Date: Thu, 16 Nov 2000 22:17:19 -0600 (CST) From: Mike Meyer <mwm@mired.org> To: Boris =?iso-8859-1?Q?K=F6ster?= <koester@x-itec.de>, Tim McMillen <timcm@umich.edu> Cc: questions@freebsd.org Subject: Re: Help: Is Sendmail secure? Message-ID: <14868.45391.674534.336951@guru.mired.org> In-Reply-To: <30246233@toto.iv>
next in thread | previous in thread | raw e-mail | index | archive | help
Boris K=F6ster <koester@x-itec.de> types: > At 12:54 15.11.2000 -0800, Hiu F. Ho wrote: > >I need to set up a mail server on FreeBSD 4.x. Sendmail is installed= > >automatically when I install FreeBSD 4.x, but I've heard quite a few= people > >saying Sendmail is not secure and suggest me to use qmail. > Most people saying sendmal is insecure are not very known with sendma= il.=20 > They do not know how (anti)relay is working and the do not know how=20= > anything about configuring sendmail. The most of these people never=20= > configured a sendmail.conf file and they not understand how it works.= Actually, this brings up a good point - what kind of security are you talking about? If you're talking about securing the server from being used to move spam, then sendmail is by far the best choice. All that extra flexibility comes in really handy. If you're talking about keeping unauthorized people from accessing your system - shell prompts where they shouldn't be - then all that power and flexibility is on the bad guys side. > My favourite mailer is sendmail. If you know how to configure it, you= will=20 > have a really great mailer. You have to learn how to configure it, an= d this=20 > will take some weeks and you have to read a lot of sources and exampl= es. If=20 > you have understand some things, you will wondering about the power o= f=20 > sendmail. That about sums it up: After you spend more time learning to configure sendmail than you would learning a new programming language, it'll be a great mailer. On the other hand, spending a few hours learning to configure qmail will give you an equally great mailer, and a lower blood pressure. Of course, as you track FreeBSD, you'll have to deal with things that will want to reinstall sendmail, which will raise your blood pressure. > If you are a newbie, maybe sendmail could be a problem for you. If yo= u have=20 > enough energy to learn, sendmail is the best for you. Not true, not by a long shot. I've been configuring sendmail systems since before there was an Internet, and I'm quite happy to be using something else. There are systems that are every bit as good at moving mail around as sendmail, without the complexity of the sendmail config file. In fact, if you look over your mail headers carefully, you'll notice that the FreeBSD boxes aren't using sendmail; they're using Postfix. Tim McMillen <timcm@umich.edu> types: > =09This question also gets run around a lot on the OpenBSD mailing > lists. OpenBSD comes with sendmail by default and the dev team consi= ders > it the most secure. Their stance is that while sendmail has a bad > history, most of the bugs have been worked out of the code (in the > slightly older versions of sendmail that OpenBSD includes) and is now= > secure. =20 Can I guess as to why they're running "a slightly older version"? Could it be because auditing sendmail is a major undertaking, and they don't want to go through that *again*. > =09Their view on qmail is that while it has a lot of security > *features* it does not necessarily have security. There are still bu= gs in > its code (since it has not been audited for security) and those bugs = could > possibly be exploited. Actually, qmail has been audited. I audited it before switching to it from sendmail. That's one of the nice things about it - it's small enough that one person can reasonably read and review every line of code. While I naturally trust my audit more than someone elses, I recognize that more eyes looking at the code is a good thing. There was a standing cash reward for security bugs in qmail that went unclaimed. That counts for a lot in my book - but if I'd audited sendmail, I wouldn't count it for as much as auditing sendmail. > =09Further they believe that a good administrator configuring the > mail program correctly has more to do with security than security > features. Qmail's security features are said to be hard to configure= > properly for a newbie. I would certainly agree with the assessment about configuration being more important than the mailer. I'd say that following the appropriate security announcement lists is between the two. Whether it's qmail is harder to configure than sendmail depends (as above) on what kind of security you're talking about. All of which is an argument for running the mailer provided with the OS. The people who build the distribution would presumably have configured it to securely to start with. =09<mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?14868.45391.674534.336951>