From owner-freebsd-security Sun Feb 11 4:42:24 2001 Delivered-To: freebsd-security@freebsd.org Received: from peitho.fxp.org (peitho.fxp.org [209.26.95.40]) by hub.freebsd.org (Postfix) with ESMTP id C037137B401 for ; Sun, 11 Feb 2001 04:41:59 -0800 (PST) Received: from jive.44bsd.net (oca-pm3-5-32.hitter.net [207.192.77.32]) by peitho.fxp.org (Postfix) with ESMTP id 08F8C1360C; Sun, 11 Feb 2001 07:41:58 -0500 (EST) Received: by jive.44bsd.net (Postfix, from userid 1000) id C6C90E1; Sun, 11 Feb 2001 07:42:01 -0500 (EST) Date: Sun, 11 Feb 2001 07:42:01 -0500 From: Chris Faulhaber To: Dominic Marks Cc: freebsd-security@freebsd.org Subject: Re: Secure Servers (SMTP, POP3, FTP) Message-ID: <20010211074201.B1396@jive.44bsd.net> Mail-Followup-To: Chris Faulhaber , Dominic Marks , freebsd-security@freebsd.org References: Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="24zk1gE8NUlDmwG9" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from dominic_marks@hotmail.com on Sun, Feb 11, 2001 at 11:39:01AM -0000 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org --24zk1gE8NUlDmwG9 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Feb 11, 2001 at 11:39:01AM -0000, Dominic Marks wrote: > Hello, >=20 > I'd really appreciate some opinions on the performance of some daemons. I= 'm=20 > trying to assess which is the best choice to offer both security and=20 > performance under FreeBSD 4.2. Apache seems like a pretty defacto choice = for=20 > HTTP which I'm very happy with but I'm a little less sure what choose on= =20 > others, in particular for ftp and mail servers. >=20 Well, the following seems a bit backwards: > FTP Options: > 1. proFTPd - Seems secure and has "enterprise" features Not sure... > 2. wu-Ftpd - Good security (bad History) excellent performance I doubt that it is now in the 'good security' category with numerous remote root holes per year (and I am sure more to come). > 3. ftpd - Dodgy security? Doesn't seem to be used very much Not sure where you get 'dodgy security' from. Our ftpd hasn't been vulnerable in quite a while (including not being vulnerable to the hole OpenBSD's ftpd was last year). The big question is: what features do you need? If the base ftpd has the features you require, why install something else with a poor history? >=20 > Mail Options: > 1. Qmail - Secure, written for FreeBSD (Qwest?), Fast, Configurable But the code is unauditable and the license stinks. > 2. Sendmail - Industry standard, works fine, big user base > 3. Postfix - Secure, quite light on system resources, growing support Along with easy to configure > I'd appreciate some feedback on any of these, any comments you might have= =20 > would be very helpful, or perhaps links to articles on this subject. >=20 --=20 Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org -------------------------------------------------------- FreeBSD: The Power To Serve - http://www.FreeBSD.org --24zk1gE8NUlDmwG9 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: FreeBSD: The Power To Serve iEYEARECAAYFAjqGiJkACgkQObaG4P6BelCF8QCgmeoybdMOvnlXgUZZ8vqzVTzg 910AoIIc9BhvuxhrR/VoYeCn0wHCi8KX =e2e4 -----END PGP SIGNATURE----- --24zk1gE8NUlDmwG9-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message