On Wed, 2020-02-12 at 11:53 -0600, Tom Browder wrote:
> I started looking in to use of OpenSMPTD for a mail server and have
> installed it from Debian packages.
>
> In the process of reading a blog article by the current developer I
> discovered the upstream is now at version 6.6.2p1+ after some serious
> security issues were discovered by SSL Labs (Qualys). Note that
> Debian
> 10 is only at version 6.0.3p1!
Are the security issues you are worried about not already fixed in
Debian's package? To check, you can look at the changelog for the
security update released two weeks ago...
https://metadata.ftp-master.debian.org/changelogs//main/o/opensmtpd/opensmtpd_6.0.3p1-5+deb10u3_changelog