> That still doesn't change the fact that currently, in version 8.9.12 there > are no known security issues with the sendmail distribution.
There are no known exploits the current patched version of Windows XP I use at work, either. > I'm not saying sendmail is more secure than QMail, I'm just saying it is > currently not less secure either. It is by inherent design flaws; not merely based on current code revisions. It's "qmail", not "Qmail". Sorry, pet peeve. --snip-- >yet it keeps resending ignoring your 55x > responce.) If a sendmail flaw is found I will be either patching it > manually, or just emerge -u sendmail and not thinking again about it. I'm sure everyone is very thankful that you properly set up your Sendmail server to work securely. However, the unfortunate fact is that many MTA admins publically accessible Sendmail mail servers do not. Because: Sendmail is needlessly complex due to years of patching on top of patching and rewrites; which in my opinion can lead to configuration mistakes. I think any experience admin agrees that Sendmail tops the list for "Worst Configuration File" award. It tries to be everything all at once, which in a proper design--the "true unix fashion"--smaller, focused programs should contribute to the greater whole. But, you are correct; any MTA is susecptable to misconfiguration. I simply steer towards qmail because it's much harder /to/ misconfigure, and in my opinion from an overall design standpoint, it makes much more sense. -brian -- [EMAIL PROTECTED] mailing list
