Date: Tue, 12 Nov 2002 20:09:37 +0100 From: Matthias Andree <ma@dt.e-technik.uni-dortmund.de> To: Joe Kelsey <joek@mail.flyingcroc.net> Cc: mark@imptech.net, freebsd-ports@FreeBSD.ORG Subject: Re: Qmail setup Message-ID: <m34ramtxji.fsf@merlin.emma.line.org> In-Reply-To: <3DD11F4B.2030401@mail.flyingcroc.net> (Joe Kelsey's message of "Tue, 12 Nov 2002 07:33:31 -0800") References: <3DD11F4B.2030401@mail.flyingcroc.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Joe Kelsey <joek@mail.flyingcroc.net> writes: > I recommend that if you are installing qmail, just bite the bullet and > install ucspi-tcp and daemontools also. You should also throw out > inetd. There is no need to get rid of inetd. FreeBSD has one of the few good inetd implementations, it is linked against tcp_wrappers, it allows absolute clients per service limits, it allows these per-ip, and it allows the traditional "maximum NEW clients per unit of time" limit. The default configuration is bad, see my PR at http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/33670 but anyone operating an inetd-based server will have to pay as much attention to the configuration as anyone operating a qmail server (misconfigure rcpthosts and be in DEEP trouble). Of course, you're free to use tcpserver instead, > I recommend that you never run inetd again. It is almost as buggy as > sendmail. Prove your point or drop dead. And while you're claiming bugs in inetd, I'm documenting qmail bugs and disadvantages at http://mandree.home.pages.de/qmail-bugs.html -- these include a remote memory exhaustion attack that's been unfixed in a stock qmail install for four years. (The fix is simple: use resource limits.) If you need an MTA with a modular approach and which is to be considered "pretty secure", have a look at Postfix (in the NetBSD base system, BTW) instead. Exim does not share this modular concept, but has had much less security vulnerabilities reported than Sendmail, and -- as Postfix -- is a smoother install than qmail is. Courier is yet another alternative, with well-reputated mail filter, web mailer and imapd/pop3d modules that are available separately. (I've never tried Courier as a whole though.) -- Matthias Andree To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?m34ramtxji.fsf>