Op di 15-07-2003, om 16:12 schreef Craig Sanders: > On Tue, Jul 15, 2003 at 12:24:34PM +1200, Nick Phillips wrote: > > On Tue, Jul 15, 2003 at 09:01:30AM +1000, Craig Sanders wrote: > > > > Why? Do you have any compelling reasons against exim? > > > > > > it's more that postfix has numerous compelling advantages. it's small, it's > > > fast, it's very flexible, it's very easy to configure, it's secure, it scales > > > beautifully from the very smallest mail systems to the very largest, and more. > > > > Hmmm. None of which are compelling advantages of postfix over exim; all of > > those also apply to exim. > > except for secure, Philip Hazel is pedantic about dropping root privileges ASAP, and generally codes quite securely. Also, I've tried searching the archives of debian-security-announce for the word 'exim', and haven't found anything. I think it's safe to say that exim is secure, too. > fast, and scales beautifully from small to large systems. Remember that Philip Hazel wrote Exim because he needed an MTA to install on the University of Cambridge's mailservers. Does the mail system of a university that size qualify as 'large'? I'd say it does (seen the fact that the largest box handles over 100.000 deliveries on a busy day), so that makes it scalable to large systems, and quite large so too. Have a look at Q1002 in the exim FAQ[1], which gives some examples of large, smoothly-running exim configurations. Also from that section: "On a PII 400 with 128M of RAM running Linux 2.2.5, I have achieved 36656 messages per hour (outgoing unique messages and recipients). For about a 5 minute period, I was able to achieve an average of 30 messages per second (that would be 108000 m/hour)!"(...) There's more there; all examples of large exim installations, posted on the exim mailinglists. Since we've been making it default for our users, it's fairly scalable to small systems, too -- people that run desktops generally don't care about MTA's, unless it's a memory hog or hampers their systems in other ways. Since I haven't heard much complains about exim hogging away, that makes it pretty scalable to small systems, I'd say. > and i'm not so sure about "very easy to configure", either...."fairly easy", > yes. "very easy", not really. Easy is a subjective criterion. What you find easy to configure may be very difficult for me. Using 'easy' as a technical argument seems rather unfair to me. > while (AFAIK) there are no current exploits for exim, that is more by accident > or luck than by design - the monolithic mail daemon running as root design is > inherently insecure. Sure. Hence, exim doesn't run as root. It's SetUID root, since, hey, it must be able to open port 25, handle the mail queue, and whatnot; but once it's got its file handles and sockets open (and before anything is done with them), root permissions are dropped. > exim is certainly not fast, and while it may be adequate for tiny mail systems > with trivial loads, it doesn't scale up to large mail systems - which is an > important point, debian is better off with a default MTA that can handle any > load thrown at it. This is blatantly incorrect, for two reasons: First of all, you've got the facts wrong. Have a look at that FAQ entry. Second, defaults are of the least importance to people running large servers, since they usually know what they're doing, and mostly don't care what the defaults do (and if they don't know what they're doing, they're fucked anyway, and good defaults aren't going to help them). Such people install what they know best, whether that's postfix, sendmail, exim, qmail, or something else. Defaults are of most use to people not accustomed to the system; as such, even if exim would not scale up to large systems but instead would only perform well on fairly small ones (which it doesn't, as shown above), that would not be a compelling reason to drop it. > > P.S. Does anyone disagree that this is, essentially, a religious issue? > > no, it's a quality issue. I haven't seen any compelling or correct arguments to that. > this idea may be blasphemous in today's anti-meritorious world of standardised > mediocrity but not all things are the same. some things really are better than > others. And some aren't. Please do your homework before you post another reply. Thanks, [1] http://www.exim.org/exim-html-4.10/doc/html/FAQ_10.html#TOC219
Attachment:
signature.asc
Description: Dit berichtdeel is digitaal ondertekend