sendmail cluster

James Couzens jcouzens at 6o4.ca
Wed Jul 28 01:50:01 BST 2004


On Tue, 2004-07-27 at 08:26, Todd Lyons wrote:

> Postfix is also a good solution.  Qmail is terrific for throughput, but
> if you want _any_ kind of features, you need to start patching it, at
> which point, sendmail/postfix/exim gain the upper hand.  I prefer
> sendmail or postfix myself as those are the two that I'm most familiar
> with.

Actually, netqmail 1.05 applies patches that are not even necessary, but
prudent to apply and is approved by Dan himself although he did not
personally author the changes.

As for patching it to obtain features, there are patches authored by
members of the community who are either responsible for the maintenance
releases of Qmail (netqmail) or have been a part of the community for a
long time and garnered through that time a strong level of competence
with Qmail.

We're making use of the available TLS patches, my SPF patch, and the
simply brilliant Qscanq (qscanq.org) which uses ClamAV (or anything you
want) to scan our mail.

I wouldn't disregard Qmail, I would make it my first choice, this is
because, it HASN'T change.  Things that do not change, do not introduce
bugs.  If you give the security lists a look, you'll see that Qmail has
never been exploited.  There are four security notices listed, The first
is Venema (of Postfix) attempting to slag Qmail, through use of an
exploit to cause a machine to run out of memory and crash, this is a
flaw in the OS, not the MTA).  The second is a dupe of the first, and
the third is for QmailAdmin (by inter7.com and not part of Qmail) and
lastly one for autoresponder (again, NOT part of qmail).

In the day and age we live in, operating a service(s) which MUST be open
to the internet is a serious consideration, and for that Qmail and
djbdns/tinydns arise to the occasion nicely so I can actually sleep at
night instead of patching machines or worrying :)

Cheers,

James

-- 
James Couzens,
Programmer
                                                     ( ( (      
      ((__))         __lib__        __SPF__        '. ___ .'    
       (00)           (o o)          (0~0)        '  (> <) '    
---nn-(o__o)-nn---ooO--(_)--Ooo--ooO--(_)--Ooo---ooO--(_)--Ooo---

http://libspf.org -- ANSI C Sender Policy Framework library
http://libsrs.org -- ANSI C Sender Rewriting Scheme library
-----------------------------------------------------------------
PGP: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x7A7C7DCF



More information about the lvs-users mailing list