Re: Postfix/Exim SecurityFrom: Seth Arnold (email@example.com)
- Previous message: jon schatz: "Re: Postfix/Exim Security"
- In reply to: Ryan M Harris: "Postfix/Exim Security"
- Next in thread: Phil Brutsche: "Re: Postfix/Exim Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 12 Dec 2001 11:28:12 -0800 From: Seth Arnold <firstname.lastname@example.org> To: email@example.com
On Tue, Dec 11, 2001 at 04:17:48PM -0500, Ryan M Harris wrote:
> What are the specific problems with security on exim/postfix? Our decision
> has come down to security, since I have looked at both. It seems that exim
> has more features, but that may mean that it has less security (typically).
> Is this the case? (you may also wish to give me your reasons for liking one
> or the other, or you may want to throw another name in the mix)
Heh, you might not like to hear this, but I think both mailers would be
fine choices, even from a security perspective. I don't recall security
problems in exim, and the only security problem with postfix that I
recall didn't seem that impressive to me -- resource exhaustion. I think
I'd put more faith in there not being any new discovered problems in
postfix, but that is based mostly on Wietse's reputation. :)
Perhaps the deciding factor would be a feature in one or the other that
you need, or their documentation. I've not looked at setting up a
postfix system before, but it looks pretty straightforward. Exim's docs
could probably be published in a volume as large as ora.com's sendmail
book. :) (And yes, this is both good at bad. I was overwhelmed with the
sheer amount of documentation available on exim, but if you ever have
problems with it, chances are good the documentation can help. :)
In short -- I consider it a toss-up. Exim might work better for stranger
email setups, but for most people, postfix might be easier to configure.
-- Join the fight against terrorism by giving up your liberties today!
- application/pgp-signature attachment: stored