From owner-freebsd-questions@freebsd.org  Mon Jul  1 06:43:08 2019
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1413615CA1D5
 for <freebsd-questions@mailman.ysv.freebsd.org>;
 Mon,  1 Jul 2019 06:43:08 +0000 (UTC)
 (envelope-from rodrigo.readi@googlemail.com)
Received: from mail-wr1-x431.google.com (mail-wr1-x431.google.com
 [IPv6:2a00:1450:4864:20::431])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (2048 bits) client-digest SHA256)
 (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4B40994F1E
 for <freebsd-questions@freebsd.org>; Mon,  1 Jul 2019 06:43:07 +0000 (UTC)
 (envelope-from rodrigo.readi@googlemail.com)
Received: by mail-wr1-x431.google.com with SMTP id p11so1189273wro.5
 for <freebsd-questions@freebsd.org>; Sun, 30 Jun 2019 23:43:07 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:date:from:to:cc:subject:in-reply-to:message-id
 :references:user-agent:mime-version;
 bh=bbgisWzrLP0naCiiWKMdMMer5AFE+NsY3jESdEVpX/w=;
 b=N6tIL4cSnauJIBXiv+UnK/rN08HJgKUhMc5jv4YbMdlStKRhStbkkJGCZmC3Fo5x1u
 f4vpNDf7Ia1zJ+PAqdDUXoP+UDtoC70njoISQfgnK4aomVBYbuAqDF9dCWkbkDj4t+Xd
 MpTfCJGELWjRPHqfCu347S2GJEPJ5F1eRWArWsLzfr5wiEvVobGO4RPQoCIP8nI2Bv9X
 AgBKgKVc6AQ5sm8Hn3MeM9nrIJ9mtW5Ri8HgoPf1ZAJCPOEVQAkggqGsJZKtp6OS+Zpp
 LWdMv3RrNQB64VxCkiGO8cgUNs6Px+1+EfZsQTt1qfhV2pn/SlQ6JZgbNGTgBCfgo+/j
 sLQg==
X-Gm-Message-State: APjAAAUeqQjX6y5szHtsPr7OaAA0RjMynhTIkvSWIpmfZA7DOi/3kZJD
 EVWVbqvFCbwLyLgpYsM=
X-Google-Smtp-Source: APXvYqyRzUXpnSUyEgtXaxN/iOVZYgBC9WSthFIDc8mj+rl+Dt8CSxnuqE6FRXWFrRs3p6jXAMxa9g==
X-Received: by 2002:a5d:554b:: with SMTP id g11mr15548832wrw.10.1561963385740; 
 Sun, 30 Jun 2019 23:43:05 -0700 (PDT)
Received: from [192.168.178.43] ([88.130.159.95])
 by smtp.googlemail.com with ESMTPSA id n125sm13646551wmf.6.2019.06.30.23.43.04
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Sun, 30 Jun 2019 23:43:05 -0700 (PDT)
Date: Mon, 1 Jul 2019 06:43:01 +0000 (UTC)
From: Rodrigo Readi <rodrigo.readi@googlemail.com>
To: freebsd-questions@freebsd.org
cc: Polytropon <freebsd@edvax.de>
Subject: Re: sendmail
In-Reply-To: <D25B22FD-2164-4281-AE21-9C5FD188AA38@gmail.com>
Message-ID: <alpine.BSF.2.21.9999.1907010639210.1006@fbsd.local>
References: <CAL2OhpoSxnK2Uy_OKxqnWyXuqg=tNBm6wy2r1+ukVWwPnPrj0g@mail.gmail.com>
 <20190630092535.7913d305.freebsd@edvax.de>
 <D25B22FD-2164-4281-AE21-9C5FD188AA38@gmail.com>
User-Agent: Alpine 2.21.9999 (BSF 287 2018-06-16)
MIME-Version: 1.0
X-Rspamd-Queue-Id: 4B40994F1E
X-Spamd-Bar: ----
X-Spamd-Result: default: False [-4.86 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[];
 TO_DN_SOME(0.00)[];
 R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36];
 FREEMAIL_FROM(0.00)[googlemail.com]; RCVD_COUNT_THREE(0.00)[3];
 DKIM_TRACE(0.00)[googlemail.com:+]; CTYPE_MIXED_BOGUS(1.00)[];
 RCPT_COUNT_TWO(0.00)[2];
 MX_GOOD(-0.01)[cached: alt3.gmail-smtp-in.l.google.com];
 DMARC_POLICY_ALLOW(-0.50)[gmail.com,none];
 FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[];
 MIME_TRACE(0.00)[0:+,1:+]; FREEMAIL_ENVFROM(0.00)[gmail.com];
 ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US];
 TAGGED_FROM(0.00)[]; ARC_NA(0.00)[];
 NEURAL_HAM_MEDIUM(-1.00)[-1.000,0];
 R_DKIM_ALLOW(-0.20)[googlemail.com:s=20161025];
 FROM_HAS_DN(0.00)[]; NEURAL_SPAM_SHORT(0.04)[0.042,0];
 NEURAL_HAM_LONG(-1.00)[-1.000,0];
 MIME_GOOD(-0.10)[multipart/mixed,text/plain];
 PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org];
 TO_MATCH_ENVRCPT_SOME(0.00)[];
 RCVD_IN_DNSWL_NONE(0.00)[1.3.4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.5.4.1.0.0.a.2.list.dnswl.org
 : 127.0.5.0]; 
 IP_SCORE(-2.90)[ip: (-9.49), ipnet: 2a00:1450::/32(-2.60), asn: 15169(-2.34),
 country: US(-0.06)]
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8BIT
X-Content-Filtered-By: Mailman/MimeDel 2.1.29
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Jul 2019 06:43:08 -0000


On Sun, 30 Jun 2019, Albaro Pereyra wrote:

> I just wanted to emphasize the importance of security in an MTA.
> That being said sendmail is archaic and there doesn’t seem to be
> any  milestones to improve it.

What is there insecure that is secure in other MTAs?

BTW: I have an installation relaying with authorization. With the m4
macros it was not very difficult to configure.

Rodrigo
From owner-freebsd-questions@freebsd.org  Mon Jul  1 07:14:55 2019
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6B24515D2BCE
 for <freebsd-questions@mailman.ysv.freebsd.org>;
 Mon,  1 Jul 2019 07:14:55 +0000 (UTC)
 (envelope-from peter@boosten.org)
Received: from smtpq2.mnd.mail.iss.as9143.net (smtpq2.mnd.mail.iss.as9143.net
 [212.54.34.165])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 98DAE97E62
 for <freebsd-questions@freebsd.org>; Mon,  1 Jul 2019 07:14:53 +0000 (UTC)
 (envelope-from peter@boosten.org)
Received: from [212.54.34.119] (helo=smtp11.mnd.mail.iss.as9143.net)
 by smtpq2.mnd.mail.iss.as9143.net with esmtps
 (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1)
 (envelope-from <peter@boosten.org>)
 id 1hhqWY-0005U3-JI; Mon, 01 Jul 2019 09:14:50 +0200
Received: from 84-25-247-31.cable.dynamic.v4.ziggo.nl ([84.25.247.31]
 helo=ra.boosten.org)
 by smtp11.mnd.mail.iss.as9143.net with esmtp (Exim 4.90_1)
 (envelope-from <peter@boosten.org>)
 id 1hhqWY-0000xB-F0; Mon, 01 Jul 2019 09:14:50 +0200
Received: from amon.boosten.org (Amon.boosten.org [192.168.13.105])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ra.boosten.org (Postfix) with ESMTPSA id 1F96D3432FCD;
 Mon,  1 Jul 2019 09:14:50 +0200 (CEST)
Content-Type: text/plain;
	charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Subject: Re: sendmail
From: Peter Boosten <peter@boosten.org>
In-Reply-To: <alpine.BSF.2.21.9999.1907010639210.1006@fbsd.local>
Date: Mon, 1 Jul 2019 09:14:49 +0200
Cc: freebsd-questions <freebsd-questions@freebsd.org>,
 Polytropon <freebsd@edvax.de>
Content-Transfer-Encoding: quoted-printable
Message-Id: <A3CEF82D-B71D-4B4F-87AD-E3408559DE26@boosten.org>
References: <CAL2OhpoSxnK2Uy_OKxqnWyXuqg=tNBm6wy2r1+ukVWwPnPrj0g@mail.gmail.com>
 <20190630092535.7913d305.freebsd@edvax.de>
 <D25B22FD-2164-4281-AE21-9C5FD188AA38@gmail.com>
 <alpine.BSF.2.21.9999.1907010639210.1006@fbsd.local>
To: Rodrigo Readi <rodrigo.readi@googlemail.com>
X-Mailer: Apple Mail (2.3445.104.11)
X-SourceIP: 84.25.247.31
X-Ziggo-spambar: /
X-Ziggo-spamscore: 0.0
X-Ziggo-spamreport: CMAE Analysis: v=2.3 cv=bcYVr9HB c=1 sm=1 tr=0
 a=JWBJsaPp29SgP5DpYRBqZw==:17 a=jpOVt7BSZ2e4Z31A5e1TngXxSK0=:19
 a=IkcTkHD0fZMA:10 a=0o9FgrsRnhwA:10 a=6I5d2MoRAAAA:8 a=skXIRnOuzT9K6CweumwA:9
 a=QEXdDO2ut3YA:10 a=IjZwj45LgO3ly-622nXo:22
X-Ziggo-Spam-Status: No
X-Spam-Status: No
X-Spam-Flag: No
X-Rspamd-Queue-Id: 98DAE97E62
X-Spamd-Bar: ---
X-Spamd-Result: default: False [-3.57 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[];
 R_SPF_ALLOW(-0.20)[+ip4:212.54.32.0/19]; MV_CASE(0.50)[];
 RCVD_COUNT_THREE(0.00)[4]; TO_DN_ALL(0.00)[];
 MX_GOOD(-0.01)[cached: boosten.dyndns.org];
 DKIM_TRACE(0.00)[boosten.org:+];
 DMARC_POLICY_ALLOW(-0.50)[boosten.org,quarantine];
 FREEMAIL_TO(0.00)[googlemail.com];
 RECEIVED_SPAMHAUS_PBL(0.00)[31.247.25.84.zen.spamhaus.org : 127.0.0.11];
 RCVD_TLS_LAST(0.00)[];
 IP_SCORE(-1.22)[ipnet: 212.54.32.0/20(-3.99), asn: 33915(-2.14), country:
 NL(0.01)]; 
 RCVD_IN_DNSWL_LOW(-0.10)[165.34.54.212.list.dnswl.org : 127.0.5.1];
 ASN(0.00)[asn:33915, ipnet:212.54.32.0/20, country:NL];
 MID_RHS_MATCH_FROM(0.00)[]; FROM_EQ_ENVFROM(0.00)[];
 ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0];
 R_DKIM_ALLOW(-0.20)[boosten.org:s=ra]; FROM_HAS_DN(0.00)[];
 RCPT_COUNT_THREE(0.00)[3]; NEURAL_SPAM_SHORT(0.27)[0.268,0];
 NEURAL_HAM_LONG(-1.00)[-1.000,0]; TAGGED_RCPT(0.00)[];
 MIME_GOOD(-0.10)[text/plain]; TO_MATCH_ENVRCPT_SOME(0.00)[];
 MIME_TRACE(0.00)[0:+]
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Jul 2019 07:14:55 -0000



> Op 1 jul. 2019, om 08:43 heeft Rodrigo Readi via freebsd-questions =
<freebsd-questions@freebsd.org> het volgende geschreven:
>=20
>=20
> On Sun, 30 Jun 2019, Albaro Pereyra wrote:
>=20
>> I just wanted to emphasize the importance of security in an MTA.
>> That being said sendmail is archaic and there doesn=E2=80=99t seem to =
be
>> any  milestones to improve it.
>=20
> What is there insecure that is secure in other MTAs?
>=20

The thing people keep hammering about is based on some vulnerabilities =
>10 years ago, _and_ that sendmail is based on a single executable, =
while other MTAs spread the tasks over several.

Peter

Btw. I use postfix myself, just because of ease of configuration.