On 2019-09-07 Cyborg via Exim-users <exim-users@???> wrote:
> several press publications about the exim exploit give different exim
> installation numbers.
> The Hacker News: "...which runs almost 60% of the internet's email
> servers today..."
> "...leaving at least over half a million
> email servers vulnerable to remote hackers..."
> Heise Security: "Shodan names over 5 million server
> <https://www.shodan.io/report/vRKzLpdS>; 175.000 in Germany alone"
> Wikipedia: "In August 2019 a study performed by E-Soft, Inc.,^[3]
> <https://en.wikipedia.org/wiki/Exim#cite_note-3> approximately 57% of
> the publicly reachable mail-servers on the Internet ran Exim. "
> The question is, what is the reality?
a) Nobody really knows.
b) The number is not very significant. A very large percentage of
"publicly reachable mail-servers" will host a (percentual) small
number of domains or no daemon at all since they are Debian linux
installations which got exim installed because some package had a
dependcy on it. I guess this happens less often with other distros
which use a different default MTA.
cu Andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'