Fedora Core 2 wishlists

Chris Ricker kaboom at gatech.edu
Wed Dec 10 15:32:13 UTC 2003


On Wed, 10 Dec 2003, Chris Adams wrote:

> Milter is probably the biggest reason at the moment.  I filter 1000
> spams a minute with a multi-server setup using milter (sendmail is
> running on several servers and the milter server is on another server).

Okay. Postfix certainly doesn't support milter, though the equivalent can be
done other ways. There have been noises about writing a milter-compatible
extension to Postfix, but AFAIK no one's scratched that itch b/c so far it's
just been easier to do things Postfix-style instead....

> Also, I have some heavily tuned custom configs.  Can postfix allow
> multiple DNSBLs to be merged into one (with different response code) to
> cut down on DNS requests, and allow some to reject before RCPT TO and
> some after?

Assuming I'm following how you're doing this, yes.

> I also know of people that still use UUCP.

Postfix can do uucp.

> > Postfix is a viable alternative to sendmail with a much better security
> > history and architecture. These other projects don't have secure usable
> > replacements.
> 
> There's plenty of other web servers and there are a couple of other SSH
> servers IIRC.

Not that are as usable and any more secure. SSH alternatives that are open 
source are worse than OpenSSH. Other web servers don't support all the 
modules Apache does....

> There've only been a few problems with sendmail in recent years, and
> those have been found by people examining the code closer than ever.  I
> think that sendmail is one of the more scrutinized pieces of code
> around.

Yes. The fact that it's been scrutinized for 25 years now and people are
still unearthing remote remote exploits when they examine it certainly does
say something about its design and coding style. I'm not certain that's the 
point you were trying to make, though ;-)

later,
chris





More information about the devel mailing list