Procmail Vulnerabilities check

Kurt Jaeger lists at opsec.eu
Mon Dec 11 19:45:09 UTC 2017


Hi!

> Let me attempt to make my point another way (and stay closer to topic).
> A user is able to accomplish more from sendmail in base, than with any
> other MX port in base alone.
[list of sendmail features shortend for brevity]

> Many of the other MX software in the ports tree provide a subset of
> the shortlist I mentioned above. But none of them offer them all.

So if sendmail is a pkg/port, it would still have those features ?

Is a

pkg install sendmail

such a huge step ? And btw, even if sendmail has all those features,
I can tell you that even when I first attend my first sendmail workshop,
approx. 27 years ago, I still would not know how to implement them
with sendmail.

> I were an MX administrator. Would I not want all the options/help
> I could get to defend myself against attack?

I still don't get the difference if sendmail would be a port/pkg.

Oh, btw, if sendmail can do all this, wouldn't it be useful to
have a suitable config that does all this right out of the box ?

Because, honestly, I would not know how to enable all those features...

> True. But if I'm selling a Server targeted OS. Don't I want to
> advocate server grade services?

But the distribution channel of the software for that service
(base or port) does not sound as the relevant factor for the
end-user, or does it ?

-- 
pi at opsec.eu            +49 171 3101372                         3 years to go !


More information about the freebsd-ports mailing list