Spam Control Considered Harmful
jshaw at insync.net
Thu Oct 30 16:11:09 UTC 1997
On Wed, 29 Oct 1997, Derek Andree wrote:
> It would seem like a nice feature for Sendmail, but do you think it is
> realistic to assume that everyone would upgrade? I know of many hosts which
> use "outdated" versions of Sendmail. Then you would be faced with the
> question of whether to only allow connections from the latest version of
> sendmail (with the sender verification), which would limit it's usefulness.
> Derek Andree
> derek at firstcomm.com
Anyone running outdated versions of sendmail has not only not met their
obligations as a sysadmin, but they are also asking to have their networks
owned. Sendmail is updated so often because it has MAJOR security holes
and bugfixes. I guarantee you that if you gave me one of the sites that
is running outdated sendmail, they could be "owned" in a very short time.
There are far too many remote sendmail exploits for older versions to not
upgrade. Checking http://www.geek-girl.com/bugtraq and doing a search on
sendmail will verify this. So, upgrading should be a prioity to anyone
who's running anything less than Sendmail 8.8.8.
Joe Shaw - jshaw at insync.net
NetAdmin - Insync Internet Services
More information about the NANOG