[linux-elitists] MTA roundup
Mon Apr 29 12:00:35 PDT 2002
On Mon, Apr 29, 2002 at 10:54:42AM -0700, Rick Moen wrote:
> Quoting Marc MERLIN (email@example.com):
> > LJ asked me for a writeup on a variety of subjects, and I picked an MTA
> > roundup.
> I like this round-up a great deal. It's comprehensive, lucid, and yet
> very concise.
I just feel uneasy about my lack of knowledge on postfix/qmail and want to
make sure I do not advantage exim unfairly just because I know it better.
> It's my understanding that both sendmail and exim have implemented a
> security strategy of making the single binary drop privilege according
> to role.
Yep, at least for exim (I don't know the decent details for sendmail).
Exim 3 had 3 security levels for that matter, although it's been simplified
in exim 4
> Thus, the security advantage claimed by modular MTAs (postfix,
> qmail) is reduced, and you gain the advantage of a simpler, easier to
> audit/examine architecture.
Mmmh, I don't know if I'd go that far.
I would still consider qmail and postfix more secure than exim/sendmail
Microsoft is to operating systems & security ....
.... what McDonalds is to gourmet cooking
Home page: http://marc.merlins.org/ | Finger firstname.lastname@example.org for PGP key
More information about the linux-elitists