Sendmail vs postfix
evan-ieNeDk6JonTYtjvyW6yDsg at public.gmane.org
Fri Nov 18 16:32:48 UTC 2005
Lennart Sorensen wrote:
>On Fri, Nov 18, 2005 at 12:11:01AM -0500, Kevin Cozens wrote:
>>Its interesting that you put Qmail on the bottom of the list in light of
>>the fact you experienced security exploits when using Sendmail. One of the
>>advantages of using Qmail is its atttention to security.
>qmail isn't the only program that tries to be secure.
Don't qmail and postfix have very similar architectures? They both seem
to be based on splitting the MTA into a bunch of small programs, none of
which trust each other and only a bare minimum of which run suid root.
(This is in contrast to monolithic MTAs such as sendmail and exim which
run as one big suid root process.) I even seem to recall that the
original logo of postfix, before it started using the rodent, was the
flowchart indicating message-passing between the modules.
Is there anything in qmail's design that is inherently more secure than
postfix, in theory _or_ practise?
>>I can understand it being at #4 if that is due to feelings of how
>>easy/difficult it is to setup and configure compared to Sendmail. There are
>>a number of additional softwares packages available from www.inter7.com
>>that will be very helpful in setting up a Qmail system. You will find
>>packages that will let you configure and administer the mail system via a
>>web browser. Users can even administer their own domains. If you add
>>sqwebmail you can allow users to access their e-mail via a web browser.
>>The only other minor complication with installing Qmail is due to the
>>bright spark(s) who added dbus to Fedora Core deciding to use a UID/GID
>>which is used by the pre-compiled versions of Qmail. While Qmail predates
>>dbus AFAIK, the dbus creator didn't know about Qmail or the UIDs/GIDs it
>>used. Fortunately it may be easy to change the values used in dbus.
>qmail has no business telling the system what userid to map to what
>username. So that minor problem is simply a qmail bug.
>The Toronto Linux Users Group. Meetings: http://tlug.ss.org
>TLUG requests: Linux topics, No HTML, wrap text below 80 columns
>How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
The Toronto Linux Users Group. Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
More information about the Legacy