"Mark Seuffert (Pirates)" <captain@???> probably said:
> a friend told me that Exim being the only MTA without a security audit.
Untrue.
There are hundreds of MTAs, for a start, and many of which you can't even
get at the source to think about auditing.
Sendmail continues to produce exploits, no matter how hard people look
at the code.
> I don't know what "security audit" means or if it makes any relevant
> statement about security.
It usually means going through the source with a fine tooth comb.
> I'm curious, anyone can tell more about this?
Read the security section in the specification.
Read a good book on programming secure code.
P.
--
pir pir@??? pir@??? pir@???
--
*** Exim information can be found at
http://www.exim.org/ ***