idea: switch default MTA from exim4 to postfix (wheezy+1)
Now we are using Exim as default MTA, but I doubt whether it'd be best
choice since several critical security vulnerabilities has found this
two or three years.
Yes, it's often that such vulnerability has been found for software (of
course), however, other MTA like postfix has less vulnerabilities than
So I suggest switch from Exim to Postfix for default MTA.
- Postfix has less vulnerabilities than Exim during years
If we choose postfix for default, probably it's more secure than using
Exim ***by default***. It's good for our users.
Exim: 8 DSAs and 13 CVEs and some high and remote vulns as NVD severity
Postfix: 3 DSAs and 10 CVEs and no high vulns since its first release
- well, maybe I didn't get it ;) If you want to continue to use Exim, you
can do it via apt-get.
Please let me know your idea for this.
Hideki Yamane henrich @ debian.or.jp/org