I felt this might be of general interest, so I am making it an open
question. Primarily, this is directed to our friends at AT&T:
The recent CERT advisory regarding sendmail has gotten me thinking...
This program is such a problem, is there a way of replacing it? Then I
remember something...
In the past, unless age is eroding my memory :-), I recall some of the
folks at AT&T mentioned the name of their mailer (upas). I also think
it was mentioned in C&B (I think it's worthy of this moniker, like K&R!)--
not having my copy in hand, I cannot verify this. Somewhere in my
(deep-dark) past, I believe I read a paper about it by Dr. David Presotto
(I think that's his name--I apologize if I am wrong). This triggers a
few questions:
1) Where was that paper published and is it on line somewhere?
2) Is the source available to the general (non-AT&T) public?
3) As an alternative, did someone do their own port that might
be available?
4) What would make it more secure than sendmail or smail?
THANKS!
scott barman
--
scott barman DISCLAIMER: I speak to anyone who will listen,
scott @
disclosure .
com and I speak only for myself.
barman @
ix .
netcom .
com
"Micro$oft and Windoze/NT will be the cause of the de-evolution of
network security just as the original PC and BASIC was the cause of
the de-evolution of programming."
Follow-Ups:
|
|
