Re: Sendmail

From: multics@ruserved.com
Date: 05/14/02


From: multics@ruserved.com
To: terry.dunlap@wku.edu
Date: Tue, 14 May 2002 15:00:30 -0400 (EDT)

Due to the past bugs in the early/mid 90's the sendmail people did a
security audit and fixed alot of the problems and tightened security.
The most recent 'sendmail' bug was not a sendmail bug but a bug in some
OS's that did not impliment a security feature correctly.

sendmail these days should be about as secure as any other mailer and its
still pretty much the email standard.

> Have you ever noticed that OpenBSD and FreeBSD install Sendmail as part
> of their default installs? I just installed OpenBSD 2.9 today on a test
> box (I know there are new versions). I was shocked to find Sendmail
> running on this OS which claims to offer a "secure" default install.
>
> Granted, I checked the OpenBSD site regarding their implementation of
> Sendmail, and they have made some security changes to it. However, given
> its track record, why is Sendmail a part of the default installs on
> these *BSD flavors? Why is it part of ANY default install???
> --
> Terry Dunlap, MCSE
> Network Security
>
> Western Kentucky University
> 1 Big Red Way, WAB 313
> Bowling Green, KY 42101
> 270.745.6909
>
> rm -f /usr/bin/laden
>
>

-- 
Richard Shetron  multics@ruserved.com multics@acm.rpi.edu  NO UCE
What is the Meaning of Life?      There is no meaning,
It's just a consequence of complex carbon based chemistry; don't worry about it
The Super 76, "Free Aspirin and Tender Sympathy", Las Vegas Strip.



Relevant Pages