John Plemons wrote:
Having used and configured both Send mail and Postfix, sendmail was and had it's issues. I found it much easier to work with on Open Relays for example, the draw back with Sendmail and Postfix may be along the lines of Windows and a Mac, there are bunches of Windows machines in the world so every little hacker writes viruses for them. There are very few Mac Viruses... I'm sure there are more people writing hacks and cracks to break into sendmail more so than Postfix, so in the scheme of things Postfix may just be a better choice. Like Mozilla over IE... Thunderbird over Outlook....
Sure, but to be fair Sendmail was essentially the first. There haven't been any security issues in a while, and the last few were not as significant as the issues prior to 12.X when the submit thing was added. I think any of the MTAs are subject to hacking, the source for all is available. The hard core hackers seem to have all grown up, all I see these days is script kiddies in China trying to run dictionaries against the root account. Even the Windows virus stuff seems to have died off as of late.
Yes, there are the purists like the Qmail folks that believe that Sendmail is fundamentally flawed. Having dealt with both, I'm still a Sendmail fan and refuse to run Qmail because :
* The documentation is absolutely horrid to this day. * The logging is equally as horrid, and I shouldn't need Splunk to make heads or tails of an email transaction. * It's arguably more difficult to configure and tweak than Sendmail (i.e. Oh, I need double-bounce too? and Hey, so-n-so wrote a plugin for this. It's similar to this other guy's plugin but different.)
As for Postfix, I don't recall having heard anything good or bad about it from a security perspective. Then again, I don't have time to read mailing lists, I blame Thunderbird for seeing your original posting in the little pop-up window by the sys-tray ;-)
Like Qmail, it's setup to be a drop-in replacement for Sendmail (same CLI options, etc). Most people I know that run Postfix adopted it when Sendmail was still somewhat difficult to work with, during the transition to using m4 exclusively and adding the submit queue. Difficult meaning you had to read the docs fairly well before expecting it to work. Having run an ISP, learning this was sort of a coming of age thing.
One thing I do like about Postfix is the LDAP/SQL support, that is very cool. If I was approached to do something along those lines and Postfix proved to be the right tool, I'd use it in a second for that project.
Anyway, blah blah blah. It's almost Beer:30. Happy Wednesday everyone ;-)
Regards, Chris