Date: Thu, 1 Feb 2001 01:15:22 -0500 From: "Richard Ward" <mh@neonsky.net> To: "Christopher Farley" <chris@northernbrewer.com>, "Fenix" <fenix@xs4some.net> Cc: <freebsd-security@FreeBSD.ORG>, <freebsd-questions@FreeBSD.ORG> Subject: Re: sendmail vs. postfix question Message-ID: <001701c08c16$5e989140$0101a8c0@pavilion> References: <01020104192002.01203@xs4some.net> <20010131235613.A7019@northernbrewer.com>
next in thread | previous in thread | raw e-mail | index | archive | help
That's very true. One of the features that stand out in the "Sendmail = verses Postfix" war is that Postfix doesn't "need" root. With some = modification, neither does Sendmail. Though many won't take the time to = do this, it's one of the reasons Sendmail is deemed one of the most = insecure "common" daemons. I prefer Sendmail over Postfix simply because = I was brought up on to the Internet running Sendmail, it feels more like = home. I do however have Postfix running on my local machine, and with = keeping up-to-date on mailing lists such as this, none are a huge threat = to my network. I would have to agree, doing anything in Sendmail takes some reading, = though for the basic e-mail setup, there's little need to bring out = O'Reilly. Both Sendmail and Postfix have a home on my network, I suppose = it's just how much time you want to put in to it that depicts which MTA = you will be running on your next computer. Just my two cents. -- Richard Ward, CEO richard@neonsky.net Neonsky Internet Services 877 249 6707 - US/Canada ----- Original Message -----=20 From: Christopher Farley <chris@northernbrewer.com> To: Fenix <fenix@xs4some.net> Cc: <freebsd-security@FreeBSD.ORG>; <freebsd-questions@FreeBSD.ORG> Sent: Thursday, February 01, 2001 12:56 AM Subject: Re: sendmail vs. postfix question > Fenix (fenix@xs4some.net) wrote: >=20 > > I have a little question about sendmail vs. postfix .... > > Are there any known recent problms with sendmail security ? > > what about postfix ? >=20 > Sendmail is a large, monolithic, complicated program that runs as > root. Historically, it has been responsible for some of the most > notorious and widespread security holes on the Internet, but I > don't believe there are any (known) gaping holes in it today. > Sendmail configuration is complicated and arcane -- it is the > subject of one of the thickest books in the O'Reilly catalog. > Actually, configuring sendmail is not that bad once you understand > it -- you edit a human-readable config file which is processed by > the m4 macro processor to build the much less human-readable > sendmail.cf file. However, if you are like I am, and infrequently > make configuration changes to your mail server, it may take more than = a > few minutes of grepping documentation to make even a tiny change. >=20 > Postfix has a different architecture, but strictly conforms to the > 'sendmail api'. That is to say that Postfix is more or less designed > to be a drop-in replacement for Sendmail. Postfix is actually > several small, specialized daemons that do not run as root (!), > which has some positive security implications. Configuration of > Postfix is very easy; there is no m4 macro processing here! I have > always been able to make it do what I need it to do, although my > needs aren't very great. According to my ISP (visi.com), Postfix > outperforms Sendmail.=20 >=20 > --=20 > Christopher Farley > www.northernbrewer.com >=20 >=20 > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?001701c08c16$5e989140$0101a8c0>