[plug] This Mailing list

John Summerfield summer at OS2.ami.com.au
Sat Jan 29 05:28:35 WST 2000


> John Summerfield wrote:
> > I don't think sendmail is as bad as people claim, and I don't believe many
> > on this list will gain anything at all by replacing it; the act of
> > evaluating alternatives itself is a pretty hefty investment (especially if
> > it's not being undertaken by a hobbyist for personal use); recovering that
> > investment would take quite some time. otoh I I don't believe it's perfect
> > either, or necessarily better in any particular respect than those
> > alternatives.
> 
> Sendmail probably isn't as bad as most people make out, but at the same
> time there would seem to be *some* validity to *some* of the claims
> given they come up so frequently.  Perhaps most on this list wouldn't
> gain very much by replacing it but, consider that many subscribers to
> this list have little interest in spending too much time administering
> their Linux machines; they'd much rather spend their time using them. 
> When the next sendmail security bug is discovered, if these people want
> to keep their machines safe, they have no option but to subscribe to a

That is complete rubbish. 

If people want to keep their machines absolutely safe they won't connect 
to the Internet. Next best is to configure it to not allow connexions from 
outside to smtp, dns, ftp, http etc by configuring ipchains appropriately.


I'm on several watch lists; I don't recall a mention of sendmail. Red Hat 
software is pretty good with security-related updates but there have been 
no between-release updates of sendmail since Feb 1997 when sendmail 8.8.5 
was released for RHL 4.1.

"Is Red Hat 4.1 supported?" I hear. Well, Red Hat releases upgrades to 
4.2, 5.2 and 6.1 (the latest 6). 5.2 upgrades fit a lightly-upgraded 5.x; 
I do not have a 4.{0,1} system but I expect little difficulty applying 4.2 
upgrades to one.

I do note that bind (much more troublesome than sendmail) has a recent 
upgrade for 4.2:
 ftp://sunsite.unc.edu/pub/Linux/distributions/redhat/updates/4.2/i386/bind
-8.2.2_P3-0.4.2.i386.rpm

so the answer's yes.


-- 
Cheers
John Summerfield
http://os2.ami.com.au/os2/ for OS/2 support.
Configuration, networking, combined IBM ftpsites index.





More information about the plug mailing list