Ubuntu mail headers are not best practice

Andreas Simon andreas.w.simon at gmail.com
Tue Jul 10 10:42:36 BST 2007


On Tuesday 19 June 2007, Sherman Boyd wrote:
> There is no reason to disclose
> this information, and from a security perspective it is a best
> practice not to.

This comes down to 'security by design' versus 'security through obscurity'.
I think the later is an illusion and Ubuntu will not be any more secure 
because of a changed Postfix header string.

Best practice in security would be to make it better by design, i.e. for 
example tight rules for AppArmor.

-- 
Cheers,
Andreas

Hearts will never be practical until they can be made unbreakable.
		-- The Wizard of Oz



More information about the ubuntu-devel mailing list