Slackware This Forum is for the discussion of Slackware Linux.
|
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
05-31-2006, 03:36 PM
|
#1
|
Member
Registered: Dec 2005
Distribution: slackware-current
Posts: 86
Rep:
|
Sendmail Removed from NetBSD
I wonder if Pat will follow suit since sendmail is a security ridden software! Personally, I use qmail.
|
|
|
05-31-2006, 03:54 PM
|
#2
|
Senior Member
Registered: Dec 2005
Location: Brisbane, Australia
Distribution: Slackware64 14.0
Posts: 4,141
Rep:
|
Can you post some more info on this please? The only info I could find on the NetBSD site was an advisory about patching sendmail relating to sources dated prior to March 2006 ( http://ftp.netbsd.org/pub/NetBSD/sec...06-010.txt.asc).
As far as sendmail being bug ridden, that's incorrect. Although there have been plenty of security advisories in the past, the list of known problems isn't full of security issues as you imply.
And no, I'm not trying to turn your thread into sendmail vs qmail
|
|
|
05-31-2006, 08:50 PM
|
#4
|
Senior Member
Registered: Dec 2005
Location: Brisbane, Australia
Distribution: Slackware64 14.0
Posts: 4,141
Rep:
|
Thanks for that - the slashdot comments at http://bsd.slashdot.org/article.pl?sid=06/05/31/126238 were (mostly) interesting too.
I've got too much time invested in sendmail to want to change, but it might be worth looking to see what other ways there are of doing things...
|
|
|
06-01-2006, 04:30 AM
|
#5
|
Senior Member
Registered: Feb 2006
Location: Siberia
Distribution: Slackware & Slamd64. What else is there?
Posts: 1,705
Rep:
|
Quote:
Originally Posted by gilead
As far as sendmail being bug ridden, that's incorrect. Although there have been plenty of security advisories in the past, the list of known problems isn't full of security issues as you imply.
|
He didn't say it was bug ridden, he said it was "security ridden."
I guess there is no problem
|
|
|
06-02-2006, 03:17 AM
|
#6
|
Member
Registered: Aug 2005
Location: Guadalajara, Jal, Mexico
Distribution: Slackware Linux
Posts: 211
Rep:
|
I don't think sendmail is insecure. The lastest CERT advisory (22, March, 2006) is more theorical than practical (somebody could even *try* to exploit that?): you are bound by too many things you can't control to get the timing right... of course you can try many many times until it works, but it'd still be hard to get the right hit. And it was fixed (quite quickly) anyway, so it doesn't really matter.
Other than that, I can't seem to find a CERT advisory newer than 2003, so I'd say that it is a pretty secure software by today's standards (hell, even Linux -the kernel- has got more CERT advisories in the last 3 years).
But its real problem lies in the difficulty of its configuration, which is the place where most people would be able to screw up (I know I had). The only reason I'd use Postfix or Qmail would be to get something quick and dirty. I'd still use Sendmail for things which have enough time to be tested.
Last edited by theoffset; 06-02-2006 at 03:21 AM.
|
|
|
06-02-2006, 05:30 AM
|
#7
|
Member
Registered: Mar 2005
Location: Right behind you.
Distribution: NBG, then randomed.
Posts: 480
Rep:
|
Quote:
Originally Posted by theoffset
But its real problem lies in the difficulty of its configuration, which is the place where most people would be able to screw up (I know I had). The only reason I'd use Postfix or Qmail would be to get something quick and dirty. I'd still use Sendmail for things which have enough time to be tested.
|
I'm half-inclined to agree with you on the point of configuration difficulty, excepting the major problem stems from all the people out there convinced that the way to go involves deep knowledge of how cf files work.
Unfortunately, meddling with cf files directly is the masochists way to configure sendmail. The typical sendmail configuration can be built with an m4 macro file about five lines long (which makes it a bit easier to install than the others, IMHO). The majority of mods people make to their cf files can also be accomplished with usually just one more line in their macro file. It's actually very, very simple to configure for 95% of the uses out there. It's the more advanced uses (virtual hosts, strange redirections, etc) that people get burned on because they lunge at pieces of strange cf hackery (and struggle valianty) instead of going and hunting down the few necessary m4 macros to include. Really the only time anyone should mess with their cf file is when they need to make a change so trivial that editing their macro file and running two commands would be more work than just editing one line in the cf file.
|
|
|
06-02-2006, 07:37 AM
|
#8
|
Member
Registered: Jul 2004
Distribution: Void Linux, former Slackware
Posts: 498
Rep:
|
I have to agree. Sendmail has proven as very secure MTA in the last years and mentioned (potential) serious vulnerability bug is rather unique. Generating configuration file sendmail.cf from m4 macro script is also very easy, at least comparable with configuration of Postfix, f.E. Almost every setting is possible to be done by this way.
All whines against sendmail("one big security hole", "insane configuartion syntax") have historical roots and at least 3-4 years are no more valid.
|
|
|
All times are GMT -5. The time now is 04:40 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|