[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Zone file



On Thu, 4 May 2000, Karl Pearson wrote:

> I have to disagree. I've used sendmail for a number of years and have
> found it to be just fine. To get power, you have to accept a little
> complexity. 

"you have to accept A little complexity" A very relative feel when you the
ease at with which qmail can be configured...Also qmail has more
sophisticated features than sendmail itself...

But Karl, you have to admit that sendmails authour himself has admitted
that it has to rewritten from scratch...

Note: the list we are on run by Redhat is also run by qmail...

>What are the trade-offs between sendmail and qmail and any
> others? Until you recognize that, don't decide not to dive into something.

Well since you asked, and I am really interested in your replys for
these...


Overall performance: What really matters is how well qmail performs with
your mail load. Red Hat Software found one day that their mail hub, a 48MB
Pentium running sendmail 8.7, was running out of steam at 70000 messages a
day. They shifted the load to qmail---on a _smaller_ machine, a 16MB
486/66---and now they're doing fine.



Efficiency -:On a Pentium under BSD/OS, qmail can easily sustain 200000
local messages per day---that's separate messages injected and delivered
to mailboxes in a real test! Although remote deliveries are inherently
limited by the slowness of DNS and SMTP, qmail overlaps 20 simultaneous
deliveries by default, so it zooms quickly through mailing lists. 

* SPEED---qmail blasts through mailing lists an order of magnitude
faster than sendmail. For example, one message was successfully
delivered to 150 hosts around the world in just 70 seconds, with qmail's
out-of-the-box configuration.

How does that bloated sendmail compare with the above...

2. Security is a important part of any mail agent...qmail is 100%
secure...there is a reward for 1000$ for anyone who hacks into it but it
has never been taken.


And finally about how well qmail performs as a replacement for sendmail

Replacement for sendmail: qmail supports host and user masquerading,
full host hiding, virtual domains, null clients, list-owner rewriting,
relay control, double-bounce recording, arbitrary RFC 822 address lists,
cross-host mailing list loop detection, per-recipient checkpointing,
downed host backoffs, independent message retry schedules, etc. In
short, it's up to speed on modern MTA features. qmail also includes a
drop-in ``sendmail'' wrapper so that it will be used transparently by
your current UAs.



> 
> One comment on the list however has given me pause. That was about
> security holes. I've dealt with break-ins and have even been an expert
> witness for an insurance company in a pretty nasty case. I've not seen
> sendmail break-ins but I have seen others. Any more info would be greatly
> appreciated.

Heres the info you wanted from the SECURITY Doc....

Background: Every few months CERT announces Yet Another Security Hole In
Sendmail---something that lets local or even remote users take complete
control of the machine. I'm sure there are many more holes waiting to be
discovered; sendmail's design means that any minor bug in 46000 lines of
code is a major security risk. Other popular mailers, such as Smail, and
even mailing-list managers, such as Majordomo, seem nearly as bad.

Note added in 1998: I wrote the above paragraph in December 1995, when
the latest version of sendmail was 8.6.12 (with 41000 lines of code).
Fourteen security holes were discovered from sendmail 8.6.12 through
8.8.5. See http://pobox.com/~djb/docs/maildisasters/sendmail.html.


There are inumarable reasons to choose a modern replacement with more
features than choosing  that monstrosity sendmail that I won't go into all
of them...



Grendel


Hi, I'm a signature virus. plz set me as your signature and help me spread
:)



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]