From owner-freebsd-security  Thu Feb  1  8:48:29 2001
Delivered-To: freebsd-security@freebsd.org
Received: from topsecret.net (unknown [216.19.133.97])
	by hub.freebsd.org (Postfix) with SMTP id 256BB37B67D
	for <freebsd-security@FreeBSD.ORG>; Thu,  1 Feb 2001 08:48:05 -0800 (PST)
Received: from pacific.net128.101.101.10.in-addr.arpa by topsecret.net with SMTP (MDaemon.v2.7.SP5.R) for <freebsd-security@FreeBSD.ORG>; Thu, 01 Feb 2001 11:46:29 -0500
Date: Thu, 1 Feb 2001 11:46:43 -0500 (EST)
From: "[gill]" <gill@topsecret.net>
X-Sender: gill@pacific.int.topsecret.net
To: Dragos Ruiu <dr@kyx.net>
Cc: Christopher Farley <chris@northernbrewer.com>,
	Fenix <fenix@xs4some.net>, freebsd-security@FreeBSD.ORG,
	freebsd-questions@FreeBSD.ORG
Subject: Re: sendmail vs. postfix question
In-Reply-To: <01020103331409.27656@smp.kyx.net>
Message-ID: <Pine.BSF.4.21.0102011142170.32894-100000@pacific.int.topsecret.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-MDaemon-Deliver-To: freebsd-security@FreeBSD.ORG
X-Return-Path: gill@topsecret.net
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


There was an interview with W Venema this week on
http://securityportal.com/closet/closet20010131.html

very interesting stuff.

--gill

-- 
This is my ~/.signature file.
It is the digital equivalent of a bumpersticker.

Remember?  When you said:

->On Wed, 31 Jan 2001, Christopher Farley wrote:
->> Fenix (fenix@xs4some.net) wrote:
->> 
->> > I have a little question about sendmail vs. postfix ....
->> > Are there any known recent problms with sendmail security ?
->> > what about postfix ?
->> 

[snip snip snip]

->As far as security, given how much I rely on it, I recently(last year) decided
->to re-audit its code, and after a couple of days spent looking for format
->strings and other stuff I decided to discontinue the audit... Mr. Venema's code
->is so rigorous that it even passes _internal_ data between routines through
->filtering and cleaning functions (how paranoid is that :-) if that's any
->indication of how it's built up.
->
->I personally think very highly of it.  (Besides, I really would be fine
->if I never have to look at another arcane sendmail ruleset ever 
->again... :-P )




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message