Ian Eiloart wrote:
>
>
> --On 13 December 2010 10:29:21 +0000 Mike Cardwell
> <exim-users@???> wrote:
>
>>
>> I'd be interested in working on a project to gather this data on a
>> monthly basis and produce similar results to that produced by the
>> Netcraft Web Server survey. I don't have the hardware/connectivity to do
>> it though.
>
>
> Security Space do this, though you have to pay to see reports less than a
> year old.
Wonder if NetCraft might be persuaded to something MTA'ish?
> I've not looked at this for a long time, but am pleasantly
> surprised to see huge apparent growth in market share for Exim, mostly at
> the expense of Sendmail. Exim seems to be the most popular server, with 30%
> market share (up from 25% the year before). Postfix, Microsoft and Sendmail
> down at a bit below 20% each. Nobody else got above 3%
>
> There's still an issue that almost 50% of servers don't identify themselves
> in the banner. Security Space don't look any further, even though issuing
> "HELP" and "HELO" can supposedly popular servers such as qmail.
Ian - 50%?
Surprised it is that high, even though I am one of those paranoid. (Custom
banner with no more than TOD).
Mike - 4.69-3 on both of my public-facing boxen.
But not exploitable (AFAIK).
'externals' such as /var mounted noexec,nosuid, and no setuid root on the Exim
binary etc, etc....
Going forward, I see more-than-just-Exim value in what OpenBSD has been doing
w/r those mount-points for some years.
>
> Further, the sampling method is a bit iffy: for every domain in their web
> server survey, they look for an MX record and then try to contact that
> server.
>
> <http://www.securityspace.com/s_survey/data/man.200911/mxsurvey.html>
>
I'd be surprised if more than 70% of all in-service 'legitimate' MTA even HAVE
an MX record. I've seen far too many rely on A and PTR only.
> Interestingly, in Nov 2009, 83% of Exim installs were running 4.69. 4.70
> was released that month.
>
If Herr Doktor Student was correct, we at least have a statistically valid 'T'
distribution. Probably won't ever have much more than that, but it is useful info.
Thanks & regards,
Bill