On Wed, Apr 08, 2020, Kevin Chadwick wrote: > OpenSMTPD does not listen to the internet, by default and even if you do set > it
From: Qualys Security Advisory <[email protected]> To: [email protected] Message-ID: <[email protected]> - Client-side exploitation: This vulnerability is remotely exploitable in OpenSMTPD's (and hence OpenBSD's) default configuration. Although ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > Is it hard to write a secure mail server, sure. Look at exims bugs. [Is that like saying: "Is it hard to write a secure OS, sure. Look at Linux bugs."? ] How about qmail (or postfix)? (and some other barely known MTA) -- Address is valid for this mailing list only, please do not reply to it direcly, but to the list.
