Re: pop mail recommendations
Ted Cabeen <email@example.com> writes:
> If we disregarded software that has had problems in the
> past, sendmail would be dead and buried by now.
I haven't looked at the code of either sendmail or qpopper myself, but
all people I trust to be competent on the issue say that sendmail (or
bind to name another example) has a bloated, crappy codebase that is
impossible to manage with regard to security.
Security problems don't just happen, they depend on the way you
program. If a piece of software has had security issues in the past
due to the code being bloated, unstructured, and messy, chances are it
will have problems in the future. If a program is well-written,
nicely structured, lean, and concentrates on the specific task it is
supposed to accomplish (sendmail.conf is said to be a turing-complete
programming language ;) you have a much better chance of security.