Re: Sendmail or Qmail ? ..

["Jason Lim" <maillist@jasonlim.com>]

----- Original Message ----- 
From: "Cameron L. Spitzer" <cls-di@truffula.sj.ca.us>
To: <debian-isp@lists.debian.org>
Sent: Sunday, 07 September, 2003 12:19 AM
Subject: Re: Sendmail or Qmail ? ..


> I've been running Qmail since '98.  It's got a bottleneck
> in disk writes, but aside from that it's fast.
> (Anybody tried running the queue in a ramdisk?
> Howabout in an fs made in a file mounted looback?)
> It's secure and reliable.
>
> Unfortunately, it's not being maintained by its
> author.  If you want the functionality of a modern MTA,
> you need to wade through a disorganized and unverifiable
> swamp of contributed patches and add-ons.
> I'm sure most of the add-ons are great, if you can figure
> out where to get them and how to use them.  But the ones I've
> tried (mjinject and a couple of SMTP AUTH's) were broken, and
> unsupported by *their* authors.  I'm not going to ask
> hundreds of users to rely on a cobbled-together mess like that.
> Apologies and respects to Dave Sill.


Of course, it is also the very fact that Qmail does not offer all the
bells and whistles that it is also among the most secure MTA available.
This does not mean Exim and others are not secure, but natural thinking
dictates that given the same security model, one with lots of extra
features will be less secure.

I use Qmail without any extra patches, and also have Spamassassin
installed and integrated with it, and don't have any problem. I use
smtp-after-pop, so don't have the SMTP AUTH patches installed, but some of
the patches are integrated well into Qmail.

> So I've given up on Qmail.  I'm using Exim for small systems,
> and I'll try Postfix for my next big one.
>

I've heard good things about Postfix, but as Qmail does basically what I
need, and since I don't need all the advanced features, I'm staying with
something secure and reliable, unless something I does requires something
different.

Jas