On Sat, 17 Nov 2001, Ronan Heffernan wrote:
> The SMTP server is usually a program called "sendmail". This
> is an old program, that is pretty much the UNIX standard around the
> world. Unfortunately, it is also the most commonly exploited port of
> entry for malicious "crackers". I recommend qmail instead.
Strong assertion and certainly not true for any sendmail
released within the last 3 years -- I'd choose IIS and Nimda
as the most common port of entry, and Outlook as a close #2;
If restricted to Open Source, the portmap, bind, and lpr hole
is each much worse.
... all ship safe on Red Hat -- dunno on other Linux's
Qmail is, of course, not 'free': see:
http://cr.yp.to/qmail/dist.html
"If you want to distribute modified versions of qmail
(including ports, no matter how minor the changes are) you'll
have to get my approval. ... It means a
detailed review of the exact package that you want to
distribute. "
-- Russ
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 18:21:24 EDT