On Thu, 2012-11-01 at 12:03, Axel Caspard wrote: > I am curious to know why you would like to see bind replaced with dbndns?
The same as for exim: security records. > ----- Original Message ----- > From: "Milan P. Stanic" <m...@arvanta.net> > To: debian-security@lists.debian.org > Sent: Thursday, 1 November, 2012 10:53:19 AM > Subject: Re: idea: switch default MTA from exim4 to postfix (wheezy+1) > > On Thu, 2012-11-01 at 22:48, Hideki Yamane wrote: > > Hi, > > > > Now we are using Exim as default MTA, but I doubt whether it'd be best > > choice since several critical security vulnerabilities has found this > > two or three years. > > > > Yes, it's often that such vulnerability has been found for software (of > > course), however, other MTA like postfix has less vulnerabilities than > > Exim. > > > > So I suggest switch from Exim to Postfix for default MTA. > > > > > > Pros) > > - Postfix has less vulnerabilities than Exim during years > > If we choose postfix for default, probably it's more secure than using > > Exim ***by default***. It's good for our users. > > > > Exim: 8 DSAs and 13 CVEs and some high and remote vulns as NVD severity > > http://security-tracker.debian.org/tracker/source-package/exim4 > > and http://security-tracker.debian.org/tracker/source-package/exim > > > > Postfix: 3 DSAs and 10 CVEs and no high vulns since its first release > > http://security-tracker.debian.org/tracker/source-package/postfix > > > > > > Cons) > > - well, maybe I didn't get it ;) If you want to continue to use Exim, you > > can do it via apt-get. > > > > Please let me know your idea for this. > > Should be done 10 years ago, IMHO. Why wait? > > OT: and same for bind and use dbndns (djbdns). -- Kind regards, Milan -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20121101163557.ga11...@arvanta.net
