Re: POP3 and SMTP server for an ISP

To: "Jeremy C. Reed" <reed@wcug.wwu.edu>
Cc: Litzler Mih?ly <lici@hit.hu>, debian-isp@lists.debian.org
Subject: Re: POP3 and SMTP server for an ISP
From: tps@unslept.com
Date: Sat, 17 Feb 2001 12:12:36 -0500
Message-id: <20010217121236.A6071@major.pita.org>
In-reply-to: <Pine.BSO.4.21.0102170817030.20107-100000@sloth.wcug.wwu.edu>; from reed@wcug.wwu.edu on Sat, Feb 17, 2001 at 08:42:04AM -0800
References: <01d001c097c4$c5f7a7e0$6503a8c0@root> <Pine.BSO.4.21.0102170817030.20107-100000@sloth.wcug.wwu.edu>

On Sat, Feb 17, 2001 at 08:42:04AM -0800, Jeremy C. Reed wrote:
> On Fri, 16 Feb 2001, [iso-8859-2] Litzler Mihály wrote:
> 
> > Okey, what do you think about the security of exim?
> 
> I couldn't find any Exim advisories or incident or Vulnerability notes at
> CERT.

There are none.

> I found a July 1997 BugTraq posting for a very old version of Exim (posted
> by Qmail's author).

Go figure. :)

> You can't really easily search the SecurityFocus website for Exim --
> because the headers are indexed AND many emails were sent by Exim :)
> 
> This subject of "security of exim" has been discussed on the exim-users
> mailing lists various times and it always reports that there has been very
> few security issues, no known exploits and a bunch of testimonials for
> using Exim.

Yup. I've been using Exim since way before it was part of Debian. I've
*never* had a problem.

> I use exim because: 1) simple, easy-to-understand syntax; 2) extremely
> detailed documentation, FAQ and examples; 3) friendly mailing list; 4)
> friendly author/developer; 5) many testimonials; 6) no known security
> issues; 7) numerous capabilities, such as anti-relaying features,
> filtering, mail routing control, etc.; 8) it was default with Debian :)
> 
> I have read several testimonials of Exim like: "we use an old SparcStation
> 20 to ship around 60,000 emails a day and according to the exim stats 98%
> of those are shipped in under a minute." And "have used exim to cope with
> the mail for freeserve (3 million users) and we never had any problems
> with it." And "processed several hundred thousand messages a day across
> 7000+ virtual domains."

Well, another testimony is that I use Exim on the SMTP gateway machine
for bnl.gov, and it uses an extensive filter to look for 'nasties', 
does the black-list blocking, along with our own long list of unsavory
sites, subjects and content filtering. Nominal traffic is about 1.5-2.0
GB/day, each way. All mail for the site goes through this box. It's
handled up to about 20GB in a single day, and the load on the box never 
went above .10. This is a PIII-500 with 512MB RAM. *Way* overkill for
what it's handling. 

Someday in the near future (6-10 months) we'll be upgrading the WAN
connection from OC-3 to OC-12. It may be a little more loaded at that
point, but I doubt it.

Tim

-- 
   >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
   >> Tim Sailer (at home)             ><  Coastal Internet, Inc.          <<
   >> Network and Systems Operations   ><  PO Box 671                      <<
   >> http://www.buoy.com              ><  Ridge, NY 11961                 <<
   >> tps@unslept.com/tps@buoy.com     ><  (631) 924-3728                  <<
   >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

Reply to:

Follow-Ups:
- Re: POP3 and SMTP server for an ISP
  - From: Litzler Mihály <lici@hit.hu>

References:
- Re: POP3 and SMTP server for an ISP
  - From: Litzler Mihály <lici@hit.hu>
- Re: POP3 and SMTP server for an ISP
  - From: "Jeremy C. Reed" <reed@wcug.wwu.edu>

Prev by Date: Re: POP3 and SMTP server for an ISP
Next by Date: Masquerading and users...
Previous by thread: Re: POP3 and SMTP server for an ISP
Next by thread: Re: POP3 and SMTP server for an ISP
Index(es):
- Date
- Thread