>BIND works in the hand of a skilled sysadmin. The config files are straight
forward and not very complicated.
A skilled sysadmin like you is not the common (i really mean it, NO
sarcasm).
But simple things, and doing one thing at a time and do it well is the motto
of UNIX, and it works.
>Who runs a nic with unattended updates enabled? That's just bad practice on
a production system. And no roll back procedure? Even worse . . .
If they use tinydns they wouldn't have any update to do.
Say, rollback procedure?, yes, it taked 2 hours.
Is a whole country DNS server with several replicates.
>> And CERT Security Warning are FUD too?
>>
>> Is a technical mistake, not administrative.
>I disagree. Automatic updates on something as important as a nic is just
bad management. Updates should be tested before deployed.
Tested with how many domains? 2 , 3, ten thousand, one million?, how many
replicates?
You are disagreeing with CERT Advisories too? :-P
Maybe nic.es is stupid (and it is) but if you put another stone in her
way...
>> BIND is to DNS what sendmail is to mail.
>Sendmail is very neat. It supports a lot of features that are quickly
becoming mandatory. We're not there yet. We still don't have srs support,
which is >required for proper spf to work.
I don't say that sendmail is not neat, i said is the same example.
Is the reference implementation. Is unsecure (do you remember infamous
Morris Internet Worm ), fat and very ugly to maintain (yep, it is and it
was).
Yes, the features that sendmail implements are great, they have a lot of
people working on it.
Maybe qmail community must do something with getting a more modulable and
extensible qmail.
Qmail is a good base.
>> Why do you use Qmail?
>Because I like the architecture, the community, the flow.
>I do dislike that the license has become an impediment. Keeping features up
to date without the ability to ship modified binaries has seriously limited
the number of people willing to work on the system.
Yep, If DJB were a lil' more pragmatic will let binary modifications and
distributions and if he didn't like other people's code under his projects,
simply don't permit endorsement of names Qmail, or Tinydns or djb and that
trademarks.
But this is the only problem I see. (is not a big one, since you are using
qmail, doesn't you?)
Exim and postfix are good projects to look at, too.
>The fact that QmailToaster is where it is today is really a testament to
the patience of Bill Shupp & Nick Hemmesch.
Yep, I agree. Thanks to all the community :-)
BEGIN:VCARD
VERSION:2.1
N:Sánchez Martín;David
FN:[EMAIL PROTECTED] ([EMAIL PROTECTED])
ORG:E2000 Financial Investments, S.A.;Centro de Nuevas Tecnologías
TITLE:Administrador de Sistemas
TEL;WORK;VOICE:902196177
ADR;WORK;ENCODING=QUOTED-PRINTABLE:;;Agust=EDn Bravo 17 2=BA B=0D=0A33120 PRAVIA;Asturias;;;Espa=F1a
LABEL;WORK;ENCODING=QUOTED-PRINTABLE:Agust=EDn Bravo 17 2=BA B=0D=0A33120 PRAVIA=0D=0AAsturias=0D=0AEspa=F1a
URL;WORK:http://www.e2000.es
EMAIL;PREF;INTERNET:[EMAIL PROTECTED]
REV:20060705T152542Z
END:VCARD
---------------------------------------------------------------------
QmailToaster hosted by: VR Hosted <http://www.vr.org>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
