-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Content-Type: text/plain; charset=us-ascii
In message <[EMAIL PROTECTED]>, Ralf Dreibrodt writes: >Hello withoutrealname, >WebMaster wrote: >> > well, the software is just about one year old, right? >> > so there probably aren't a lot of people who use it, so there aren't >> > lot of attacks. >> > just wait one and two years and there probably will be some bugs. >> >> qmail... > >i was talking about pureftpd. >qmail itself perhaps had no securityproblems, but other programs, e.g. >vpopmail or vchkpw. Excatly. IMHO, qmail has avoided many security bugs because it's feature-poor. Many new features that are provided as standard in other mail servers are unsupported patches to stock qmail. Thus qmail avoids some of the holes that appear in other servers because they are adding features instead of standing still. However, the underlying design concepts of qmail are quite solid, which is why postfix uses a similar architecture. That said, they're both very good mail servers, just with slightly different focuses. - -- Ted Cabeen http://www.pobox.com/~secabeen [EMAIL PROTECTED] Check Website or Keyserver for PGP/GPG Key BA0349D2 [EMAIL PROTECTED] "I have taken all knowledge to be my province." -F. Bacon [EMAIL PROTECTED] "Human kind cannot bear very much reality."-T.S.Eliot [EMAIL PROTECTED] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) Comment: Exmh version 2.5 07/13/2001 iD8DBQE9m1ReoayJfLoDSdIRApKZAJwP9KqBuiOq691o50sb5nPt2wL/OgCbBdh7 RdHnc1K6kY9Jbu6NRxjx4yk= =U9Vc -----END PGP SIGNATURE-----