On Thu, Nov 29, 2001 at 03:48:32AM -0500, Brian Ashe wrote:
: KM> postfix instead of sendmail
:
: Sendmail is the most common mail server available. There is no lack of
: documentation. It has also been doing "better" than in the past. Postfix
: also just had a significant DoS against it as well and with it's increasing
: popularity, it may soon see more action on that front. Though I like it, I
: still tend to stick with Sendmail.
Yes, there was a DoS against Postfix, but Wietse had a patch to go along
with his announcement. Also, DoS != root compromise. How many times do
you need to see sendmail-induced root compromises (many even remote!)?
: Postfix also is not GPL. It is under the IBM Public License. If you read it,
: you could see that there are certain provisions for commercial distribution.
: While they wouldn't stop you from distributing it, there are some interesting
: clauses that lawyers may be able to use against someone. Though I would not
: know how chancy that is, RH (and others) may have lawyers that recommend
: against it.
The IBMPL is OSI-approved. Presumably, they have lawyers that look over
licenses before agreeing that they are acceptable OSS licenses.
: I agree here completely. It is GPL. It is easier to configure. And WU has
: just never gotten this thing right. Mandrake Linux has started shipping this
: as the default. I hope RH follows that one.
Agreed. Another player on the scene is vsftpd (vs stands for Very Secure).
It's small, fast, and very tight code. GPLv2 also.
: Plus when was the last time you saw M$ get hurt by including insecure
: software? It also works for Linux sometimes (like wu-ftpd, sendmail, etc.).
Umm... Maybe you haven't been paying that much attention to the news
recently? CodeRed? CodeRed-II? Nimda? Others? Perhaps you haven't
noticed the tons of analysts and columnists advising people to look
elsewhere?
It's a shame these efforts to guide the public elsewhere via widespread
mainstream journalism is so new. We can't yet measure the effects it will
have. My guess? Since a number of those making suggestions are analysts
for firms like Gartner, Forrester, etc., we'll be seeing results. Think
about how many IT organizations hang on every word from analysts - it's
a LOT.
--
Jason Costomiris <>< | Technologist, geek, human.
jcostom {at} jasons {dot} org | http://www.jasons.org/
Quidquid latine dictum sit, altum viditur.
My account, My opinions.
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
