At 10:37 PM -0400 10/24/1996, Brian J. Murrell wrote:
>> Well, with sendmail 8.7.y, smap won't work -- you have to choose
>> one or the other. I don't recall off the top of my head what the bug
>> is, but it keeps it from working with sendmail 8.7.y.
>
>Not at all true. This has been discussed in the fwtk mailing list and the
>consensus was that many people (including myself at multiple locations) are
>running sendmail 8.7.* and smap/smapd.
Which version of 8.7.y were you testing with? I proved this
experimentally with 8.7.5 and both versions of smap/smapd I could
find on the 'net, and discovered a very strange version numbering
problem (the "earlier" numbered version is actually dated later and
more up-to-date) among other things. I reported this and got no
feedback whatsoever for more than a month, and that's when I
contacted a friend of mine at TIS to ask about development on the
fwtk.
>First, if they were not updating Gauntlet to make a living, they would not
>have the time that they do (however little it is) to work on the toolkit.
>Making money is not an evil thing.
True, making money is not inherently evil. However, I do believe
that there is a certain amount of conflict of interest here between
supporting the publicly available fwtk and the commercial product
Gauntlet -- the fwtk becomes little more than a sales toy to get
Gauntlet sold to the customer.
Granted, Gauntlet is a really good firewall product, but I
believe that their internal resource allocation to further
development on fwtk is clearly at least partially oriented towards
making sure that fwtk is zero drain on the manpower, and generates
the maximum amount of sales $$$ for Gauntlet.
> Second, they are now in beta release
>with 2.0 of the toolkit. Sure, it's slow going, and their time on the
>toolkit is sparing, but they have responded to the pressure to update the
>toolkit. I think ideally they let the toolkit go to somebody with more
>time and effort to maintain it, but it's theirs to do with what they want.
With the things they appear to be about to start doing with
contributed (and unsupported) modifications, maybe this will improve.
However, knowing people who work there, I can clearly see a business
decision to do virtually no work whatsoever on the fwtk.
>Yeah. Not being a wide open mail relay for anybody to bounce mail off of
>violates an RFC or two (so I understand), but Sendmail 8.8 let's you do it.
I'd like to see the RFC or the section that says this. You
better believe that our machines are going to be seriously clamped
down, and if we have problems with a site that isn't, well, we'll do
whatever we have to in order to protect our system and our users from
abusive or nonresponsive networks (witness the recent complaints
about InterRamp).
--
Brad Knowles, MIME/PGP: brad@his.com
comp.mail.sendmail FAQ Maintainer <http://www.his.com/~brad/>
finger brad@his.com for my PGP Public Keys and Geek Code
The comp.mail.sendmail FAQ is at <http://www.his.com/~brad/sendmail/>
References:
|
|
