Tim Weber via Postfix-users: > I think this is a very good way to look at it, and a helpful lesson > from this situation. Especially since, reading the article as it > was published, it is obvious that SEC must have known the impact > to Postfix and Sendmail. I understand their urge to notify Cisco > customers about the problematic default configuration, but this > was just bad timing and caused unnecessary stress for the Postfix > maintainers and admins.
This problem goes well beyond Postfix, Sendmail, GMX, CISCO, and outlook.com. In my opinion, an attack was published before affected systems could be updated. Now that the attack is public, I do encourage reaching out to the rest of the world (email service providers, product vendors, etc.) to get this problem addressed. That includes posting blogs, giving conference presentations, and responding to critical questions from the audience. Wietse _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org