Why is Sendmail included, it is “known insecure”?!
Sendmail has had an imperfect security record, however the Sendmail authors and maintainers have been very receptive to reworking their code to make it much more secure (and this is a sadly uncommon response). The recent security history of Sendmail is not much different than some of the supposedly “more secure” alternatives. • Why isn’t Postfix included? The license is not free, and thus can not be considered. • Why isn’t qmail or djbdns included? Neither program is what many Unix users “expect” out of a mail or DNS application. • Why is Apache included? It isn’t needed by many people! Because the developers want it. • Why isn’t a newer version of Apache included? The license on newer versions is unacceptable. • Why isn’t bzip2 included instead of gzip? Performance is horrible, and benefit is minimal. Impact on slower platforms, such as m68k or VAX would be unacceptable. • Why isn’t there a graphical or curses(3) based installer? For a number of reasons, including the goal of keeping
