On Thu, 5 Dec 1996, Jeromie Jackson wrote:
> >
> Food for thought for people like Cisco/FW1... If you were to just make
> a Mail Transport Agent for the hub, and provide it along with the product,
> people like me could not bitch, and you could say you covered the bases. I did
> note in one of the earlier posts from Cisco that they are indeed working on it.
>
Creating an MTA does not solve the issue. Who is to say that a
vendor authored MTA is any more secure than Berkeley Sendmail? At least
with Berkeley Sendmail you have the source to review if you so choose. I
submit that this is a luxury you would not have with a vendor supplied
MTA. People tend to attack Sendmail because it's high profile as far as
security errors go. However, DNS and HTTP are just as, if not more serious
areas of concern. I think the real solution is to have these services made
available with full source code. This being said, I think there are plenty
of free software packages available to meet these needs. This software
simply needs to be reviewed on a regular basis.
------------------------------------------------------------------------------
Alfred Huger ahuger @
secnet .
com
Secure Networks Inc.
------------------------------------------------------------------------------
References:
|
|
