[ncmncm]

FreeBSD shipped sendmail, for how many years? Is it actually still in ports?

[icedchai]

Last I checked (FreeBSD 12.x), sendmail was still the default and included with the base install.

[ncmncm]

OK... With sendmail still in the base install, why is anybody talking about new security or code quality problems?

[icedchai]

The sendmail of today is not the sendmail of the 90's.

Sure, I'd prefer postfix, but if you're just sending local email out for system checks or whatever, sendmail's okay.

[ruph123]

As someone who is totally not aware of this: Why is everybody so horrified about sendmail being included in an OS?

[icedchai]

Historically, there were a ton of vulnerabilities in sendmail. 1980’s C code, etc. Also, I will say its configuration format (“sendmail.cf”) is awful, though generally nobody works with it directly. FreeBSD uses “m4” to build the configs, for example.

[ruph123]

Thank you!