Re: [exim-dev] OT: Re-inventing qmail (Was: Pipe transport r…

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Bryan Henderson
Datum:  
To: bob
CC: exim-dev
Betreff: Re: [exim-dev] OT: Re-inventing qmail (Was: Pipe transport run by user?)
>Sound to me like you want to re-invent qmail, daemontools and
>ucspi-tcp.


At least part of it is actually reinventing Unix mail from pre-network
days -- local delivery used to be the only delivery and the local
transport (I believe it was called 'deliver') was setuid.

Haven't heard of daemontools, but it sounds like something I would
like and that I've spent some time reinventing. Thanks. I have
always been irritated by all the duplication in the various daemon
programs, and by those programs deviating from their core competence
to mess with the vagaries of daemonhood.

On the other hand, Exim has way too much brilliance as an SMTP mail
server to walk away from it. Hence my search for a simple compromise.

>if security outranks all other concerns by a few orders of
>magnitude then why not.


I'm actually less paranoid than most about security, especially if you
mean protecting a system against criminals. My main interest is just
simplicity. The Exim world is complex enough that more than once,
I've done something creative and later learned I'd broken mail or
opened a gaping security hole via Exim. If Exim were not installed
setuid, it would substantially reduce the network of scenarios I have
to consider.

-- 
Bryan Henderson                                    Phone 408-621-2000
San Jose, California