Date: Mon, 12 Feb 2001 13:55:09 -0800 From: Jason DiCioccio <Jason.DiCioccio@Epylon.com> To: 'Alex Charalabidis' <alex@wnm.net>, Dominic Marks <dominic_marks@hotmail.com> Cc: freebsd-security@freebsd.org Subject: RE: Secure Servers (SMTP, POP3, FTP) Message-ID: <657B20E93E93D4118F9700D0B73CE3EA0166D622@goofy.epylon.lan>
next in thread | raw e-mail | index | archive | help
This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_000_01C0953E.77B4EA30 Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C0953E.77B4EA30" ------_=_NextPart_001_01C0953E.77B4EA30 Content-Type: text/plain; charset="iso-8859-1" -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I actually use Cyrus for IMAP/POP3, but that's just because I wanted IMAP.. Cyrus is very featureful, I'm sure it doesn't have the best security record.. Can't be any worse than qpopper though ;). I also use cucipop on servers that I don't need all the features of cyrus on. Oh and also, I do like qmail, it's fast and secure, I haven't had any reliability issues with it (I run it from daemontools). Just my .02 Cheers, - -JD- - ------- Jason DiCioccio Evil Genius Unix BOFH mailto:jasond@epylon.com 415-593-2761 Direct & Fax 415-593-2900 Main Epylon Corporation 645 Harrison Street, Suite 200 San Francisco, CA 94107 www.epylon.com BSD is for people who love Unix - Linux is for people who hate Microsoft - -----Original Message----- From: Alex Charalabidis [mailto:alex@wnm.net] Sent: Monday, February 12, 2001 1:51 PM To: Dominic Marks Cc: freebsd-security@freebsd.org Subject: Re: Secure Servers (SMTP, POP3, FTP) On Sun, 11 Feb 2001, Dominic Marks wrote: > Hello, > > I'd really appreciate some opinions on the performance of some > daemons. I'm trying to assess which is the best choice to offer > both security and performance under FreeBSD 4.2. Apache seems like > a pretty defacto choice for HTTP which I'm very happy with but I'm > a little less sure what choose on others, in particular for ftp and > mail servers. > > FTP Options: > 1. proFTPd - Seems secure and has "enterprise" features Highly configurable. Poor security record. I use it anyway since nothing comes close to it for for features. Reasonable performance, somewhat more expensive. > 2. wu-Ftpd - Good security (bad History) excellent performance Good performance. Miserable security record. I no longer consider it an option. > 3. ftpd - Dodgy security? Doesn't seem to be used very much > Very un-dodgy security, rock solid, takes load very well. If security is your primary concern, use this one. > Mail Options: > 1. Qmail - Secure, written for FreeBSD (Qwest?), Fast, Configurable *spit* *curse*. I know this is not a helpful comment but it adequately expresses my opinion of qmail. An unreliable royal PITA. I don't know what people see in it. > 2. Sendmail - Industry standard, works fine, big user base Slow and the configuration is still written in pidgin emacs. But, as you say, an industry standard. Reliable and well-documented. > 3. Postfix - Secure, quite light on system resources, growing > support > This is the smtpd of the future. Combines qmail speed and security with sendmail reliability and familiar layout. You don't mention your POP3 options. If you plan on running a common mailbox setup, cucipop is your choice for maximum speed and efficiency. If you need something more elaborate, I hate to say so but you might have to use qpopper. hth - -ac - -- ============================================================== Alex Charalabidis (AC8139) 5050 Poplar Ave, Ste 170 System Administrator Memphis, TN 38157 WebNet Memphis (901) 432 6000 Author, The Book of IRC http://www.bookofirc.com/ ============================================================== To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>; iQA/AwUBOohcJFCmU62pemyaEQJuGgCfcpPGXZEWNc3gNWZBK0I8c7qAjyYAoPBC WgW8POkn9mogbGF1YOexzPHk =L2kX -----END PGP SIGNATURE----- ------_=_NextPart_001_01C0953E.77B4EA30 Content-Type: text/html; charset="iso-8859-1" <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> <HTML> <HEAD> <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> <META NAME="Generator" CONTENT="MS Exchange Server version 5.5.2653.12"> <TITLE>RE: Secure Servers (SMTP, POP3, FTP)</TITLE> </HEAD> <BODY> <P><FONT SIZE=2>-----BEGIN PGP SIGNED MESSAGE-----</FONT> <BR><FONT SIZE=2>Hash: SHA1</FONT> </P> <P><FONT SIZE=2>I actually use Cyrus for IMAP/POP3, but that's just because I wanted</FONT> <BR><FONT SIZE=2>IMAP.. Cyrus is very featureful, I'm sure it doesn't have the best</FONT> <BR><FONT SIZE=2>security record.. Can't be any worse than qpopper though ;). I also</FONT> <BR><FONT SIZE=2>use cucipop on servers that I don't need all the features of cyrus</FONT> <BR><FONT SIZE=2>on. Oh and also, I do like qmail, it's fast and secure, I haven't</FONT> <BR><FONT SIZE=2>had any reliability issues with it (I run it from daemontools).</FONT> </P> <P><FONT SIZE=2>Just my .02</FONT> </P> <P><FONT SIZE=2>Cheers,</FONT> <BR><FONT SIZE=2>- -JD-</FONT> </P> <BR> <BR> <P><FONT SIZE=2>- -------</FONT> <BR><FONT SIZE=2>Jason DiCioccio</FONT> <BR><FONT SIZE=2>Evil Genius</FONT> <BR><FONT SIZE=2>Unix BOFH</FONT> </P> <P><FONT SIZE=2><A HREF="mailto:jasond@epylon.com">mailto:jasond@epylon.com</A></FONT> </P> <P><FONT SIZE=2>415-593-2761 Direct & Fax</FONT> <BR><FONT SIZE=2>415-593-2900 Main</FONT> </P> <P><FONT SIZE=2>Epylon Corporation</FONT> <BR><FONT SIZE=2>645 Harrison Street, Suite 200</FONT> <BR><FONT SIZE=2>San Francisco, CA 94107</FONT> <BR><FONT SIZE=2>www.epylon.com</FONT> </P> <P><FONT SIZE=2>BSD is for people who love Unix -</FONT> <BR><FONT SIZE=2>Linux is for people who hate Microsoft</FONT> </P> <BR> <P><FONT SIZE=2>- -----Original Message-----</FONT> <BR><FONT SIZE=2>From: Alex Charalabidis [<A HREF="mailto:alex@wnm.net">mailto:alex@wnm.net</A>]</FONT> <BR><FONT SIZE=2>Sent: Monday, February 12, 2001 1:51 PM</FONT> <BR><FONT SIZE=2>To: Dominic Marks</FONT> <BR><FONT SIZE=2>Cc: freebsd-security@freebsd.org</FONT> <BR><FONT SIZE=2>Subject: Re: Secure Servers (SMTP, POP3, FTP)</FONT> </P> <BR> <P><FONT SIZE=2>On Sun, 11 Feb 2001, Dominic Marks wrote:</FONT> </P> <P><FONT SIZE=2>> Hello,</FONT> <BR><FONT SIZE=2>></FONT> <BR><FONT SIZE=2>> I'd really appreciate some opinions on the performance of some</FONT> <BR><FONT SIZE=2>> daemons. I'm trying to assess which is the best choice to offer</FONT> <BR><FONT SIZE=2>> both security and performance under FreeBSD 4.2. Apache seems like</FONT> <BR><FONT SIZE=2>> a pretty defacto choice for HTTP which I'm very happy with but I'm</FONT> <BR><FONT SIZE=2>> a little less sure what choose on others, in particular for ftp and</FONT> <BR><FONT SIZE=2>> mail servers.</FONT> <BR><FONT SIZE=2>></FONT> <BR><FONT SIZE=2>> FTP Options:</FONT> <BR><FONT SIZE=2>> 1. proFTPd - Seems secure and has "enterprise" features</FONT> </P> <P><FONT SIZE=2>Highly configurable. Poor security record. I use it anyway since</FONT> <BR><FONT SIZE=2>nothing</FONT> <BR><FONT SIZE=2>comes close to it for for features. Reasonable performance, somewhat</FONT> <BR><FONT SIZE=2>more</FONT> <BR><FONT SIZE=2>expensive.</FONT> </P> <P><FONT SIZE=2>> 2. wu-Ftpd - Good security (bad History) excellent performance</FONT> </P> <P><FONT SIZE=2>Good performance. Miserable security record. I no longer consider it</FONT> <BR><FONT SIZE=2>an</FONT> <BR><FONT SIZE=2>option.</FONT> </P> <P><FONT SIZE=2>> 3. ftpd - Dodgy security? Doesn't seem to be used very much</FONT> <BR><FONT SIZE=2>></FONT> <BR><FONT SIZE=2>Very un-dodgy security, rock solid, takes load very well. If security</FONT> <BR><FONT SIZE=2>is</FONT> <BR><FONT SIZE=2>your primary concern, use this one.</FONT> </P> <P><FONT SIZE=2>> Mail Options:</FONT> <BR><FONT SIZE=2>> 1. Qmail - Secure, written for FreeBSD (Qwest?), Fast, Configurable</FONT> </P> <P><FONT SIZE=2>*spit* *curse*. I know this is not a helpful comment but it</FONT> <BR><FONT SIZE=2>adequately</FONT> <BR><FONT SIZE=2>expresses my opinion of qmail. An unreliable royal PITA. I don't know</FONT> <BR><FONT SIZE=2>what</FONT> <BR><FONT SIZE=2>people see in it.</FONT> </P> <P><FONT SIZE=2>> 2. Sendmail - Industry standard, works fine, big user base</FONT> </P> <P><FONT SIZE=2>Slow and the configuration is still written in pidgin emacs. But, as</FONT> <BR><FONT SIZE=2>you</FONT> <BR><FONT SIZE=2>say, an industry standard. Reliable and well-documented.</FONT> </P> <P><FONT SIZE=2>> 3. Postfix - Secure, quite light on system resources, growing</FONT> <BR><FONT SIZE=2>> support </FONT> <BR><FONT SIZE=2>></FONT> <BR><FONT SIZE=2>This is the smtpd of the future. Combines qmail speed and security</FONT> <BR><FONT SIZE=2>with</FONT> <BR><FONT SIZE=2>sendmail reliability and familiar layout.</FONT> </P> <P><FONT SIZE=2>You don't mention your POP3 options. If you plan on running a common</FONT> <BR><FONT SIZE=2>mailbox setup, cucipop is your choice for maximum speed and</FONT> <BR><FONT SIZE=2>efficiency. If</FONT> <BR><FONT SIZE=2>you need something more elaborate, I hate to say so but you might</FONT> <BR><FONT SIZE=2>have to</FONT> <BR><FONT SIZE=2>use qpopper.</FONT> </P> <P><FONT SIZE=2>hth</FONT> </P> <P><FONT SIZE=2>- -ac</FONT> </P> <P><FONT SIZE=2>- -- </FONT> <BR><FONT SIZE=2>==============================================================</FONT> <BR><FONT SIZE=2>Alex Charalabidis (AC8139) 5050 Poplar Ave, Ste 170</FONT> <BR><FONT SIZE=2>System Administrator Memphis, TN 38157</FONT> <BR><FONT SIZE=2>WebNet Memphis (901) 432 6000</FONT> <BR><FONT SIZE=2>Author, The Book of IRC <A HREF="http://www.bookofirc.com/" TARGET="_blank">http://www.bookofirc.com/</A></FONT>; <BR><FONT SIZE=2>==============================================================</FONT> </P> <BR> <BR> <P><FONT SIZE=2>To Unsubscribe: send mail to majordomo@FreeBSD.org</FONT> <BR><FONT SIZE=2>with "unsubscribe freebsd-security" in the body of the message</FONT> </P> <P><FONT SIZE=2>-----BEGIN PGP SIGNATURE-----</FONT> <BR><FONT SIZE=2>Version: PGPfreeware 6.5.8 for non-commercial use <<A HREF="http://www.pgp.com" TARGET="_blank">http://www.pgp.com</A>></FONT>; </P> <P><FONT SIZE=2>iQA/AwUBOohcJFCmU62pemyaEQJuGgCfcpPGXZEWNc3gNWZBK0I8c7qAjyYAoPBC</FONT> <BR><FONT SIZE=2>WgW8POkn9mogbGF1YOexzPHk</FONT> <BR><FONT SIZE=2>=L2kX</FONT> <BR><FONT SIZE=2>-----END PGP SIGNATURE-----</FONT> </P> <P><FONT FACE="Arial" SIZE=2 COLOR="#000000"></FONT> </BODY> </HTML> ------_=_NextPart_001_01C0953E.77B4EA30-- ------_=_NextPart_000_01C0953E.77B4EA30 Content-Type: application/octet-stream; name="Jason DiCioccio.vcf" Content-Disposition: attachment; filename="Jason DiCioccio.vcf" BEGIN:VCARD VERSION:2.1 N:DiCioccio;Jason FN:Jason DiCioccio ORG:epylon.com;operations TITLE:UNIX ADMIN ADR;WORK:;;645 Harrison St;San Francisco;CA;94107;usa LABEL;WORK;ENCODING=QUOTED-PRINTABLE:645 Harrison St=0D=0ASan Francisco, CA 94107=0D=0Ausa EMAIL;PREF;INTERNET:Jason.DiCioccio@Epylon.com REV:19990105T135529Z END:VCARD ------_=_NextPart_000_01C0953E.77B4EA30-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?657B20E93E93D4118F9700D0B73CE3EA0166D622>