On 10/14/2010 4:19 PM, Gary Greene wrote: > On 14/10/10 10:58 AM, "Baird, Josh"<jbaird at follett.com> wrote: >> Actually, as of RHEL6, the default MTA is now Postfix. >> >> Sendmail does indeed have a rather lengthy history of vulnerabilities. >> With that being said, in my opinion, Postfix is also a much more >> flexible MTA. >> >> Josh > > Well, I'd call that a red herring as Sendmail is just as flexible. The main > issues that people have with Sendmail regarding security or flexibility come > from the fact that you need to understand the configuration language that > Sendmail's configuration files use. If you don't, yes, you can easily eff up > the the security of your mail infrastructure and can get lost quickly if > you're trying to configure it for more functionality/mail routing/etc. > > Sure there have been vulnerabilities in the past, but so has > postfix/exim/dbmail/etc.... I think the main reason upstream changed to > Postfix is mostly a) most Linux distributions are using it as the default > MTA now, and b) it is easier to configure and nothing more. What you really want with sendmail is a milter-multiplexer like MimeDefang where you can do anything you want without slowing down the faster native sendmail steps and handle the unusual configuration parts in a snipped of perl. Now that postfix has gotten milters right I think you could use MimeDefang with it too. But, sendmail these days is probably the most strictly audited piece of code on your server so I think the OP is just following bad advice. -- Les Mikesell lesmikesell at gmail.com