sendmail 8.14 has a serious memory corruption bug in it

Matthias Schmidt matthias at
Wed Feb 20 01:02:27 PST 2008

* Petr Janda wrote:
> On Wed, 20 Feb 2008 11:50:22 am Bill Hacker wrote:
> > Sendmail fits better than most for low/no admin to JFW at getting logs
> > off-box and fit licensing parameters.
> >
> > Those implementing a full-bore MTA for serious use will make 'a'
> > selection on the criteria dearest to them, and that has naught to do
> > with what is/is not in base anyway.
> >
> I don't think that answers the question why does Sendmail, a full blown mail 
> daemon, with a long history of security issues have to be in the base: if DMA 
> can satisfy for local mail delivery - required by some maintenance scripts, 
> and would incidently be easier to maintain due to its small size.

dma can already deliver mails to local and remote destination.  The only
thing thats missing is .forward support, but I'm working on this.  It
will be in the tree some time after 1.12 is out.

Give dma a try, send bug reports, comments, fixes, patches :)

> Isnt this the reason DMA was written anyway?

The reason why dma was written is easy.  We want to have a tiny piece of
software which can deliver mails to local and remote destinations
out-of-the-box.  No more, no less :)



More information about the Kernel mailing list