sendmail is a security nightmare, for versions <=7
Posted Sep 1, 2006 1:03 UTC (Fri) by dlang
(✭ supporter ✭
Parent article: A comparison of Mail Transfer Agents - Part Two
since the 8.x release sendmail has been pretty good from a security point of view, to the extent that the old saw about the biggest target having the most reports has some validity.
it does suffer a little from supporting every OS under the sun (and the complications that are nessasary to do this)
sendmail also has a ton of features that most people don't need, but when you need them they are relativly easy to turn on.
sendmail has three different ways of configuring it
from easiest to hardest they are
1. the Sendmail INC GUI, (interprets and creates .m4 files)
2. manipulating m4 files (get compiled into .cf files)
3. manipulating .cf files
saying that sendmail is hard to administer becouse .cf files are bad is like saying that developing a compiled python program is hard becouse the resulting binary is hard to understand and change (here the three levels are python->C->machine code) only experts who are doing really strange things should ever need to manipulate the .cf files
this hasn't always been the case, back in the sendmail 5 days people were expected to work with the .cf files directly. Frankly I'm glad I'm young enough to have missed those days :-)
to post comments)