[100416] in RedHat Linux List
Re: how secure are sendmail and POP3 on Red Hat?
daemon@ATHENA.MIT.EDU (Chuck Mead)
Fri Nov 20 12:34:02 1998
Date: Fri, 20 Nov 1998 12:29:08 -0500 (EST)
From: Chuck Mead <chuck@moongroup.com>
To: redhat-list@redhat.com
In-Reply-To: <862566C2.00557B05.00@domino.prominic.com>
Resent-From: redhat-list@redhat.com
Reply-To: redhat-list@redhat.com
On Fri, 20 Nov 1998, Justin Kuntz wrote:
> I am wondering: is it fairly safe to open only the SMTP port to sendmail
> running on Linux? I thought a while ago this was considered a big security
> hole.
To date there aren't any compromises that I'm aware of with sendmail
8.9.1. I subscribe to CERT and I haven't seen any reports come
through there. I use it on my box (the source of this email) and
have had no problems what ever.
> What about POP3? Are there "safer" versions of these services that
> are in wide use on Linux?
The imap rpm seems to be solid. The previous version suffered from a
buffer overflow exploit which was fixed in the current release and
I've not heard any negative reports at all. I use it. (Note: the
imap rpm aldo contains the standard pop daemons for Linux).
> The functionality we seek is fairly simple
> compared to all of the features of sendmail, which as everyone knows is a
> vast MTA package.
>
> Thank you,
>
> Justin
>
>
>
> --
> PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
> http://www.redhat.com http://archive.redhat.com
> To unsubscribe: mail redhat-list-request@redhat.com with
> "unsubscribe" as the Subject.
>
Cheers!
--
Chuck Mead, CEO - Moongroup Consulting, Inc. <chuck@moongroup.com>
http://www.moongroup.com/
http://www.moongroup.com/unix/
There's no such thing as a free lunch.
-- Milton Friendman
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com http://archive.redhat.com
To unsubscribe: mail redhat-list-request@redhat.com with
"unsubscribe" as the Subject.
