Greg Olsen, CEO of Sendmail Inc, has responded to claims made on behalf of IBM’s Secure Mailer in yesterday’s ComputerWire (CI No 3,559). IBM said it built Secure Mailer in part to correct perceived security deficiencies in Sendmail, the most widely used of all internet mail server systems. Olsen points out that there are two ways a program gains a reputation for security. One is by demonstrating that it is secure. The other is theoretical, he says, Secure Mailer is brand new, in fact it’s still in beta. [Its author] Wietse Venema is a very smart guy and some of his architectural innovations theoretically offer greater security. But everyone in the security industry knows that the best way to test security is to put it out there and let the hackers at it. I think it’s fair to say that Sendmail is the most hack-attempted program on the planet. We have not had a break-in for some time. IBM also raised questions over the Sendmail user interface. Olsen willingly concedes that this was a big problem in the past, before the company was incorporated to provide commercial support for the open source software and to build a graphical user interface, which it released on December 7 (CI No 3,553). Until Sendmail Pro, the software was for gurus only, Olsen says. Feedback on the new GUI suggests that that has changed: Now people are saying this difficult technology has become accessible.
Olsen is, finally, reluctant to get into a war of words with IBM. He says he is encouraged by the company’s decision to take Secure Mailer open source. If Wietse’s ideas do work, it will be good for everyone. The mail will get better, he concludes.
