From owner-freebsd-questions@FreeBSD.ORG Wed Feb 2 04:37:16 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 27E111065679 for ; Wed, 2 Feb 2011 04:37:16 +0000 (UTC) (envelope-from 839273@gmail.com) Received: from mail-gx0-f182.google.com (mail-gx0-f182.google.com [209.85.161.182]) by mx1.freebsd.org (Postfix) with ESMTP id D38E68FC25 for ; Wed, 2 Feb 2011 04:37:15 +0000 (UTC) Received: by gxk8 with SMTP id 8so3002516gxk.13 for ; Tue, 01 Feb 2011 20:37:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:reply-to:in-reply-to :references:date:x-google-sender-auth:message-id:subject:from:to:cc :content-type:content-transfer-encoding; bh=pMCVbb6buasac/hQgQ3MVlhYkvwcPWAttZiozUpwPcM=; b=n1uEtqBI/uxoylW8YslXAZNJVIX4b2evaMInz7lYy+ozG+ANvLukSIV+6IfeWxCPaQ QjbMvrJ0ZbC0qBUXgoXPbamyinhhKLmnKVEka7UOI8lSI2dZHIpKQ6dmnBwJzgT7ddEI bTh3RRyG6/AAVqxrAn7DOdBbrL+bwVCKAvsWg= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:reply-to:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; b=R9itc5de6WRwF9W/PjK12CxS+TU8de3zMypsLH1ESmrEYSyMoO+YNvbCeQXXurAMM+ Kpv7yGO1z+15JCd9Rt6GRz5zD/mUpF3YTzOItqIA3ZnAD3XKrJZ4qX5Ac4xr9NeWMV7c dwmC+vUDM3lWO0m08ghRZgQEQIWjb/O9+/bjc= MIME-Version: 1.0 Received: by 10.150.12.13 with SMTP id 13mr10628911ybl.59.1296621435023; Tue, 01 Feb 2011 20:37:15 -0800 (PST) Sender: 839273@gmail.com Received: by 10.151.110.10 with HTTP; Tue, 1 Feb 2011 20:37:14 -0800 (PST) In-Reply-To: References: <4D48197A.8000108@gmail.com> Date: Wed, 2 Feb 2011 00:07:14 -0430 X-Google-Sender-Auth: i4Yx56XoPv3sKTlXuymVTp_MwII Message-ID: From: Andres Perera To: Jarrod Slick Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Cc: freebsd-questions@freebsd.org Subject: Re: qmail or postfix? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: 839273@gmail.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Feb 2011 04:37:16 -0000 On Tue, Feb 1, 2011 at 11:26 PM, Jarrod Slick wr= ote: > Calling qmail more secure is pretty much just echoing conjecture at this > point. =C2=A0Sure, it was designed to be secure (years and years ago) and= the > original author even held a contest with a monetary reward for anyone who > could find a vulnerability -- that said, AFAIK that person no longer > maintains the project. =C2=A0It requires lots of third party patches to b= e as > functional as postfix, so to what extent these patches counteract the > original coder's (apparent) secure coding practices is open to debate. that would be besides the point. having the ability to patch up freebsd doe= sn't grant me the authority of claiming that my work is the official version, or atleast doesn't guarantee that i'll have an audience for my claim > If you know of any specific problems with postfix that would substantiate > your claim I encourage you to inform the project's maintainers. =C2=A0Fro= m > personal experience I can say that I've run a postfix config for years > without problems. =C2=A0Also, in most networks I don't think the MTA is a= very > prominent attack vector; people are probably much more likely to get in > through that old wordpress installation you've been meaning to upgrade fo= r 6 > months (for instance). you seem to be confused by what i posted i don't have an explicit example (e.g., buffer overflow) to show that qmail= is more secure. it has to do with the design principles of each and how the sy= stem is layed out. while it's true that postfix is partitioned, qmail goes a lit= tle further than that by taking a big dump on libc that's not to say that postfix is inherently insecure