Re: Postfix as default MTA?
Le 1999-06-28, Steve Lamb écrivait :
> Personally I see nothing about Postfix which makes it more secure than Exim
> in any regard.
The reasons why I see Postfix as more secure than Exim are the following:
- Postfix was designed with security in mind from the beginning;
although Exim was much improved in this respect, security
was not a major concern at the beginning of its development.
Philip Hazel, author of Exim, explains this point at
http://www.deja.com/[ST_rn=ps]/getdoc.xp?AN=432082346.
- In the security model of Postfix, no program has ever to
trust the input it gets from another. Postfix divides
the MTA's functionality into several binaries, only one
of which has to run as root in order to be able to
bind to the SMTP port. No Postfix binary is set-uid root.
I am also quite reassured by Wietse Venema's long and recognised
experience in writing UNIX security software.
Thomas.
--
Thomas.Quinot@Cuivre.FR.EU.ORG <URL:http://web.fdn.fr/~tquinot/>
Reply to: