[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: New free secure open source IBM mailer aka Vmailer aka Postfix



On Thu, 24 Dec 1998, Shachar Tal wrote:

> Hi,
> On Thu, 24 Dec 1998, Peter L. Peres wrote:
> 
> > 
> > Is this a Chameleon ? How many times can an email program change names and
> > stay the same (?) thing ?
> > 
> > http://www.postfix.org
> 
> Vmailer (which is now named postfix) is a secure (not so, but it claims to
> be one) drop-in replacement for sendmail. It is purely UNIX as of now, and
> is written by Wietse Venema, who is infamous for cursing Dan J. Bernstein

Wietse Venema is infamous for being the author of security tools such as
the tcp-wrapper we all use, satan, portmap and some more.
and the name was changed bcoz it was taken by another piece of software.

> (the author of qmail) about every concept he has put in qmail. You can
> read all about the bugs and design flaws in the BUGTRAQ list archives. One
> such design flaw, for example, enables a malicious local user on the MTA
> machine to delete other users' email. 
> 
??? ru sure? they mention some other problems regarding world writable
spool dir.
btw, directory is with sticky bit, just like any /tmp on any u*x box.


--Eli
+--------------------------------------------------------------------+
| Eli Beker                             http://www.ibm.net.il/~beker |
| Unix System Admin.                    beker@ibm.net.il             |
| IBM Global Networking - IBM Israel    Vnet: LBE at TELVM1          |
| Phone : +972-3-6978687                Fax   : +972-3-6978115       | 
+--------------------------------------------------------------------+