyped rm -r / hello. The base system
has enough functionality to run the entire internet. Any time you have
that much functionality it will never be easy
So while the FreeBSD team (and the Linux camp) has done a
tremendous job building an OS, I think it may simply be too powerful to
let it out to the masses.
}
I included it as a codeblock to indicate it should be taken with a
grain of salt, of course.
Tim
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SOL.4.10.10011162134580.26082-100000>