[TriLUG] Which is better?

Lance A. Brown lance at bearcircle.net
Thu Oct 11 14:04:03 EDT 2007

bak wrote:
> Anyone who values his sanity and is responsible for anything but the
> most basic SMTP setup would have to answer Postfix.  Any daemon program
> that requires m4 just to build the config file from hundreds of lines of
> incomprehensible macros is more than your life is worth.  Anyone who has
> ever had The Bat Book fall his foot knows just what I mean.  Sendmail's
> milter support is fairly easy to use, however.
> Postfix+Dovecot is now turning into a superb way to provide
> POP+IMAP+SMTP with SASL-based SMTP auth and a very flexible variety of
> authentication methods (krb, SQL database, passwd files, whatever).  I
> cannot tell you how simple, flexible, and bulletproof it's been to me
> over the past few years.
> Postfix generally is considered more secure due to its habit of
> splitting the work between multiple daemons, each with its own purpose.
>  In extremely large installations routing millions of pieces of mail a
> day this could eventually become a bottleneck, or at least it was as of
> a year or so ago.

Folks I know such as Brad Knowles, who did a lot of work at AOL setting
up their internet email systems, still consider sendmail to be the
killer app for moving extremely heavy mail loads around.  The commercial
side of the Sendmail company has also done a lot to make sendmail
effective in those worst-case situations.

Sendmail *has* had a long history of vulnerabilities, but then, so do
*most* of the programs that are around the same age.  Look at bind, for
example.  Similar age and similar problems with vulnerabilities over time.

The internet isn't what it once was.

 GPG Fingerprint: 409B A409 A38D 92BF 15D9 6EEE 9A82 F2AC 69AC 07B9
 CACert.org Assurer

More information about the TriLUG mailing list