On Wed, Jul 16, 2003 at 12:12:59AM +1000, Craig Sanders wrote: > while (AFAIK) there are no current exploits for exim, that is more by accident > or luck than by design - the monolithic mail daemon running as root design is > inherently insecure. OK, Craig, this statement betrays your ignorance. You clearly don't know enough about exim to make a significant contribution to this conversation. Exim *does not run as root*. OK? It starts as root to bind to port 25. Period. It then drops root privilages and runs as uid mail. Deliveries are not done as root, but as mail. > exim is certainly not fast, and while it may be adequate for tiny mail > systems with trivial loads, it doesn't scale up to large mail systems > - which is an important point, debian is better off with a default MTA > that can handle any load thrown at it. That is utterly rediculous. I'm building a new mail system to handle a significant number of users right now, and what's it going to run? Exim4. Why? Flexibility, performance, and ease of configuration. Look at who wrote exim. I can't imagine that the University of Cambridge (UK) would use a mere toy MTA that is incapable of handling a very significant load. According to their web site, that site has 16500 students, to say nothing of staff and faculty and other email users. Obviously exim can handle the load imposed by these peoples' mail, so it's certainly powerful enough to run as the default MTA on Debian systems. > > P.S. Does anyone disagree that this is, essentially, a religious issue? > > no, it's a quality issue. If you want to make it a quality issue, get your facts straight. You're on a religious crusade against exim. Stop. > this idea may be blasphemous in today's anti-meritorious world of > standardised mediocrity but not all things are the same. some things > really are better than others. Sure, but all the claims you've made thus far about postfix's superiority over exim have been false. If you continue to insist that postfix is leagues better than exim, please continue to run it on your servers. I'm sure it will serve you just fine. It'd a damn good MTA. So is exim. noah
Attachment:
pgpUVhriv4Byh.pgp
Description: PGP signature