Tim Weber via Postfix-users:
> I think this is a very good way to look at it, and a helpful lesson
> from this situation. Especially since, reading the article as it
> was published, it is obvious that SEC must have known the impact
> to Postfix and Sendmail. I understand their urge to notify Cisco
> customers about the problematic default configuration, but this
> was just bad timing and caused unnecessary stress for the Postfix
> maintainers and admins.

This problem goes well beyond Postfix, Sendmail, GMX, CISCO, and
outlook.com. In my opinion, an attack was published before affected
systems could be updated.

Now that the attack is public, I do encourage reaching out to the
rest of the world (email service providers, product vendors, etc.)
to get this problem addressed. That includes posting blogs, giving
conference presentations, and responding to critical questions from
the audience.

        Wietse
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org

Reply via email to