Date: Sun, 24 Nov 1996 18:03:29 -0600 (CST) From: Joe Greco <jgreco@brasil.moneng.mei.com> To: peter@taronga.com (Peter da Silva) Cc: jkh@time.cdrom.com, peter@taronga.com, hackers@FreeBSD.org Subject: Re: Replacing sendmail (Re: non-root users binding to ports < 1024 (was: Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2 Message-ID: <199611250003.SAA13671@brasil.moneng.mei.com> In-Reply-To: <199611242323.RAA06615@bonkers.taronga.com> from "Peter da Silva" at Nov 24, 96 05:23:02 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> > Needless to say, this is a terrible idea. > > Why? sendmail will *never* be secure. You already have sysinstall options > to load the pcnfs and apache ports, why not have another question. Something > like: > > "Sendmail is a large, complex mail transport mechanism. Qmail > is small, tight, and designed to be secure. Qmail provides > most of the functionality of sendmail. Which mail transport > should be installed by default?" > > For people who know what sendmail is, then they know enough to answer > the question. For people who don't, well, qmail is a lot easier to > understand than sendmail starting out fresh... While I agree with Jordan's assessment that you are sniffing glue, I WOULD agree that it might be reasonable to change the Sendmail bias in /etc/sysconfig (etc) to be more generalized, like the way the gated/routed switch is currently handled. One can simply install the qmail port (I assume there is one!) and then toggle a few bits. > > The user QA alone would murder us. > > You ever tried to explain to someone how to set up a virtual domain > in sendmail? Yes, and these days, Sendmail supports it out of the box. I do not know if FreeBSD's .mc file enables the features by default or not, I always gen my own .cf files. ... JG
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199611250003.SAA13671>