[CentOS] Re: sendmail aliases

Wed Apr 2 22:25:50 UTC 2008
Chris Miller <centos at scratchspace.com>

John Plemons wrote:
> Having used and configured both Send mail and Postfix, sendmail was and 
> had it's issues. I found it much easier to work with on Open Relays for 
> example, the draw back with Sendmail and Postfix may be along the lines 
> of Windows and a Mac, there are bunches of Windows machines in the world 
> so every little hacker writes viruses for them.  There are very few Mac 
> Viruses...
> I'm sure there are more people writing hacks and cracks to break into 
> sendmail more so than Postfix, so in the scheme of things Postfix may 
> just be a better choice.  Like Mozilla over IE...   Thunderbird over 
> Outlook....

Sure, but to be fair Sendmail was essentially the first. There 
haven't been any security issues in a while, and the last few were 
not as significant as the issues prior to 12.X when the submit thing 
was added. I think any of the MTAs are subject to hacking, the 
source for all is available. The hard core hackers seem to have all 
grown up, all I see these days is script kiddies in China trying to 
run dictionaries against the root account. Even the Windows virus 
stuff seems to have died off as of late.

Yes, there are the purists like the Qmail folks that believe that 
Sendmail is fundamentally flawed. Having dealt with both, I'm still 
a Sendmail fan and refuse to run Qmail because :

* The documentation is absolutely horrid to this day.
* The logging is equally as horrid, and I shouldn't need Splunk to 
make heads or tails of an email transaction.
* It's arguably more difficult to configure and tweak than Sendmail 
(i.e. Oh, I need double-bounce too? and Hey, so-n-so wrote a plugin 
for this. It's similar to this other guy's plugin but different.)

As for Postfix, I don't recall having heard anything good or bad 
about it from a security perspective. Then again, I don't have time 
to read mailing lists, I blame Thunderbird for seeing your original 
posting in the little pop-up window by the sys-tray ;-)

Like Qmail, it's setup to be a drop-in replacement for Sendmail 
(same CLI options, etc). Most people I know that run Postfix adopted 
it when Sendmail was still somewhat difficult to work with, during 
the transition to using m4 exclusively and adding the submit queue. 
Difficult meaning you had to read the docs fairly well before 
expecting it to work. Having run an ISP, learning this was sort of a 
coming of age thing.

One thing I do like about Postfix is the LDAP/SQL support, that is 
very cool. If I was approached to do something along those lines and 
Postfix proved to be the right tool, I'd use it in a second for that 

Anyway, blah blah blah. It's almost Beer:30. Happy Wednesday 
everyone ;-)