Re: FYI - IBM's open source secure MTA Jim McCoy (
Wed, 16 Dec 1998 12:19:34 -0800

Bill writes:
>>NYT's Markoff reports on IBMs' release today of
>>"Secure Mailer,"
>It appears that "secure" in this case means mostly protection from common
>denial of service attacks.

This MTA is the one which had been called "vmailer" while in alpha tests. Wietse Venema was the creator of tcp_wrappers and several very good unix security tools. Secure in this case means seperation of tasks through the use of agents which have limited capabilities (limiting what is run setuid) as well as the development of a smaller codebase which is easier to check for problems. Basically this is immune from all known SMTP attacks (DoS, attacks upon the MTA itself to compromise the host, etc.) and it takes steps to limit vulnerability to likely future attacks (buffer overflows, etc.)

You seem to imply that this is not enough to qualify as "secure", so would you mind describing what characteristics you think a secure mail transfer agent needs? I can see to it that the suggestions get to Wietse for future additions to postfix.