Nsa to the rescue
NSA wants to be sure that all flaws are patched except for the one they use to spy on people.
April showers bring hours of patches as Microsoft delivers its Patch Tuesday fun-fest consisting of over a hundred CVEs, including four Exchange Server vulnerabilities reported to the company by the US National Security Agency (NSA). Forty-four different products and services are affected, mainly having to do with Azure, …
Sendmail is also much more than an MTA.
Sendmail has had line-stopper issues occasionally; maybe a dozen times in the nearly four decades I've been running it. Microsoft has line-stopper issues weekly, if not daily.
The sendmail issues were fixed by patching sendmail, and then restarting it. No need for a server reboot or any other histrionics. No muss, no fuss.
I wonder how many man-hours are wasted every year due to Microsoft being incapable of writing secure code. Worse, how many man-hours (read "dollars") has your company wasted in the last year due to Microsoft's inability to write secure code?
"I know exchange is so much more than an MTA"
Maybe that's the problem, M$ should learn to crawl before it tries launching into orbit with a million modules bolted on, less lines of code, less chance for those podgy fingers to makes mistakes
Am alone here?
keep it simple, stupid
I use sendmail with an IMAP server (I use Cyrus but I set it up over a decade ago and it just works). Other solutions obviously exist. This one seemed just fine when I set it up. Integrating Cyrus was pretty easy. I'm using the FreeBSD version of sendmail.
No need for bloat-ness and security craters, like Micros~1 Exchange
Makes you wonder if they were put their on purpose, but now we are aware that foreign agents are are aware of our previously unknown vulnerabilities we must ask Microsoft to patch them and in doing so create some new unknown vulnerabilities. Perpetual vulnerabilities.
Seems mighty suspicious Microsoft programmers are really that bad? Did they fire all the good ones?
.. can any of Microsoft's products be deemed suitable for business?
I mean, at some point someone should have come up with a way to actually review their code for exposure to the Internet. It's not as new as an idea as it was, say, a decade ago, but I get the feeling MS is still treating it that way.
Life is fun if you have people locked in, yet can still fully avoid any accountability..