On 10/14/2010 4:19 PM, Gary Greene wrote:
> On 14/10/10 10:58 AM, "Baird, Josh"<jbaird@xxxxxxxxxxx> wrote:
>> Actually, as of RHEL6, the default MTA is now Postfix.
>>
>> Sendmail does indeed have a rather lengthy history of vulnerabilities.
>> With that being said, in my opinion, Postfix is also a much more
>> flexible MTA.
>>
>> Josh
>
> Well, I'd call that a red herring as Sendmail is just as flexible. The main
> issues that people have with Sendmail regarding security or flexibility come
> from the fact that you need to understand the configuration language that
> Sendmail's configuration files use. If you don't, yes, you can easily eff up
> the the security of your mail infrastructure and can get lost quickly if
> you're trying to configure it for more functionality/mail routing/etc.
>
> Sure there have been vulnerabilities in the past, but so has
> postfix/exim/dbmail/etc.... I think the main reason upstream changed to
> Postfix is mostly a) most Linux distributions are using it as the default
> MTA now, and b) it is easier to configure and nothing more.
What you really want with sendmail is a milter-multiplexer like
MimeDefang where you can do anything you want without slowing down the
faster native sendmail steps and handle the unusual configuration parts
in a snipped of perl. Now that postfix has gotten milters right I think
you could use MimeDefang with it too.
But, sendmail these days is probably the most strictly audited piece of
code on your server so I think the OP is just following bad advice.
--
Les Mikesell
lesmikesell@xxxxxxxxx
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
