On Wed, 29 Jan 1997, Nick Waterman wrote:
> You've got to laugh, haven't you? This one sounds like you don't even
> need to write perverse software to connect to mailhosts, you just need
> to construct a particularly clever email, then spam as many people as
> you want with it and wait for the results.
>
[CERT Adv. deleted]
> Exim, we salute you once more. I wonder if we'll ever see a CERT
> advisory about Exim?
To be honest the sendmail bashing is getting a bit on my nerve. Sendmail
was created during a time where security was not the utmost important goal
and has served the internet community for quite some time pretty good.
Apart from that the installed base of sendmail is way way bigger then exim
and though I appreciate that exim was designed with security in mind if it
is secure has yet to be shown.
So you should be a bit more grateful that people even bother to write free
software for you. And I dare say that sendmail was an incentive for the
development of exim.
Thats all of the off topic noise for now.
Have a nice day
Niels Provos =8)
- PHYSnet Rechnerverbund PGP V2.6 Public key via finger or key server
Niels Provos
Universitaet Hamburg WWW: http://www.physnet.uni-hamburg.de/provos/
Jungiusstrasse 9 E-Mail: provos@???
Germany 20355 Hamburg Tel.: +49 40 4123-2504 Fax: -6571
