[CentOS] sendmail substitute?

Les Mikesell lesmikesell at gmail.com
Thu Oct 14 17:48:59 EDT 2010


On 10/14/2010 4:19 PM, Gary Greene wrote:
> On 14/10/10 10:58 AM, "Baird, Josh"<jbaird at follett.com>  wrote:
>> Actually, as of RHEL6, the default MTA is now Postfix.
>>
>> Sendmail does indeed have a rather lengthy history of vulnerabilities.
>> With that being said, in my opinion, Postfix is also a much more
>> flexible MTA.
>>
>> Josh
>
> Well, I'd call that a red herring as Sendmail is just as flexible. The main
> issues that people have with Sendmail regarding security or flexibility come
> from the fact that you need to understand the configuration language that
> Sendmail's configuration files use. If you don't, yes, you can easily eff up
> the the security of your mail infrastructure and can get lost quickly if
> you're trying to configure it for more functionality/mail routing/etc.
>
> Sure there have been vulnerabilities in the past, but so has
> postfix/exim/dbmail/etc.... I think the main reason upstream changed to
> Postfix is mostly a) most Linux distributions are using it as the default
> MTA now, and b) it is easier to configure and nothing more.

What you really want with sendmail is a milter-multiplexer like 
MimeDefang where you can do anything you want without slowing down the 
faster native sendmail steps and handle the unusual configuration parts 
in a snipped of perl.  Now that postfix has gotten milters right I think 
you could use MimeDefang with it too.

But, sendmail these days is probably the most strictly audited piece of 
code on your server so I think the OP is just following bad advice.

-- 
   Les Mikesell
    lesmikesell at gmail.com


More information about the CentOS mailing list