Re: [exim] Exim vs. Qmail on Security

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Nigel Metheringham
Datum:  
To: Marc Perkel
CC: exim-users
Betreff: Re: [exim] Exim vs. Qmail on Security
Marc Perkel wrote:
> I suppose from the perspective of this conversation is that Exim as far as I can tell doesn't have a history of being reported as having security flaws. Secure means that a Qmail user who is thinking about moving to Exim can be told that Exim is as secure as Qmail is.
>

Its not.
The big problem exim has is that it will fail badly - if something goes
wrong you give away root. Qmail uses privilege separation techniques
that mean it is very unlikely to give away root on failure.
In practice both packages will have security implicating bugs, but the
qmail ones are far less likely to lose the complete game - although
qmail is good at DOS conditions (causing them, that is).

It depends what your priorities are. If you need absolute guarantees of
absolute security then don't run an MTA (or an OS).


    Nigel.