Hello Les,
But you are missing the point that once something has been done for sendmail via the included m4 macros, no one else ever has to understand it again. You just edit a line in the .mc file to activate the feature/option following the comments in the file or some documentation and the right thing happens. As shipped in Centos you can do pretty much anything you would want a mailer to do by changing a few lines in sendmail.mc.
Actually, what I want to get at is if you need anything beyond the rulesets that are provided, you cannot do anything unless you understand sendmail rulesets and that is the same if you need to change something too.
It doesn't make any more sense to talk about the difficulty of understanding sendmail.cf than it does to talk about source code changes. It is nice that both are available for those who might want to tackle changes at that level but it is not necessary for ordinary use.
I guess that is the whole point. Ordinary users will probably have no clue how sendmail works and when problems arise, good luck trying to fix or get around them. So unless they know how to build other stuff and use procmail or maildrop, they are pretty much stuck to system mailboxes.
Then when you add MimeDefang, you also get the ability to add in any other operations you want to happen in parallel with the smtp chat and control it all with a bit of perl.
Which makes it no different from your dissing of qmail. qmail provides very little that you can do before DATA in the smtp chat and mimedefang does not kick in until after SMTP DATA in sendmail and they are therefore the same.
As for mimedefang, qmail lets you do anything that can be described in perl, shell, C, python, whatever you fancy in fact and reject at the smtp level too since you can replace qmail-queue or put a filter before qmail-queue.
Another way of saying that is that qmail is so bad you have to completely replace components to make it usable at all.
Which is no different from sendmail + mimedefang. You have no idea how qmail works so I shall ignore your ignorance on this. sendmail gave you milter so that you can get at the headers and message body. DJB's multiple program approach to separate the different functions automatically provides you the ability to get at what you want by either modifying that particular qmail program or by replacing like qpsmtpd or by adding another program like qmail-qfilter. For this same reason, people don't get any trouble from postfix and qmail with regard to security issues and sendmail X following the same design principles says a lot.
I am sorry, but one can get the functionalily of sendmail sans the neverending list of security updates and that is on two other mta software.
Sendmail is probably the most heavily audited code available today, and none of the other MTA+addons are as well integrated or designed for efficiency as sendmail+MimeDefang with its multiplexed pool of backend slaves. Qpsmtpd is promising but the project is still in the process of reinventing things MimeDefang has had down for years.
yeah, sendmail is probably the most heavily audited code and people still find issues just exim also had/has issues due to their monolithic design. Ever wonder why sendmail X is following the footsteps of qmail and postfix, two mtas that were written by two security different experts?
Multiplexed pool of backend slave? sendmail + mysql anyone?
Let's see, postfix supports mysql, ldap and postgresql out of the box. qmail's design allows people to add mysql/postgresql/ldap support such that we have qmail-ldap and qmail-sql. So you can use qmail-ldap or qmail-sql instead of doing your own. exim also comes with mysql, ldap support out of the box.
methinks it is sendmail that is behind here regarding backend slaves. You need to add mysql table support and then you have to write the rulesets to be able to use those tables.
Well integrated and designed for efficiency eh? I'd like to see benchmarks between sendmail + mimedefang versus postfix + amavisd. In fact, I'd like to see sendmail + mimedefang integrated with a mysql backend versus postfix + amavisd integrated with a mysql backend. But the whole thing would be unfair since postfix does connection pooling to its backends while sendmail will probably beat the crap out of its backend if it supported any sql database at all.
You can diss all other mtas + their addons all you like Les, but sendmail X is following the design principles of qmail and postfix which says something.