[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: idea: switch default MTA from exim4 to postfix (wheezy+1)

On Thu, 2012-11-01 at 22:48, Hideki Yamane wrote:
> Hi,
>  Now we are using Exim as default MTA, but I doubt whether it'd be best
>  choice since several critical security vulnerabilities has found this
>  two or three years.
>  Yes, it's often that such vulnerability has been found for software (of
>  course), however, other MTA like postfix has less vulnerabilities than
>  Exim.
>  So I suggest switch from Exim to Postfix for default MTA.
> Pros)
>  - Postfix has less vulnerabilities than Exim during years
>    If we choose postfix for default,  probably it's more secure than using
>    Exim ***by default***. It's good for our users.
>    Exim: 8 DSAs and 13 CVEs and some high and remote vulns as NVD severity
>      http://security-tracker.debian.org/tracker/source-package/exim4 
>      and http://security-tracker.debian.org/tracker/source-package/exim
>    Postfix: 3 DSAs and 10 CVEs and no high vulns since its first release
>      http://security-tracker.debian.org/tracker/source-package/postfix
> Cons)
>  - well, maybe I didn't get it ;) If you want to continue to use Exim, you
>    can do it via apt-get.
>  Please let me know your idea for this.

Should be done 10 years ago, IMHO. Why wait?

OT: and same for bind and use dbndns (djbdns).

Kind regards,  Milan

Reply to: