[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: idea: switch default MTA from exim4 to postfix (wheezy+1)



I am curious to know why you would like to see bind replaced with dbndns?

----- Original Message -----
From: "Milan P. Stanic" <mps@arvanta.net>
To: debian-security@lists.debian.org
Sent: Thursday, 1 November, 2012 10:53:19 AM
Subject: Re: idea: switch default MTA from exim4 to postfix (wheezy+1)

On Thu, 2012-11-01 at 22:48, Hideki Yamane wrote:
> Hi,
> 
>  Now we are using Exim as default MTA, but I doubt whether it'd be best
>  choice since several critical security vulnerabilities has found this
>  two or three years.
> 
>  Yes, it's often that such vulnerability has been found for software (of
>  course), however, other MTA like postfix has less vulnerabilities than
>  Exim.
> 
>  So I suggest switch from Exim to Postfix for default MTA.
> 
> 
> Pros)
>  - Postfix has less vulnerabilities than Exim during years
>    If we choose postfix for default,  probably it's more secure than using
>    Exim ***by default***. It's good for our users.
> 
>    Exim: 8 DSAs and 13 CVEs and some high and remote vulns as NVD severity
>      http://security-tracker.debian.org/tracker/source-package/exim4 
>      and http://security-tracker.debian.org/tracker/source-package/exim
>          
>    Postfix: 3 DSAs and 10 CVEs and no high vulns since its first release
>      http://security-tracker.debian.org/tracker/source-package/postfix
> 
> 
> Cons)
>  - well, maybe I didn't get it ;) If you want to continue to use Exim, you
>    can do it via apt-get.
> 
>  Please let me know your idea for this.

Should be done 10 years ago, IMHO. Why wait?

OT: and same for bind and use dbndns (djbdns).

-- 
Kind regards,  Milan


-- 
To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20121101145318.GA11010@arvanta.net">http://lists.debian.org/20121101145318.GA11010@arvanta.net


Reply to: