From owner-freebsd-ports@freebsd.org Mon Dec 11 19:45:09 2017 Return-Path: Delivered-To: freebsd-ports@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5A68BE9C2FC for ; Mon, 11 Dec 2017 19:45:09 +0000 (UTC) (envelope-from lists@opsec.eu) Received: from home.opsec.eu (home.opsec.eu [IPv6:2001:14f8:200::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 13AF87597F for ; Mon, 11 Dec 2017 19:45:09 +0000 (UTC) (envelope-from lists@opsec.eu) Received: from pi by home.opsec.eu with local (Exim 4.89 (FreeBSD)) (envelope-from ) id 1eOU0l-0000iB-SP; Mon, 11 Dec 2017 20:45:11 +0100 Date: Mon, 11 Dec 2017 20:45:11 +0100 From: Kurt Jaeger To: Chris H Cc: freebsd-ports@freebsd.org Subject: Re: Procmail Vulnerabilities check Message-ID: <20171211194511.GD2827@home.opsec.eu> References: <32da0142ef01d545aff61de3a3946d62@udns.ultimatedns.net> <00d53b391814cf11575da1e873839ae7@udns.ultimatedns.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <00d53b391814cf11575da1e873839ae7@udns.ultimatedns.net> X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Dec 2017 19:45:09 -0000 Hi! > Let me attempt to make my point another way (and stay closer to topic). > A user is able to accomplish more from sendmail in base, than with any > other MX port in base alone. [list of sendmail features shortend for brevity] > Many of the other MX software in the ports tree provide a subset of > the shortlist I mentioned above. But none of them offer them all. So if sendmail is a pkg/port, it would still have those features ? Is a pkg install sendmail such a huge step ? And btw, even if sendmail has all those features, I can tell you that even when I first attend my first sendmail workshop, approx. 27 years ago, I still would not know how to implement them with sendmail. > I were an MX administrator. Would I not want all the options/help > I could get to defend myself against attack? I still don't get the difference if sendmail would be a port/pkg. Oh, btw, if sendmail can do all this, wouldn't it be useful to have a suitable config that does all this right out of the box ? Because, honestly, I would not know how to enable all those features... > True. But if I'm selling a Server targeted OS. Don't I want to > advocate server grade services? But the distribution channel of the software for that service (base or port) does not sound as the relevant factor for the end-user, or does it ? -- pi@opsec.eu +49 171 3101372 3 years to go !