Date: Sun, 17 Nov 1996 17:34:25 -0800 From: Don Lewis <Don.Lewis@tsc.tdk.com> To: Adam Shostack <adam@homeport.org>, pgiffuni@fps.biblos.unal.edu.co Cc: freebsd-security@FreeBSD.org Subject: Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2). Message-ID: <199611180134.RAA14418@salsa.gv.ssi1.com> In-Reply-To: Adam Shostack <adam@homeport.org> "Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2)." (Nov 17, 7:05pm)
next in thread | previous in thread | raw e-mail | index | archive | help
On Nov 17, 7:05pm, Adam Shostack wrote: } Subject: Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2). } Pedro Giffuni S. wrote: } [Charset iso-8859-1 unsupported, filtering to ASCII...] } | Adam Shostack wrote: } | > } | > On another note, how about qmail replacing sendmail? } } | qmail has a homee page some where, I have a copy on my ftp site..I can } | look if you need it. } | It would be good to have a port. } } www.qmail.org } } My suggestion was a little further reaching than that; I'm } planning to replace sendmail with qmail real soon, and that helps me a } lot. My suggestion was meant to imply the possibility of removing } sendmail from the FreeBSD distribution, and only shipping qmail. Qmail doesn't do all the ESMTP negotiation that sendmail does. It keeps qmail simpler and less likely to be buggy, but not as functional. For instance sendmail 8.7.x supports: 8BITMIME, SIZE, DSN, VERB, ONEX, but whatever version of qmail I just checked only supports 8BITMIME and PIPELINING. Sendmail 8.8.x adds ETRN. Qmail wants to look up the addresses of all the hosts listed in the MX records for and address so that it can compare them with the addresses of the host. This fixes the problem of "mail loops back to myself" that you get when you misconfigure DNS and/or sendmail, but I think it means that if qmail can't get the address of the most preferred MX host, it can't forward the message to any of the other mail exchangers because this could cause the message to loop. Sendmail's support of UUCP isn't wonderful (mostly a problem of getting DNS totally disabled). How well does qmail support UUCP? If you sent a message to ten different people at the same machine, qmail likes to send ten individual copies, even though this might be a large message and the link expensive (I believe this feature can be turned off). If you send a message to two people at two different addresses that have the same set of MX records, sendmail will send one copy of the message and let the mail exchanger at the other end duplicate the message (but this adds the latency of the second DNS lookup to the delivery of the first message). Other than the above, I think that qmail has a lot of advantages. --- Truck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199611180134.RAA14418>