>BIND works in the hand of a skilled sysadmin. The config files are straight forward and not very complicated.
A skilled sysadmin like you is not the common (i really mean it, NO sarcasm). But simple things, and doing one thing at a time and do it well is the motto of UNIX, and it works. >Who runs a nic with unattended updates enabled? That's just bad practice on a production system. And no roll back procedure? Even worse . . . If they use tinydns they wouldn't have any update to do. Say, rollback procedure?, yes, it taked 2 hours. Is a whole country DNS server with several replicates. >> And CERT Security Warning are FUD too? >> >> Is a technical mistake, not administrative. >I disagree. Automatic updates on something as important as a nic is just bad management. Updates should be tested before deployed. Tested with how many domains? 2 , 3, ten thousand, one million?, how many replicates? You are disagreeing with CERT Advisories too? :-P Maybe nic.es is stupid (and it is) but if you put another stone in her way... >> BIND is to DNS what sendmail is to mail. >Sendmail is very neat. It supports a lot of features that are quickly becoming mandatory. We're not there yet. We still don't have srs support, which is >required for proper spf to work. I don't say that sendmail is not neat, i said is the same example. Is the reference implementation. Is unsecure (do you remember infamous Morris Internet Worm ), fat and very ugly to maintain (yep, it is and it was). Yes, the features that sendmail implements are great, they have a lot of people working on it. Maybe qmail community must do something with getting a more modulable and extensible qmail. Qmail is a good base. >> Why do you use Qmail? >Because I like the architecture, the community, the flow. >I do dislike that the license has become an impediment. Keeping features up to date without the ability to ship modified binaries has seriously limited the number of people willing to work on the system. Yep, If DJB were a lil' more pragmatic will let binary modifications and distributions and if he didn't like other people's code under his projects, simply don't permit endorsement of names Qmail, or Tinydns or djb and that trademarks. But this is the only problem I see. (is not a big one, since you are using qmail, doesn't you?) Exim and postfix are good projects to look at, too. >The fact that QmailToaster is where it is today is really a testament to the patience of Bill Shupp & Nick Hemmesch. Yep, I agree. Thanks to all the community :-)
BEGIN:VCARD VERSION:2.1 N:Sánchez Martín;David FN:[EMAIL PROTECTED] ([EMAIL PROTECTED]) ORG:E2000 Financial Investments, S.A.;Centro de Nuevas Tecnologías TITLE:Administrador de Sistemas TEL;WORK;VOICE:902196177 ADR;WORK;ENCODING=QUOTED-PRINTABLE:;;Agust=EDn Bravo 17 2=BA B=0D=0A33120 PRAVIA;Asturias;;;Espa=F1a LABEL;WORK;ENCODING=QUOTED-PRINTABLE:Agust=EDn Bravo 17 2=BA B=0D=0A33120 PRAVIA=0D=0AAsturias=0D=0AEspa=F1a URL;WORK:http://www.e2000.es EMAIL;PREF;INTERNET:[EMAIL PROTECTED] REV:20060705T152542Z END:VCARD
--------------------------------------------------------------------- QmailToaster hosted by: VR Hosted <http://www.vr.org> --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]