[CentOS] Ultra simple mail server config?

Tue Jan 23 23:50:45 UTC 2007
John Summerfield <debian at herakles.homelinux.org>

Peter Serwe wrote:


>> I don't see any patches to fix security problems, but I am not 
>> prepared to believe there are no security problems. There are patches 
>> to fix standards non-compliance (eg RFC 1870 and RFC 2821) and nobody 
>> can distribute source with them preapplied. Instead, they must 
>> distribute patch alone or source-plus-patch.
> Well, ya know it's kinda funny.  The author has had a cash prize for 
> anybody to find a security
> hole in qmail for the better part of a decade, and as much as a lot of 
> people have gotten really
> intimate with the qmail source code (as evidenced by the sheer number of 
> patches), nobody
> has EVER been able to find one and claim the prize.  I think that's as 
> close to being able to
> believe there aren't any issues as any software I've ever seen.  

I saw that. Who's the judge of what constitutes a security bug? You and 
I are very likely to disagree in some cases, even where we agree on a 
definition.

I do value standards compliance, and I think that something like:
yum install postfix spamassassin dovecote
beats downloading the source, patching, installing binaries (in /var? 
really!) and taking it on myself to verify it all fits together.

_I_ don't want development tools on my mail gateway, and if I really 
wanted to build from source I'd probably be using gentoo. or building 
RHEL myself.

Actually, I do, sort of, on one box:-) Both.

> Certainly Bill Gates would
> be substantially poorer had he ever made that claim, and backed it with 
> cash over the same
> time period.
> 
> </rant> :D

I also saw his comments re the author of postfix. OTOH, at 
www.postfix.org I could find nothing bad about qmail or its author. If 
Dan didn't propagate the alleged slanders, hardly anyone would know 
about them.

I also saw his comments re the future of qmail:
http://cr.yp.to/qmail/future.html


-- 

Cheers
John

-- spambait
1aaaaaaa at coco.merseine.nu  Z1aaaaaaa at coco.merseine.nu

Please do not reply off-list