General

> It's a monolithic setuid binary. It's flawed by design, IMHO. Points 1
> and 3 above are just direct consequences of that.
>
> Without trying to be religious or anything of that sort, I can recommend
> postfix without restrictions to most anyone -- it has an excellent
> security track record, a large support community, great documentation,
> and it's really not that complex (even though it can be, once you start
> doing more advanced stuff).
>
> Other people will recommend and say the same about exim or the various
> other MTAs. In the end, the choice is yours.

Exim, Postfix and qmail are the big three contenders to answer the question "sick of sendmail, what else is reliable?"

Exim is the Debian default.

Postfix is nearly as well supported by Debian, and certainly has a large general user community. The Postfix FAQ has never failed to answer my questions.

qmail has the least Debian support, due to uninteresting licensing issues, but has a large user community and excellent documentation (www.lifewithqmail.org, qmail.org). It runs nicely on Debian systems, and is unlikely to require upgrading.

There are presumably some people running Courier-MTA; many more people use Courier's IMAP system in combination with qmail or Postfix.

dsr

> Without trying to be religious or anything of that sort, I can recommend
> postfix without restrictions to most anyone -- it has an excellent
> security track record, a large support community, great documentation,
> and it's really not that complex (even though it can be, once you start
> doing more advanced stuff).

Generally I tend to agree (and I wish postfix was made into the default MTA for Debian as it is almost every other Linux distribution — except I am not sure whether RedHat kicked the sendmail habit already), but sendmail has one huge advantage — they are still so widespread, especially in the commercial world, that any Linux certification (and I am afraid many jobs you may be interested in) required pretty good knowledge of sendmail. Which is the reason, why I have installed sendmail on my notebook (and read Bat-book!).

Otherwise, in the totally ideal world, where I could choose whatever I want, it would be probably postfix.

Matej Cepl

On Fri, 1 Sep 2006 12:49:48 +0200, Martin Moller <listen@andvari.de> wrote:

>Do you have some expirience with sendmail

Sendmail has the best integration with cyrus imapd, via socket maps.

Sendmail also has a commercial organization which relies on the open source codebase, so you have more than one paid developer working with the code.

The linux kernel has security holes on a more frequent basis than sendmail. But I stay up to date with fixes, and my systems have never been compromised via sendmail or the linux kernel.

With postfix the learning curve is not as steep as sendmail, and the postfix community is densely populated with unskilled users. There's more experience and skill in the sendmail community, though newcomers may find it hard to extract.

On Fri, 1 Sep 2006 13:11:53 +0200, martin f krafft <madduck@debian.org> wrote:

>It's a monolithic setuid binary. It's flawed by design, IMHO.

daves:~ # ls -al /usr/sbin/sendmail -r-xr-sr-x 1 root mail 681648 2006-08-12 14:59 /usr/sbin/sendmail

setgid mail.

Also see:

http://www.postfix.org/MILTER_README.html

which says:

>The Postfix Milter implementation uses two different lists of mail
>filters: one list of filters that are used for SMTP mail only, and one
>list of filters that are used for non-SMTP mail. The two lists have
>different capabilities, which is unfortunate. Avoiding this would require
>major restructuring of Postfix.

And thus postfix is a very weak argument against monolithic design.

John Kelly

Prejudice against sendmail? I think so personally. There are too many people trash talk sendmail here, I think it is time that I speak up.

On Fri, 01 Sep 2006 14:09:29 +0100, John Kelly wrote:

>>Do you have some expirience with sendmail
>
> Sendmail has the best integration with cyrus imapd, via socket maps.
>
> Sendmail also has a commercial organization which relies on the open
> source codebase, so you have more than one paid developer working with the
> code.
>
> The linux kernel has security holes on a more frequent basis than
> sendmail.  But I stay up to date with fixes, and my systems have never
> been compromised via sendmail or the linux kernel.

I totally agree with John, every of his statement is backup by evidences.

There seems so many people toning down sendmail. I have "followed the crowd", and only recently I've realized that I am the victim of such prejudice against sendmail.

My suggestion, speaking from my heart breaking experiences, is that if you are a normal user, not a mail expert or system admin who need to play with mail configuration as you full time job, stick with sendmail, and keep away with postfix, exim, etc.

Why? You'll have better support. Recently I need to config my MTA to use smarthost to talk to my ISP. For several weeks, I tried to do it with Exim. Then another several weeks on postfix, I searched and asked, all efforts ended no where.

Reluctantly, I get back to the "old" and "not good" sendmail. But surprisingly, I succeeded within hours — no need to ask anyone, all the questions and answers are already on the net.

Regarding better support, which's the most important thing to me as a normal user, sendmail is much much better than other MTAs.

Moreover, sendmail is better for troubleshooting as well. Just yesterday, I noticed my well configured sendmail does not work in my new grml0.8 any more. I got:

                /var/spool/mqueue (1 request)
-----Q-ID----- --Size-- -----Q-Time----- ------------Sender/Recipient-----------
k81Aupfj021818     1767 Fri Sep  1 12:56 MAILER-DAEMON
                 (reply: read error from my.isp.com.)
                                         <my.email@yahoo.com>
                Total requests: 1

Good luck to troubleshoot this with postfix, exim, etc.

T

> If you had tried google...

> The second hit would have given you the answer...

> Also, if you go to www.postfix.org, click on "Documentation" and then
> ...
>
> And lets not forget that when you install postfix on debian it actually
> asks you if you want to configure a smarthost, and even if you say no...
>
> You could have solved this on your own in a minute.

Start accusation without even trying to understand what others are trying to do is not a good way to help.

> Just because you know sendmail much better than the other MTAs (if you
> don't know how to setup a relayhost in postfix then I take it you don't
> know much else about postfix), doesn't mean sendmail is really easier.
> It's just easier for you.

Start accusation without even read what I said is even worst. As I said, I'm just a normal user, not an expert on any MTA at all. Before troubleshooting my yesterday's problem, I don't even know what msp is, when people talking about it, let alone knowing its relation/difference between mta.

What I meant is, from an end user point of view, that it is more likely for me to *find* answers to my problems in sendmail than any other MTAs, because it is widely used and thoroughly discussed.

>> My suggestion, speaking from my heart breaking experiences, is that if
>> you are a normal user, not a mail expert or system admin who need to
>> play with mail configuration as you full time job, stick with sendmail,
>> and keep away with postfix, exim, etc.
>
> I don't understand your logic.  An full time mail admin would easily get
> his head around any MTA, and might opt for sendmail because of it's
> configurability.  But an ordinary user who don't know much about how
> mail works?

yes, go figure out the steps setting up Postfix/SASL/TLS yourself by reading the man pages, or coach some John users to do so if you are a postfix expert. Again, from an end user point of view, the MTA that gives me the least headache will be the one that I choose. Unfortunately, I had to go through those headaches myself to know what to choose. This is the whole purpose why I speak up.

That's the end of discussion. I'm only giving facts *based on my own experience*. I'm not biased to any MTA and am willing to learn/try new things. I have no interest to wage any religious wars, or fuel such one.

bye

T