cgi security

[Sheila King]

On Wed, 04 Apr 2001 10:18:00 +0200, Michael Ströder <michael at stroeder.com>
wrote in comp.lang.python in article <3ACAD8B7.BC513B68 at stroeder.com>:

:Sheila King wrote:
:> 
:> There's just a "sendmail wrapper" around qmail, so that scripts can be 
:> run in the customary way.
:
:Using the smtplib module is more secure and less system overhead.

More secure, I can believe. Less system overhead? That is exactly the opposite
information from what I got, when I asked a question here a few weeks back
about "efficiency in sending email". I specifically asked in that thread, why
someone else had posted back in Feb. that using sendmail was the "preferred"
way of sending mail, rather than using the smtp module.

And I'd have to say that my experimenting confirms this. It is MUCH faster to
connect to sendmail/qmail/whatever MTA, than to wait for the smtpmodule to
open a connection. Hm. Well, it's faster for my script, anyway. You're talking
about the system. Still, I'm not sure I'd buy that, anyhow.

And, in the case that someone uses the smtplib option in my script, rather
than the sendmail option, my script has to go to a lot more trouble to set the
envelope sender and recipient, the date field, the message-ID and so forth
myself. There is a definite impact on the script performance.

Are you suggesting just using the smtplib and tossing the sendmail part of the
script?

--
Sheila King
http://www.thinkspot.net/sheila/
http://www.k12groups.org/