[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: pop mail recommendations

Ted Cabeen <ted@impulse.net> writes:

> If we disregarded software that has had problems in the 
> past, sendmail would be dead and buried by now.


I haven't looked at the code of either sendmail or qpopper myself, but
all people I trust to be competent on the issue say that sendmail (or
bind to name another example) has a bloated, crappy codebase that is
impossible to manage with regard to security.

Security problems don't just happen, they depend on the way you
program.  If a piece of software has had security issues in the past
due to the code being bloated, unstructured, and messy, chances are it
will have problems in the future.  If a program is well-written,
nicely structured, lean, and concentrates on the specific task it is
supposed to accomplish (sendmail.conf is said to be a turing-complete
programming language ;) you have a much better chance of security.


Reply to: