Re: secrets and lies

[Felix von Leitner]

Thus spake Robin S. Socha ([EMAIL PROTECTED]):
> > No. Any audit worth doing would be prohibitively expensive for a
> > freeware project. $1000 wouldn't even begin to cover it, at least for
> > qmail.
> Doesn't the fact that they are included in OpenBSD (as ports) hint at
> the fact that some of the OpenBSD guys have had at least a cursory
> glance at it?

The OpenBSD guys lost their credibility as software security authority
when they decided to include sendmail as standard MTA.  Theo is rumored
to have said something like "There were no remote root exploits for two
years, so it must be secure now, right?"

Felix