Date: Thu, 7 Dec 2017 14:07:54 -0800 From: Xin LI <delphij@gmail.com> To: Warner Losh <imp@bsdimp.com> Cc: "Rodney W. Grimes" <freebsd-rwg@pdx.rh.cn85.dnsmgr.net>, "freebsd-arch@freebsd.org" <arch@freebsd.org>, Baptiste Daroussin <bapt@freebsd.org>, gshapiro@freebsd.org Subject: Re: RFC: Sendmail deprecation ? Message-ID: <CAGMYy3syibGB=NoA41YwwdQR6p=MVrTBY32sckworFR2s4Cn-w@mail.gmail.com> In-Reply-To: <CANCZdfru0LiT1KbbobCifzF_SjOQ%2B_1HPZ6Q06m_yhsqZDqh1g@mail.gmail.com> References: <20171206223341.iz3vj4zz2igqczy7@ivaldir.net> <201712071605.vB7G58ek062860@pdx.rh.CN85.dnsmgr.net> <CANCZdfru0LiT1KbbobCifzF_SjOQ%2B_1HPZ6Q06m_yhsqZDqh1g@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Just picking a random message from the thread. On Thu, Dec 7, 2017 at 8:49 AM, Warner Losh <imp@bsdimp.com> wrote: > It's bad that sendmail is such a security nightmare too. We should likely I don't think there is fact that backs this claim (I don't personally have strong opinion on Sendmail removal though). Sendmail might well be a nightmare a decade ago but not anymore. The last security advisory for sendmail was in 2014 for a CVSS 1.9 issue, and before that the last major issue was in 2010. Also count me in the "no dma" campaign too: it worked poorly for the cluster during our dogfood and there were multiple RFC violations the last time we tried it. I might be wrong, but I think it also does not support SSL/TLS properly (e.g. no validation of server certificate, etc.), by the way, and I don't think it have implemented proper queue either. Cheers,
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAGMYy3syibGB=NoA41YwwdQR6p=MVrTBY32sckworFR2s4Cn-w>