On Sat, 2004-10-30 at 21:07, Michael A. Peters wrote: [snip] > Even in the default case postfix is better. You can run it more > securely in a chroot jail than you can sendmail, and it's security > record isn't nearly as blemished as sendmail. That blemished past is pretty far in the past. The number of security holes per year has dramatically decreased in recent years. Note that it used to be measured in holes/week, but take a look at www.sendmail.org and you'll see that the last hole was over a year ago. So it's a matter of preference, really. But I'm hoping this doesn't turn into an all-out 'my-MTA-is-better-than-yours' religious war. Please let's endeavor to not let that happen. But in the default case, your argument doesn't hold much water. I don't know if it's possible to run sendmail in a chroot jail, but given that it only listens to localhost by default, it's not that big a deal. Those who enable it to listen on the public interface should know what they are doing, and that goes for *any* deamon listening on a public interface. > And for cases where you do need to change default configuration, for > the vast majority of them postfix is both easier to configure and more > secure. Easier is a relative term. Depends on what you are used to. Certainly, its easier for the average joe, agreed. > But Fedora won't change to postfix because of management people of the > kind you see in Dilbert who insist upon sendmail in RHEL and if they > aren't going to switch to postfix in RHEL then they won't switch to > postfix in Fedora. Man, oh, man. When we will people stop with these silly conspiracy theories? Find me one PHB who even knows what sendmail and postfix *are*. > The Fedora merger I had hoped would shoot for desktop market - but > instead it shoots for a testing platform for RHEL. Well, you're entitled to hope, but Fedora was *never* targeted at the desktop market. Or any *market*, so to speak: Purpose: Server/Desktop/Workstation User: Enterprise/Home/Hobbyist-Enthusiast-Developer The above two classifications are orthogonal. Combine any one from the first list with any one from the second list. Fedora is aimed at the Hobbyist-Enthusiast-Developer. That does not preclude Server, Desktop, or Workstation, but your mileage may vary. It's pretty much implied in the stated goals of Fedora that it is where new things get tried out before being included in RHEL. Red Hat tries not break things horribly. And I've think it's done a pretty good job. Except, see below. > This is probably > also why they royally screwed up the benefits of rpm by now WITHOUT > WARNING allowing files from one rpm to replace files of another. Though I don't think it is why it's screwed up the benefits of rpm, I do agree that the recent fileconflicts handling (or non-handling) is a major boo-boo, and hope that the change is backed out before release of FC3. It's bad, real bad. -- -Paul Iadonisi Senior System Administrator Red Hat Certified Engineer / Local Linux Lobbyist Ever see a penguin fly? -- Try Linux. GPL all the way: Sell services, don't lease secrets
