Ian Eiloart wrote: > > > --On 13 December 2010 10:29:21 +0000 Mike Cardwell > <[email protected]> wrote: > >> >> I'd be interested in working on a project to gather this data on a >> monthly basis and produce similar results to that produced by the >> Netcraft Web Server survey. I don't have the hardware/connectivity to do >> it though. > > > Security Space do this, though you have to pay to see reports less than a > year old.
Wonder if NetCraft might be persuaded to something MTA'ish? > I've not looked at this for a long time, but am pleasantly > surprised to see huge apparent growth in market share for Exim, mostly at > the expense of Sendmail. Exim seems to be the most popular server, with 30% > market share (up from 25% the year before). Postfix, Microsoft and Sendmail > down at a bit below 20% each. Nobody else got above 3% > > There's still an issue that almost 50% of servers don't identify themselves > in the banner. Security Space don't look any further, even though issuing > "HELP" and "HELO" can supposedly popular servers such as qmail. Ian - 50%? Surprised it is that high, even though I am one of those paranoid. (Custom banner with no more than TOD). Mike - 4.69-3 on both of my public-facing boxen. But not exploitable (AFAIK). 'externals' such as /var mounted noexec,nosuid, and no setuid root on the Exim binary etc, etc.... Going forward, I see more-than-just-Exim value in what OpenBSD has been doing w/r those mount-points for some years. > > Further, the sampling method is a bit iffy: for every domain in their web > server survey, they look for an MX record and then try to contact that > server. > > <http://www.securityspace.com/s_survey/data/man.200911/mxsurvey.html> > I'd be surprised if more than 70% of all in-service 'legitimate' MTA even HAVE an MX record. I've seen far too many rely on A and PTR only. > Interestingly, in Nov 2009, 83% of Exim installs were running 4.69. 4.70 > was released that month. > If Herr Doktor Student was correct, we at least have a statistically valid 'T' distribution. Probably won't ever have much more than that, but it is useful info. Thanks & regards, Bill -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
