RE: Q-Mail, Or How Paranoid Are We Today.

From: Demitrious S. Kelly (apokalyptik@apokalyptik.com)
Date: 02/25/02

• Previous message: Mike Donovan: "RE: Encrypted share question"
• In reply to: Billy D Walls: "Q-Mail, Or How Paranoid Are We Today."
• Next in thread: carlos@planetadj.com.br: "Re: Q-Mail, Or How Paranoid Are We Today."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: "Demitrious S. Kelly" <apokalyptik@apokalyptik.com>
To: "'Billy D Walls'" <stauph@hotmail.com>, <security-basics@securityfocus.com>
Date: Mon, 25 Feb 2002 09:35:43 -0800

I've been using qmail in various situations for quite some time now and,
though I am definitely no serious security expert, I've never had any
problems with it. I've use standalone installations, as well as qmail
with all of the goodies (vpopmail, ezmlm, webmail, qmailadmin, sslwrap,
etc, etc) in both private and public environments (on shell hosting
servers, etc) and it's never once been the source of a security
compromise (not in my experience anyhow). Also you can still use the
mailfile (mbox (?)) format with qmail, you just have to configure it a
little differently. The info on doing this is in the docs that come with
email (something like README.MBOX or some such...)

Hope this helps.

-----Original Message-----
From: Billy D Walls [mailto:stauph@hotmail.com]
Sent: Friday, February 22, 2002 7:51 PM
To: security-basics@securityfocus.com
Subject: Q-Mail, Or How Paranoid Are We Today.

I recently moved from sendmail to qmail, and so far I'm amazed at A> The

ease of use of "qmail the easy way 1.51" B> The annoyance of Maildir.
My
travels across the internet and to various qmails sites tell of vast
security promises and the like, and the changelogs for qmail show there
isn't much security vunerabilites, even relaying isn't a trouble by
default.
  ... But has anyone had any problems with it anyway?

P.S. Yes, I've RTFM and used google. Just looking for any lose ends. ;)

_________________________________________________________________
Chat with friends online, try MSN Messenger: http://messenger.msn.com

---

• Previous message: Mike Donovan: "RE: Encrypted share question"
• In reply to: Billy D Walls: "Q-Mail, Or How Paranoid Are We Today."
• Next in thread: carlos@planetadj.com.br: "Re: Q-Mail, Or How Paranoid Are We Today."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: [SLE] MTA Selection ... > security is an absolute requirement. ... qmail works right out of the box.. ... a lot smaller than Sendmail or Postfix. ... "It uses two large monolithic configuration files, ... (SuSE) Re: [SLE] MTA Selection ... security is an absolute requirement. ... > secure, yes, but all the patches you need to use it in the 21st ... qmail works right out of the box.. ... a lot smaller than Sendmail or Postfix. ... (SuSE) Re: linux box compromised: advice needed ... > stapling new features onto it, ... > security review and control. ... And that's why SMTP-Auth and STARTTLS for qmail are third-party patches ... (comp.os.linux.security) Re: FreeBSD more secure than Linux ... > When the grand qmail challenge was put out, ... > of a class that could lead to a security breach) would be accepted. ... > of standard that will cause serious failure on at least one known system ... (comp.security.unix) Re: How to replace sendmail with postfix? ... >> in all sorts of ways, making it unsuitable for serious MTA use in ... >> todays internet. ... > which has a history of security vulnerabilities as long as your arm. ... Not just because of qmail, but it was a large part ... (comp.unix.bsd.freebsd.misc)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(13)