On Wed, 14 Mar 2001 08:43:44 -0800,
Rob Tanner [EMAIL PROTECTED] (rt) writes:
rt (I know a lot of people swear by postfix, but I stick with sendmail
rt because I know the product and in this world of nasty hackers, using
rt an unfamiliar MTA is a very scarry thought. But does anyone know,
rt
On Wed, 14 Mar 2001, Rob Tanner wrote:
privileges. Since all the mailboxes are owned by the Cyrus user, what
would be more secure of a system that just does mail delivery woulkd
be a hack to sendmail so that once it attaches to port 25 it drops root
and runs as the Cyrus user. Show me a
privileges. Since all the mailboxes are owned by the Cyrus user, what
would be more secure of a system that just does mail delivery woulkd
be a hack to sendmail so that once it attaches to port 25 it drops root
and runs as the Cyrus user. Show me a hack like that, and Cyrus wins
hands
That's a popular conception, but I don't know that it's really true. I
believe that Cyrus is a better conceived product in that it abandon's
the use of individually owned mailspools and maintains it's own
database (figuratively speaking) and amanages access to the individual
sppols. Cyrus
Rob Tanner [EMAIL PROTECTED] writes:
[ re cyrus vs UW imap security ]
The big issue, however, is sendmail. And ny effort to hack through
your mail system via your email system (i.e., through port 25) goes
through sendmail before Cyrus ever sees it, and most of those attacks
are designed
On Wed, 14 Mar 2001, The Hermit Hacker wrote:
Trying to convince a group that Cyrus is more secure, but my arguments are
about as lame as can be :(
Does anyone have a URL that I can use in my args, that compares them
better?
Well, there are two CERT advisories about older versions of UoW:
On Wed, Mar 14, 2001 at 08:43:44AM -0800, Rob Tanner wrote:
(I know a lot of people swear by postfix, but I stick with sendmail
because I know the product and in this world of nasty hackers, using an
unfamiliar MTA is a very scarry thought. But does anyone know, can
postfix be configured
On 14-Mar-01 at 09:00, The Hermit Hacker ([EMAIL PROTECTED]) wrote:
Trying to convince a group that Cyrus is more secure, but my arguments are
about as lame as can be :(
I assume that you've pointed out that no exploits have ever been
reported for Cyrus and that even if an exploit is ever
not that i'm advocating sendmail, but..
you can at least *somewhat* chroot sendmail.
Postfix was written bye Weitse Venema, who also wrote tcpd and SATAN (with
Dan Farmer)
Maybe that's not good enough for some people, I guess.. but Postfix is
definitely stable and not such an `unknown'. And
oh yeah, there's also cyrus murder (how well does it work now?)
Scott
On Wed, 14 Mar 2001, Bitt Faulk wrote:
Well, there are two CERT advisories about older versions of UoW:
10 matches
Mail list logo