I am curious to know why you would like to see bind replaced with dbndns? ----- Original Message ----- From: "Milan P. Stanic" <m...@arvanta.net> To: debian-security@lists.debian.org Sent: Thursday, 1 November, 2012 10:53:19 AM Subject: Re: idea: switch default MTA from exim4 to postfix (wheezy+1)
On Thu, 2012-11-01 at 22:48, Hideki Yamane wrote: > Hi, > > Now we are using Exim as default MTA, but I doubt whether it'd be best > choice since several critical security vulnerabilities has found this > two or three years. > > Yes, it's often that such vulnerability has been found for software (of > course), however, other MTA like postfix has less vulnerabilities than > Exim. > > So I suggest switch from Exim to Postfix for default MTA. > > > Pros) > - Postfix has less vulnerabilities than Exim during years > If we choose postfix for default, probably it's more secure than using > Exim ***by default***. It's good for our users. > > Exim: 8 DSAs and 13 CVEs and some high and remote vulns as NVD severity > http://security-tracker.debian.org/tracker/source-package/exim4 > and http://security-tracker.debian.org/tracker/source-package/exim > > Postfix: 3 DSAs and 10 CVEs and no high vulns since its first release > http://security-tracker.debian.org/tracker/source-package/postfix > > > Cons) > - well, maybe I didn't get it ;) If you want to continue to use Exim, you > can do it via apt-get. > > Please let me know your idea for this. Should be done 10 years ago, IMHO. Why wait? OT: and same for bind and use dbndns (djbdns). -- Kind regards, Milan -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20121101145318.ga11...@arvanta.net -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1612721900.383.1351785828058.javamail.r...@singsonn.com
