[Info-vax] Kernel Transplantation
Mark Berryman
mark at theberrymans.com
Wed Jan 24 10:46:24 EST 2024
On 1/23/24 3:15 PM, Stephen Hoffman wrote:
> On 2024-01-23 13:29:56 +0000, Simon Clubley said:
>
>
>
>> The biggest external problem I have ever had to personally deal with
>> was that the UCX stack still had an SMTP open relay with no way of
>> restricting it, when the rest of the world had moved on and this was
>> very, very, no longer acceptable.
>
> Last I checked, the 💩 default for TCP/IP Services SMTP mail server was
> a 💩 open relay. With no diagnostics. Reproducer was trivially simple:
> delete (or mis-locate) the SMTP configuration file.
>
> With no TLS and no STARTTLS support to be found anywhere in the TCP/IP
> mail server, last I checked.
The applications that come with TCP/IP Services are but one of the many
reasons that I have stated in the past that, if you are really concerned
about security, you don't run TCP/IP Services, you run Multinet. And,
at least for mail, if Multinet is not an option then try PMDF.
I no longer have the resources to bang on TCP/IP Services V6 that I once
had but, for any earlier version, yes - there were issues. I really
hope VSI has, or will, address them in the new version.
Mark Berryman
More information about the Info-vax
mailing list