Les Mikesell wrote: > On Wed, 2006-08-23 at 23:22, Feizhou wrote: >>> YEAH ! Flamewar ! Yohooooooooooooo! >> haha. well, i guess having had to immediately upgrade more than a dozen >> boxes running sendmail whenever a remote exploit was found kind of made >> me rather unwilling to deal with it anymore after the peace and quiet I >> get from running postfix. Also, not having to decipher them sendmail >> rulesets and create new ones were a relief. Then there was the >> instability of milter to contend with... >> >> I guess that is all long past now is it? > > Unless typing 'yum update' to pick up fixes that have > been needed less often than in the Linux kernel for the last > few years is a problem for you... sorry, it was a patched sendmail and those boxes were FreeBSD then. > > No one edits sendmail.cf directly anymore and milter has been > stable for about as long as postfix has existed at all. Oh yeah? Hit SPAM-L for a bunch of great sendmail admins that do just that and I contest milter being stable as long as postfix has existed since we had major problems with sendmail + milter all through 8.11.x to 8.12.10 and finally replaced it with postfix at my previous place of work. > Postfix still doesn't have a way to let you hook user > defined scanners running under a different uid to run > in realtime during the smtp conversation, does it? MimeDefang > lets you do anything you can describe in perl and return the response > through the milter interface for various operations > before the mail has been acknowledged as accepted. > Okay, it does not provide a hook but it can be done via a smtp passthrough proxy. milter is coming soon. postfix does provide content inspection before queueing via perl regex and if needed, you stuff the mail through smtp to a filter that can either run on the same box or run on another box under whatever uid you wish and return appropriate response before queueing the mail. Let's get one thing straight. I have not used exim yet but I dare say that sendmail is the most flexible mta program available thanks to its ruleset feature. However, this power is limited to those who can think in sendmail rulesets and given your comment about nobody edits sendmail.cf anymore, I guess it shows how hard it is to get mastery of sendmail's power. As for mimedefang, qmail lets you do anything that can be described in perl, shell, C, python, whatever you fancy in fact and reject at the smtp level too since you can replace qmail-queue or put a filter before qmail-queue. I am sorry, but one can get the functionalily of sendmail sans the neverending list of security updates and that is on two other mta software.