RFC: Sendmail deprecation ?
Xin LI
delphij at gmail.com
Thu Dec 7 22:07:56 UTC 2017
Just picking a random message from the thread.
On Thu, Dec 7, 2017 at 8:49 AM, Warner Losh <imp at bsdimp.com> wrote:
> It's bad that sendmail is such a security nightmare too. We should likely
I don't think there is fact that backs this claim (I don't personally
have strong opinion on Sendmail removal though). Sendmail might well
be a nightmare a decade ago but not anymore.
The last security advisory for sendmail was in 2014 for a CVSS 1.9
issue, and before that the last major issue was in 2010.
Also count me in the "no dma" campaign too: it worked poorly for the
cluster during our dogfood and there were multiple RFC violations the
last time we tried it. I might be wrong, but I think it also does not
support SSL/TLS properly (e.g. no validation of server certificate,
etc.), by the way, and I don't think it have implemented proper queue
either.
Cheers,
More information about the freebsd-arch
mailing list