-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Content-Type: text/plain; charset=us-ascii

In message <3D9B4C3A.F56AFBC0mesos.de>, Ralf Dreibrodt writes:
>Hello withoutrealname,
>WebMaster wrote:
>> > well, the software is just about one year old, right?
>> > so there probably aren't a lot of people who use it, so there aren't
>> > lot of attacks.
>> > just wait one and two years and there probably will be some bugs.
>>
>> qmail...
>
>i was talking about pureftpd.
>qmail itself perhaps had no securityproblems, but other programs, e.g.
>vpopmail or vchkpw.

Excatly. IMHO, qmail has avoided many security bugs because it's
feature-poor. Many new features that are provided as standard in other mail
servers are unsupported patches to stock qmail. Thus qmail avoids some of the
holes that appear in other servers because they are adding features instead of
standing still. However, the underlying design concepts of qmail are quite
solid, which is why postfix uses a similar architecture.

That said, they're both very good mail servers, just with slightly different
focuses.

- --
Ted Cabeen http://www.pobox.com/~secabeen tedimpulse.net
Check Website or Keyserver for PGP/GPG Key BA0349D2 secabeenpobox.com
"I have taken all knowledge to be my province." -F. Bacon secabeencabeen.org
"Human kind cannot bear very much reality."-T.S.Eliot cabeennetcom.com

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (FreeBSD)
Comment: Exmh version 2.5 07/13/2001

iD8DBQE9m1ReoayJfLoDSdIRApKZAJwP9KqBuiOq691o50sb5nPt2wL/OgCbBdh7
RdHnc1K6kY9Jbu6NRxjx4yk=
=U9Vc
-----END PGP SIGNATURE-----

-- 
To UNSUBSCRIBE, email to debian-security-requestlists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmasterlists.debian.org

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]