From owner-freebsd-security  Sat Jan 12  1:37:38 2002
Delivered-To: freebsd-security@freebsd.org
Received: from drkshdw.org (user4.net011.fl.sprint-hsd.net [207.30.203.4])
	by hub.freebsd.org (Postfix) with SMTP id BB92C37B405
	for <freebsd-security@freebsd.org>; Sat, 12 Jan 2002 01:37:35 -0800 (PST)
Received: (qmail 22085 invoked from network); 12 Jan 2002 09:37:34 -0000
Received: from unknown (HELO jeff) (192.168.134.2)
  by 0 with SMTP; 12 Jan 2002 09:37:34 -0000
Message-ID: <005001c19b4d$1b128470$0286a8c0@jeff>
From: "Jeff Palmer" <scorpio@drkshdw.org>
To: "Joe Unlearn" <unlearn@ne.mediaone.net>,
	"Nicolas Rachinsky" <list@rachinsky.de>
Cc: <freebsd-security@freebsd.org>
References: <20020112005425.GA69702@pc5.abc> <3C3F9B83.7080700@ne.mediaone.net>
Subject: Re: smtpproxy
Date: Sat, 12 Jan 2002 04:40:01 -0500
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

> Nicolas Rachinsky wrote:
>
> I myself am a fan of postfix, Wietse loves security and security loves
> Wiestse :)  Your mileage may very though.
> /usr/ports/mail/postfix.  It's not very simplistic in design, it's quite
> robust actually, however you can be fairly certain no bugs will pop up
> in it.
>
> --J

To EVER say "fairly certain no bugs will pop up" is an extremely lax, and
insecure statement.  You may give someone that they can install postfix
today,  and never update it again.

All software developers know that any program of any size has bugs.
Security or non security related, there are bugs.   As spammers find new
ways to send mail through remoste servers,  and crackers find new ways to
overflow and otherwise exploit server..  The general 'idea' of security
changes.

What servers are 'bugfree' and 'secure' today,  may NOT be safe and secure
with tommorows attackers.



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message