So which of the suggested alternatives (fdm, sieved, ???) have
undergone a security audit or at least can claim that no problems
were found when using some of those fuzzing tools?
Well the real answer here is that procmail hasn't undergone a
security audit and has a claim that it just failed under fuzzing
tools.
Before switching from procmail to something else it would be
nice to know if that alternative is (more) secure.
Well, the options are
(1) stick with procmail
(2) start auditing
(3) try to prompt other people to audit.
Oh, I get it.
Anyways, fmd is written by nicm@ who has a incredibly good track
record. My audit of the first draft of tmux was depressing, there
was so little for me to poke a finger at.
Modern mail is terribly complicated, the attack surface on something
like this is huge. Having it privsep from the start of development
certainly raises the bar.
