Valid XHTML 1.0!


 

Introductory remark for non-experts: I strongly recommend to keep or take the traditional system of seperation of mailing into a mailing agent and a mail client. This gives you more flexibility, power and security. And so it's not only a topic for administrators of mail distribution systems, but also for home LINUX users for example, because you need on every system such an agent.

Despite there have grown alternatives meanwhile to the rather old, classic SMTP mailing protocol, it carries still nearly all of the mails in the Internet nowadays, with only marginal exceptions like webmail (HTTP based) or proprietary solutions like Lotus. And of these Mail Transport Agents (MTAs) sendmail is not only the oldest, but also by far the most widespread. But is it the best?

Opposed to most other modular, for themselves no big UNIX commands, daemons and so on sendmail has become a monolithic beast of very much re-written code. From the origins, when the motto was straightforward and generally adequate "trust everyone!" among a relatively small group of elite users, which guided sendmail development for a long time, it has turned out to todays only adequate motto "trust no one!", but sendmail became as well technically as basically ill-designed in this regard. Therefore I want to present you with two modern, much more secure and often even faster alternatives... All three are free and open source by the way, and you can get them for virtually every UNIX system out there.

Postfix

This agent was at first developed IBM internally under another name and became meanwhile a great example for Open Source alternatives to established software (despite sendmail is also open source). I use it now for more than half an year without problems and it's pretty fast --- I can hardly follow the mail log in real time (tail -f, you know...). That it's faster than the now by me dismissed sendmail is not only a personal impression; on a SuSE event I heard, that it's outperforming sendmail in heavy traffic practice often by more than a factor 10 (throughput!). It works with a whole plethora of cooperating processes, which trust not really each other, and with a well-seperated directory/file structure, which makes it also much easier to administer than sendmail. The biggest German tele communication provider, the formerly government based Telekom, uses it on a large number of LINUX PCs for their mailing (list) purposes now.

At least the SuSE distribution (at least the professional version, regretfully not the personal version!) contains it as rpm, which makes installing quite easy. There are also RPMs for the French Mandrake distribution at least and as well a Debian package.

Qmail

Another alternative to sendmail is this little, but find project. Despite it's no longer developed and has a certain weakness in performance (sending the same mail to a whole bunch of receiving addresses is inefficient, instead of bundeling it is sent once to every address of the list), it has defended a price so far, which is given to the first, who is able to reveal an inner insecurity of that MTA. At least this proof of vulnerability hasn't claimed yet by anybody. In general it's also faster than sendmail (aside from above mentioned exception). For SuSE users this is a little more difficult, because there is no qmail rpm available so far, but in RedHat and probably other distributions it is. When not, you have to compile and (pre-)configure it manually. But for some people this may be the best bet regarding a reliable and secure as well in general fast MTA.

Sendmail

This old one runs as mentioned on most MTA using UNIX systems since SMTP (by the way, SMTP abbreviates SendMail Transport Protocol) was invented. Installation itself is quite easy and standard packages without compilation are also available for all these. The problems begin, when it's time to configure it for personal or any general use. There are even administration packages (m4) and huge guides (standard O'Reilly book: rather big, only sendmail configuration!) for it, but all this requires the resource commonly least available: much time and much knowledge about it's special features. And is opens up far too often security holes even by misconfigurations, safe for too old versions, because rather often new security holes show up, you have to update it pretty often. Then the configuration is also changed considerably again and you have to start fine-tuning of it over and over --- a nasty problem loop of time consumption! After several updates I was through with it and resorted (as mentioned above) to the much nicer postfix MTA...


 

mail clients

back to packages main  back to computer/LINUX main  back to main

remarks etc. to: stefan.urbat@apastron.lb.shuttle.de

(URL:  http://www.lb.shuttle.de/apastron/linMTA.htm)