[CentOS] Kind of OT: internal imap server

Thu Aug 24 06:51:11 UTC 2006
Feizhou <feizhou at graffiti.net>

Les Mikesell wrote:
> On Wed, 2006-08-23 at 23:22, Feizhou wrote:
>>> YEAH ! Flamewar ! Yohooooooooooooo!
>> haha. well, i guess having had to immediately upgrade more than a dozen 
>> boxes running sendmail whenever a remote exploit was found kind of made 
>> me rather unwilling to deal with it anymore after the peace and quiet I 
>> get from running postfix. Also, not having to decipher them sendmail 
>> rulesets and create new ones were a relief. Then there was the 
>> instability of milter to contend with...
>>
>> I guess that is all long past now is it?
> 
> Unless typing 'yum update' to pick up fixes that have
> been needed less often than in the Linux kernel for the last
> few years is a problem for you...

sorry, it was a patched sendmail and those boxes were FreeBSD then.

> 
> No one edits sendmail.cf directly anymore and milter has been
> stable for about as long as postfix has existed at all.

Oh yeah? Hit SPAM-L for a bunch of great sendmail admins that do just 
that and I contest milter being stable as long as postfix has existed 
since we had major problems with sendmail + milter all through 8.11.x to 
8.12.10 and finally replaced it with postfix at my previous place of work.

> Postfix still doesn't have a way to let you hook user
> defined scanners running under a different uid to run
> in realtime during the smtp conversation, does it?  MimeDefang
> lets you do anything you can describe in perl and return the response
> through the milter interface for various operations
> before the mail has been acknowledged as accepted.
> 

Okay, it does not provide a hook but it can be done via a smtp 
passthrough proxy. milter is coming soon.

postfix does provide content inspection before queueing via perl regex 
and if needed, you stuff the mail through smtp to a filter that can 
either run on the same box or run on another box under whatever uid you 
wish and return appropriate response before queueing the mail.

Let's get one thing straight. I have not used exim yet but I dare say 
that sendmail is the most flexible mta program available thanks to its 
ruleset feature. However, this power is limited to those who can think 
in sendmail rulesets and given your comment about nobody edits 
sendmail.cf anymore, I guess it shows how hard it is to get mastery of 
sendmail's power.

As for mimedefang, qmail lets you do anything that can be described in 
perl, shell, C, python, whatever you fancy in fact and reject at the 
smtp level too since you can replace qmail-queue or put a filter before 
qmail-queue.

I am sorry, but one can get the functionalily of sendmail sans the 
neverending list of security updates and that is on two other mta software.