On 30 November 2007, Geoff Steckel <[EMAIL PROTECTED]> wrote:
> Liviu Daia wrote:
> > On 30 November 2007, Amarendra Godbole <[EMAIL PROTECTED]>
> > wrote:
> >> Please note that postfix does not undergo the rigorous code scrub
> >> that sendmail goes through.
> > [...]
> >
> > Will you please cut the crap? Thank you.
> >
> > Unlike Sendmail, Postfix was written from scratch with security
> > in mind. It had only one published security flaw since its first
> > public release in 1998. The author, Wietse Venema, is also the
> > author of SATAN and tcpwrappers. He knew one or two things about
> > writing secure code long before OpenBSD came into existence. The
> > objections people occasionally have against Postfix are related to
> > its license, not the code quality.
>
> I have seen several installations of Postfix go catatonic due to
> spam overload, large messages, mailing list expansions, and other
> undiagnosed problems. These were run by Postfix lovers, so I have
> always assumed that the installation was correct. In the one case I
> saw tested replacing Postfix with Sendmail resulted in no further
> problems.
>
> Given this anecdotal history I would suggest not running Postfix in a
> large production environment.
Well, the point I was trying to make was about Postfix code being
audited. But since I'm never the man to turn down a pissing contest,
here we go:
I have seen several installations of Sendmail go catatonic due
to spam overload, large messages, mailing list expansions, and other
undiagnosed problems. These were run by Sendmail lovers, so I have
always assumed that the installation was correct. In the many cases
I saw tested replacing Sendmail with Postfix resulted in no further
problems.
Given this anecdotal history I would suggest not running Sendmail in
a large production environment.
A story just as valid as yours. :)
Regards,
Liviu Daia
--
Dr. Liviu Daia http://www.imar.ro/~daia
