From owner-freebsd-security Mon Feb 12 13:55:24 2001 Delivered-To: freebsd-security@freebsd.org Received: from mail.epylon.com (sf-gw.epylon.com [63.93.9.98]) by hub.freebsd.org (Postfix) with ESMTP id 6B0EA37B491 for ; Mon, 12 Feb 2001 13:55:13 -0800 (PST) Received: by goofy.epylon.lan with Internet Mail Service (5.5.2653.19) id <1ZVC98L7>; Mon, 12 Feb 2001 13:55:10 -0800 Message-ID: <657B20E93E93D4118F9700D0B73CE3EA0166D622@goofy.epylon.lan> From: Jason DiCioccio To: 'Alex Charalabidis' , Dominic Marks Cc: freebsd-security@freebsd.org Subject: RE: Secure Servers (SMTP, POP3, FTP) Date: Mon, 12 Feb 2001 13:55:09 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: multipart/mixed; boundary="----_=_NextPart_000_01C0953E.77B4EA30" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_000_01C0953E.77B4EA30 Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C0953E.77B4EA30" ------_=_NextPart_001_01C0953E.77B4EA30 Content-Type: text/plain; charset="iso-8859-1" -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I actually use Cyrus for IMAP/POP3, but that's just because I wanted IMAP.. Cyrus is very featureful, I'm sure it doesn't have the best security record.. Can't be any worse than qpopper though ;). I also use cucipop on servers that I don't need all the features of cyrus on. Oh and also, I do like qmail, it's fast and secure, I haven't had any reliability issues with it (I run it from daemontools). Just my .02 Cheers, - -JD- - ------- Jason DiCioccio Evil Genius Unix BOFH mailto:jasond@epylon.com 415-593-2761 Direct & Fax 415-593-2900 Main Epylon Corporation 645 Harrison Street, Suite 200 San Francisco, CA 94107 www.epylon.com BSD is for people who love Unix - Linux is for people who hate Microsoft - -----Original Message----- From: Alex Charalabidis [mailto:alex@wnm.net] Sent: Monday, February 12, 2001 1:51 PM To: Dominic Marks Cc: freebsd-security@freebsd.org Subject: Re: Secure Servers (SMTP, POP3, FTP) On Sun, 11 Feb 2001, Dominic Marks wrote: > Hello, > > I'd really appreciate some opinions on the performance of some > daemons. I'm trying to assess which is the best choice to offer > both security and performance under FreeBSD 4.2. Apache seems like > a pretty defacto choice for HTTP which I'm very happy with but I'm > a little less sure what choose on others, in particular for ftp and > mail servers. > > FTP Options: > 1. proFTPd - Seems secure and has "enterprise" features Highly configurable. Poor security record. I use it anyway since nothing comes close to it for for features. Reasonable performance, somewhat more expensive. > 2. wu-Ftpd - Good security (bad History) excellent performance Good performance. Miserable security record. I no longer consider it an option. > 3. ftpd - Dodgy security? Doesn't seem to be used very much > Very un-dodgy security, rock solid, takes load very well. If security is your primary concern, use this one. > Mail Options: > 1. Qmail - Secure, written for FreeBSD (Qwest?), Fast, Configurable *spit* *curse*. I know this is not a helpful comment but it adequately expresses my opinion of qmail. An unreliable royal PITA. I don't know what people see in it. > 2. Sendmail - Industry standard, works fine, big user base Slow and the configuration is still written in pidgin emacs. But, as you say, an industry standard. Reliable and well-documented. > 3. Postfix - Secure, quite light on system resources, growing > support > This is the smtpd of the future. Combines qmail speed and security with sendmail reliability and familiar layout. You don't mention your POP3 options. If you plan on running a common mailbox setup, cucipop is your choice for maximum speed and efficiency. If you need something more elaborate, I hate to say so but you might have to use qpopper. hth - -ac - -- ============================================================== Alex Charalabidis (AC8139) 5050 Poplar Ave, Ste 170 System Administrator Memphis, TN 38157 WebNet Memphis (901) 432 6000 Author, The Book of IRC http://www.bookofirc.com/ ============================================================== To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use iQA/AwUBOohcJFCmU62pemyaEQJuGgCfcpPGXZEWNc3gNWZBK0I8c7qAjyYAoPBC WgW8POkn9mogbGF1YOexzPHk =L2kX -----END PGP SIGNATURE----- ------_=_NextPart_001_01C0953E.77B4EA30 Content-Type: text/html; charset="iso-8859-1" RE: Secure Servers (SMTP, POP3, FTP)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I actually use Cyrus for IMAP/POP3, but that's just because I wanted
IMAP.. Cyrus is very featureful, I'm sure it doesn't have the best
security record.. Can't be any worse than qpopper though ;). I also
use cucipop on servers that I don't need all the features of cyrus
on.  Oh and also, I do like qmail, it's fast and secure, I haven't
had any reliability issues with it (I run it from daemontools).

Just my .02

Cheers,
- -JD-



- -------
Jason DiCioccio
Evil Genius
Unix BOFH

mailto:jasond@epylon.com

415-593-2761          Direct & Fax
415-593-2900          Main

Epylon Corporation
645 Harrison Street, Suite 200
San Francisco, CA 94107
www.epylon.com

BSD is for people who love Unix -
Linux is for people who hate Microsoft


- -----Original Message-----
From: Alex Charalabidis [mailto:alex@wnm.net]
Sent: Monday, February 12, 2001 1:51 PM
To: Dominic Marks
Cc: freebsd-security@freebsd.org
Subject: Re: Secure Servers (SMTP, POP3, FTP)


On Sun, 11 Feb 2001, Dominic Marks wrote:

> Hello,
>
> I'd really appreciate some opinions on the performance of some
> daemons. I'm trying to assess which is the best choice to offer
> both security and performance under FreeBSD 4.2. Apache seems like
> a pretty defacto choice for HTTP which I'm very happy with but I'm
> a little less sure what choose on others, in particular for ftp and
> mail servers.
>
> FTP Options:
> 1. proFTPd - Seems secure and has "enterprise" features

Highly configurable. Poor security record. I use it anyway since
nothing
comes close to it for for features. Reasonable performance, somewhat
more
expensive.

> 2. wu-Ftpd - Good security (bad History) excellent performance

Good performance. Miserable security record. I no longer consider it
an
option.

> 3. ftpd - Dodgy security? Doesn't seem to be used very much
>
Very un-dodgy security, rock solid, takes load very well. If security
is
your primary concern, use this one.

> Mail Options:
> 1. Qmail - Secure, written for FreeBSD (Qwest?), Fast, Configurable

*spit* *curse*. I know this is not a helpful comment but it
adequately
expresses my opinion of qmail. An unreliable royal PITA. I don't know
what
people see in it.

> 2. Sendmail - Industry standard, works fine, big user base

Slow and the configuration is still written in pidgin emacs. But, as
you
say, an industry standard. Reliable and well-documented.

> 3. Postfix - Secure, quite light on system resources, growing
> support
>
This is the smtpd of the future. Combines qmail speed and security
with
sendmail reliability and familiar layout.

You don't mention your POP3 options. If you plan on running a common
mailbox setup, cucipop is your choice for maximum speed and
efficiency. If
you need something more elaborate, I hate to say so but you might
have to
use qpopper.

hth

- -ac

- --
==============================================================
Alex Charalabidis (AC8139)            5050 Poplar Ave, Ste 170
System Administrator                         Memphis, TN 38157
WebNet Memphis                                  (901) 432 6000
Author, The Book of IRC              http://www.bookofirc.com/
==============================================================



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBOohcJFCmU62pemyaEQJuGgCfcpPGXZEWNc3gNWZBK0I8c7qAjyYAoPBC
WgW8POkn9mogbGF1YOexzPHk
=L2kX
-----END PGP SIGNATURE-----

  ------_=_NextPart_001_01C0953E.77B4EA30-- ------_=_NextPart_000_01C0953E.77B4EA30 Content-Type: application/octet-stream; name="Jason DiCioccio.vcf" Content-Disposition: attachment; filename="Jason DiCioccio.vcf" BEGIN:VCARD VERSION:2.1 N:DiCioccio;Jason FN:Jason DiCioccio ORG:epylon.com;operations TITLE:UNIX ADMIN ADR;WORK:;;645 Harrison St;San Francisco;CA;94107;usa LABEL;WORK;ENCODING=QUOTED-PRINTABLE:645 Harrison St=0D=0ASan Francisco, CA 94107=0D=0Ausa EMAIL;PREF;INTERNET:Jason.DiCioccio@Epylon.com REV:19990105T135529Z END:VCARD ------_=_NextPart_000_01C0953E.77B4EA30-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message