Slashdot Mirror

← Back to Stories (view on slashdot.org)

Qmail At 10 Years — Reflections On Security

Posted by kdawson on from the eliminating-code dept.

os2man writes "Qmail is one of the most widely used MTAs on the Net and has a solid reputation for its level of security. In 'Some thoughts on security after ten years of qmail 1.0' (PDF), Daniel J. Bernstein, reviews the history and security-relevant architecture of qmail; articulates partitioning standards that qmail fails to meet; analyzes the engineering that has allowed qmail to survive this failure; and draws various conclusions regarding the future of secure programming. A good read for anyone involved in secure development."

3 of 304 comments (clear)

  1. Re:Qmail and the patchset of doom by snemarch · · Score: 0, Troll

    Ho humm, is qmail really that great? A lot of what DJB writes makes sense, but he seems to have a whole bunch of zealot followers who will flame you to death if you rise any questions about qmail stability/security. While some of the points in http://www.dt.e-technik.uni-dortmund.de/~ma/qmail-bugs.html are near the point of irrelevance, it certainly still doesn't give me a lot of confidence in qmail.

    --
    Coffee-driven development.
  2. Re:Of course it's secure by Stu+Charlton · · Score: 0, Troll

    Millions of companies use Windows mail servers with no problems or complaints.

    *COUGH* *HACK* ahh, um... how to put this....

    Are you FUCKING kidding me?

    I mean, yes, it's much more stable than some might say, but "NO PROBLEMS OR COMPLAINTS"?

    It's only linux fanboys that think that Windows keeps crashing.

    Well, sure, Windows doesn't crash as often as people think, but ...
    - security holes?
    - patch instability?

    I've NEVER EVER seen a modern Windows server crash or lock up.

    Either you have had next to zero experience running a large data centre, or your hardware is completely infallible.

    Has it occurred to you that the OP wasn't speaking about "crashes" but was speaking about
    - security holes & exploits
    - corruption
    - management nightmares
    etc.

    Particularly with the most common Windows mail server, Exchange. Yes, there are alternative Windows servers, and yes they're solid ones. And yes, there's plenty of holes on the UNIX side too. But recognize that you can't just point to *NIX and say "that would take too long for me" and assume it would take the same amount of time for everyone. Skills and experiences vary.

    And recognize that the most common Windows mail server in "millions of companies" is not some alternative to Exchange. It's Exchange.

    --
    -Stu
  3. DJB is a cool guy! by Hayden+Panettiere · · Score: 0, Troll

    I don't know why everyone picks on DJB. I think he's neat! You'd have to be at least as awesome as DJB to get a date with me.