[macports-ports] branch master updated: nrpe, nsca: remove outdated ports

[Richard L. Hamilton]

How about maildrop?  Nothing I know of (except procmail) will use existing .procmailrc files, but e.g. http://www.wonkity.com/~wblock/docs/html/maildrop.html <http://www.wonkity.com/~wblock/docs/html/maildrop.html> shows some examples of migrating (e.g. sendmail configuration, some .procmailrc to .mailfilter examples, etc).  AFAIK, maildrop also plays nice with postfix (common on Macs, right?).  And there's already a port for maildrop, that's standalone and not merely a plugin into an MTA; I'm not so sure there's a standalone sieve port.

> On Feb 2, 2019, at 20:59, Dave Horsfall <dave at horsfall.org> wrote:
> 
> On Sun, 3 Feb 2019, Joshua Root wrote:
> 
>> No official policy. My view is that the only clear-cut case is when a port doesn't build or work at all, anywhere, and there's no real chance of that ever changing.
> 
> How about insecure ports such as Procmail?  It's a scripting language, with Shell access, that believes user data;  I believe it's no longer maintained by the author, and the coding style is unreadable, making it difficult to spot vulnerabilities.
> 
> http://www.cvedetails.com/vendor/225/Procmail.html makes interesting reading, as does any search for "procmail CVE".  Perhaps it's just me, but I don't think insecure software belongs in MacPorts unless someone is willing to fix it (and good luck with Procmail).
> 
> There are alternatives; I cannot remember their names. but "sieve" (or
> similar) springs to mind.
> 
> -- Dave
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macports.org/pipermail/macports-users/attachments/20190202/3a7ee0fa/attachment.html>