Mail

Jim Trigg jtrigg at spamcop.net
Wed Jun 16 13:13:51 PDT 2004


On Wed, Jun 16, 2004 at 02:57:47PM -0400, Robert Huff wrote:
> 
> Chuck Swiger writes:
> 
> >  There have been around 70 security issues mentioned since the
> >  beginning of sendmail-8 circa 1993, or about six per year.
> >  Recently, things have gotten better, but a dispassionate
> >  evaluation of the security history of sendmail does not inspire
> >  any great confidence that one can set up sendmail, leave it
> >  unpatched, and expect the software to still be free of known
> >  remotely-exploitable security problems two years later.
> 
> 	Would you care to nominate an inherently network-accessible
> program with such a track record?  For example: 5.2.1 was released
> in late February; there are currently 12 security advisories*, of
> which I would consider at least 5 to be part of the core system.
> (As opposed to things in the base system, like BIND.)

Postfix and Exim.  I found no security advisories for either on the CERT
website; that actually covers their entire lifecycles.

Jim Trigg
-- 
Jim Trigg, Lord High Everything Else  O-          /"\
                                                  \ /  ASCII RIBBON CAMPAIGN
Hostmaster, Huie Kin family website                X    HELP CURE HTML MAIL
Verger, All Saints Church - Sharon Chapel         / \


More information about the freebsd-questions mailing list