> You seem to have a definition of the word "hard" that is just much closer to "infeasible" than my own, which is nearby "takes a good deal of expertise and / or effort".
Well, maybe. But I don't really think it takes all that much expertise. Maybe it does, in the sense that there are so many tools out there that you in principle could use to try and build an email server, and without any expertise, it might be hard to tell which tools to use, and, more importantly, which ones to avoid.
So, without expertise, you might end up stuck in the local minimum that is C, say, which in turn then requires a lot of expertise and effort to build something secure, because there are just to many pitfalls to be constantly aware of if you want to pull it off. But if you manage to avoid that local minimum and use a memory-safe language with garbage collection, suddenly, avoiding buffer overflow exploits is trivial. You don't even need to understand what a buffer overflow is and why/how it can be exploited. They simply don't happen, without any detailed expertise needed.
The thing is that you very well might end up writing your email server in a memory-safe language by accident. Writing a secure email server in C by accident, though? Extremely unlikely.
Also, many possible security problems that plague software simply don't apply to email servers. The web is a mess and difficult to build something secure for. But email servers don't have to deal with the web, so you cannot even accidentally stumble into those problems when you are writing an email server.
> But I don't really think it takes all that much expertise.
I think you may be living in a bubble. Building any working software takes a lot of expertise. Maybe you just mean "expertise in addition to that necessary to build any working software". In which case, maybe I don't disagree with you so much. But again, we're just debating the definitions of words like "hard" and "expertise"!
There are more security issues to be concerned about than buffer overflow. Just as an example, your email server needs authentication and authorization, which are also tricky to get right. There are plenty of logic-level security issues like that for which just choosing a memory-safe language is not a solution.
Well, maybe. But I don't really think it takes all that much expertise. Maybe it does, in the sense that there are so many tools out there that you in principle could use to try and build an email server, and without any expertise, it might be hard to tell which tools to use, and, more importantly, which ones to avoid.
So, without expertise, you might end up stuck in the local minimum that is C, say, which in turn then requires a lot of expertise and effort to build something secure, because there are just to many pitfalls to be constantly aware of if you want to pull it off. But if you manage to avoid that local minimum and use a memory-safe language with garbage collection, suddenly, avoiding buffer overflow exploits is trivial. You don't even need to understand what a buffer overflow is and why/how it can be exploited. They simply don't happen, without any detailed expertise needed.
The thing is that you very well might end up writing your email server in a memory-safe language by accident. Writing a secure email server in C by accident, though? Extremely unlikely.
Also, many possible security problems that plague software simply don't apply to email servers. The web is a mess and difficult to build something secure for. But email servers don't have to deal with the web, so you cannot even accidentally stumble into those problems when you are writing an email server.