On Wed, 2004-12-15 at 16:18 -0800, Michael Rock wrote:
Hi, as far as security advisories from Redhat I only see the last update to Postfix being 9/2/04 2.0.16-14.RHEL3.
That is what I am using.
Centos3.3 however added a newer version that I am currently using which matches the last 2.0 version official release at postfix.org.
/pub/cAos/centos-3/3.3/contrib/i386/RPMS/ postfix-2.0.20-1.centos3.1
That is a contrib package ... meaning someone other than the official CentOS maintainers provided it. It is NOT the official CentOS-3 version.
Since I am running this as my public smtp server it makes me wonder why Redhat has not moved to Postfix 2.1 which is the latest official release.
RedHat has a policy of backporting fixes ... see this link:
http://www.redhat.com/advice/speaks_backport.html
Anyone have a opinion whether it is safe to stick with Redhats Postfix's release on a public smtp server or should I move to 2.1?
RedHat's official versions are (in my opinion) the best from a security perspective.
thx
-- Mike
--- Johnny Hughes http://www.HughesJR.com/