Impressive Results from Mozilla-Sponsored Dovecot Security Audit

Jan 16, 2017

Well as 2017 kicks off, we have some great news to share. One of the things we take very seriously here at Open-Xchange is the security of our software, which for us is a ground-up process which involves every aspect of the software lifecycle, including coding practices, design, static and dynamic analysis, comprehensive QA and a bug-bounty program. In addition to those, another important aspect of releasing secure software is auditing the software for security vulnerabilities. We’re really pleased to announce that Mozilla, via the Mozilla Open Source Support program, have conducted a security audit on the Dovecot software, the first public audit of the Dovecot code. You can find the report here: https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#dovecot.

The company that conducted the audit (Cure 53) were extremely impressed with the quality of the dovecot code. They wrote: “Despite much effort and thoroughly all-encompassing approach, the Cure53 testers only managed to assert the excellent security-standing of Dovecot. More specifically, only three minor security issues have been found in the codebase, thus translating to an exceptionally good outcome for Dovecot, and a true testament to the fact that keeping security promises is at the core of the Dovecot development and operations.”

We’d like to thank Mozilla for making this audit possible, and helping to ensure that not only Dovecot, but also many other Open-Source software projects are more secure.

You can find out more information about the Mozilla Open Source Support program here: https://www.mozilla.org/en-US/moss/

About the author

Neil Cook

Neil Cook

PowerDNS Head of Product

Related Articles

Dovecot Pro and Lua

As 2019 begins, we at Open-Xchange would like to provide you with an update and a few details regarding the latest Dovecot...

Michael Sluzars Feb 14, 2019

From Latin America to the Far East

The summer of TES in 2018 goes all around the planet – and for a project that was born in the heart of Europe, this is a...

Vittorio Bertola Aug 28, 2018

Keeping your family safe and secure online

Securing all of the various devices in your home is vital to prevent cyber-attacks and to close gateways to harmful content....

Alexander ter Haar Aug 27, 2018

Introducing OX Summit Partner: Vade Secure

According to Cofense, a successful phishing attack costs a mid-sized organization $1.6 million on average. Moreover, FBI...

Frederic Maussion Aug 21, 2018