Re: Sendmail configuration

["Stephen J. Turnbull" <turnbull@example.com>]

>>>>> "A" == A Sajjad Zaidi <sajjad@example.com> writes:

    A> Which other applications are secure and useful for what Im
    A> doing?

Well, we don't know what you are doing, so we can't say what is
"secure and useful."

It sounds to me like what you want to do is inherently insecure.  As
far as I can tell, you want relaxed authentication requirements for
users coming in over the Internet.  This is by definition insecure: on
the Internet, you don't know who is a dog.  The best you can do is
demand that he be a dog with a 1024-bit-or-better authentication
token.

If I were you, I'd be setting up a VPN.  Even though you probably
can't keep your users from doing insecure things, you can at least
authenticate well enough to be able to assign blame for leaks.  But
everything you've suggested so far (with the possible exception of
Sendmail/SASL) would rule that much authentication out.

    A> Ive heard a lot about 'qmail', but dont know how good that
    A> is.  Anyone using it here?

qmail claims to be secure, but if you read the security challenge,
you'll discover that it's basically like an "Orange Book" C2 rating
(the one that NT brags about about).  qmail is secure if you don't use
it to send mail or receive mail over the Internet.  :)

-- 
University of Tsukuba                Tennodai 1-1-1 Tsukuba 305-8573 JAPAN
Institute of Policy and Planning Sciences       Tel/fax: +81 (298) 53-5091
_________________  _________________  _________________  _________________
What are those straight lines for?  "XEmacs rules."