[Dshield] Exchange 5.5

Johannes B. Ullrich jullrich at sans.org
Tue Mar 12 17:41:31 GMT 2002


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 

> As an alternative, you could always dump that Exchange stuff get a
> *real* mail server (e.g. sendmail) :^) Cheers, Ed Truitt PGP

I almost rejected this post as flame-bait... but anyway:
I think the main issue is relaying. Basically all mail servers have the 
potential to be configured as an open relay. Some are more secure than 
others 'out of the box'.

Using sendmail/qmail myself, I usually don't agree that one mail server is 
more secure than another (I like qmail for example for its performance).

In my opinion, pick whatever mail server you feel comfortable with, and 
learn how to administer it well. All major mail servers can be used 
securely, if you know how to, or will be big open relays if you don't 
figure out how to configure them.

The same is true for other server or operating systems: Pick one you like, 
and stick with it. Each switch is a big security gap as it will take a 
while to get up to speed.

Anyway: I left the post alone because it had some useful information. 
Please no replies to the 'my mail server is better than yours' part.

- -- 
- -------
jullrich at sans.org                    Join http://www.DShield.org
                          Distributed Intrusion Detection System

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8jj3NwWQP+4im9DYRAqAjAJ9pwLqi7ppBkdf2chyzsRNPrOFVYACeLfE/
a35zjj7L5x4Ina6kCafKlbQ=
=4VMV
-----END PGP SIGNATURE-----




More information about the list mailing list