On Fri, 16 Feb 2001, [iso-8859-2] Litzler Mihály wrote: > Okey, what do you think about the security of exim?
I couldn't find any Exim advisories or incident or Vulnerability notes at CERT. I found a July 1997 BugTraq posting for a very old version of Exim (posted by Qmail's author). You can't really easily search the SecurityFocus website for Exim -- because the headers are indexed AND many emails were sent by Exim :) This subject of "security of exim" has been discussed on the exim-users mailing lists various times and it always reports that there has been very few security issues, no known exploits and a bunch of testimonials for using Exim. I use exim because: 1) simple, easy-to-understand syntax; 2) extremely detailed documentation, FAQ and examples; 3) friendly mailing list; 4) friendly author/developer; 5) many testimonials; 6) no known security issues; 7) numerous capabilities, such as anti-relaying features, filtering, mail routing control, etc.; 8) it was default with Debian :) I have read several testimonials of Exim like: "we use an old SparcStation 20 to ship around 60,000 emails a day and according to the exim stats 98% of those are shipped in under a minute." And "have used exim to cope with the mail for freeserve (3 million users) and we never had any problems with it." And "processed several hundred thousand messages a day across 7000+ virtual domains." Jeremy C. Reed http://www.reedmedia.net/ http://bsd.reedmedia.net/ -- BSD news and resources http://www.isp-faq.com/ -- find answers to your questions
