[TriLUG] Which is better?

[Joseph Mack NA3T]

On Wed, 10 Oct 2007, bak wrote:

> Sendmail has had a long and storied history of vulnerabilities, though
> lately it's been far more robust.

I don't like sendmail anymore than the next person (the m4 
config file was for an era before IP dominated networking 
and when an MTA was expected to handle all protocols), 
however in the absence of a reference to hard data, your 
statement here seems a little harsh. I don't have any data 
either to rebut your statement, so I'm in no better position 
than you to speak. I don't know what "lately" is, so I'll go 
with this

o sendmail was written in an era when people were glad for 
anything that worked, and people were expected to write 
clients which abided by the protocols, or else programs 
would crash. Sendmail in this case has the disadvantage of 
being first off the block.

o at a Lisa/Sage conference about 10yrs ago, the sendmail 
code was held up as an example of safe coding, in that it 
was impossible to loose a piece of e-mail: it would either 
be delivered or returned as undeliverable. The speaker 
seemed to regard the code as all round well written.

I agree that sendmail is horrible to configure (it should 
have shed its non-IP capabilities long ago), and if it's not 
secure, I'm sorry to hear it. I don't know why Allman didn't 
rewrite it 10yrs ago but instead allowed postfix etc to take 
over the niche.

Joe

-- 
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!