[Gllug] I found this link

Mike Brodbelt mike at coruscant.demon.co.uk
Wed Sep 26 02:24:12 UTC 2001 

Bruce Richardson wrote:
> 

<snip>
 
> > May I take the opportunity to recomend a saner mail server than sendmail ?
> > Qmail, exim and postfix are all easier to setup and maintain, and have a
> > shorter history of security and bug fixes.
> 
> Of course, they have a shorter history full stop.  But I would second
> that.  Both exim and postfix are far simpler to configure, much faster
> and theoretically more secure.

Simpler to configure, perhaps (though with m4, I think there's an
argument there), but where does your speed argument come from? Sendmail
has seen a lot more optimisation over the years than the others, and
I've not seen any good tests....
 
> Sendmail did have a major code audit a while back and there haven't been
> any major exploits since but the fact remains that it is far more
> complex and so runs a higher risk of improper configuration leading to
> exposure.  But it's still a monolithic beast which runs suid root. 

Not since sendmail 8.12 it doesn't.

> Sendmail is simply much more complex than is needed in 99.9% of
> situations.  

However, configuring it with m4 instead of hand hacking your cf file
avoids 99% of the complexity, and allows you to set it up pretty easily.
I haven't had to hand hack the cf in ages, and I've done a fair few
installs.

> IMO the only reason to run it (apart from where you have a
> site that genuinely needs its complexity) 

More common than people seem to think. Sendmail is *great* for
integration with proprietary mail systems - it can be configured to do
transparent address rewriting bidirectionally, and can make a
recalcitrant legacy mail system talk happily to the internet. This is
very useful at times - it can be used as a "glue" MTA, which can leadn
to replacement of old legacy systems with better ones.

> is to learn how to run
> Sendmail if you think this will be useful in your career.  There is a
> well-paid niche for skilled, experienced Sendmail admins (though a more
> deathly boring one I cannot imagine).
> 
> Qmail also shares the advantages of Postfix and Exim but suffers the
> major disadvantage of being the creation of a major-league prick.  It's
> not just that his attitude is unnecessary, it actually has a negative
> effect on the software he produces.  He has a cavalier attitude to
> internet conventions which he feels are stupid.  Qmail has been known to
> bring down other mail set-ups when trying to deliver a backlog of mail
> as quickly as possible, behaviour some call (in the context of the
> internet) pathological.  This has been raised with him and if you look
> at the archives of the qmail lists you'll see that he considers this to
> be the fault of the "inferior" software produced by others.

DJB doesn't have a lot of time for the rest of the world. Sad, cause the
man can write good software....

Mike.

-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug

More information about the GLLUG mailing list