[H-GEN] [TROLL] There must be something better than sendmail :)

Martin Pool mbp at meesha.humbug.org.au
Fri Apr 10 23:19:15 EDT 1998 

> Date: Sat, 11 Apr 1998 01:35:47 +1000 (EST)
> From: Robert Brockway <robert at zen.humbug.org.au>
> To: Humbug General List <general at humbug.org.au>

> On Fri, 10 Apr 1998, Jason Henry Parker wrote:

> > Now, I *know* that there are several rabid qmail and sendmail supporters
> > in HUMBUG, and I'm trusting that you'll succ^H^H^H^Hcome to my aid.
> 
> I'm rabid about no mailer, but recomend sendmail right now for 2 reasons:
> 
> 1) It apparently is over the worst of the security breaches.
> 2) It is _well_ documented.

I'd recommend qmail, unless you need sendmail.

The best things about qmail are those described in djb's
documentation: that security is not a goal[1], that the minimum amount
of code should run as root, that things should work safely on NFS
filesytems, and so on.

qmail's documentation is *sufficient*: the manual pages and
documentation do describe how to use every feature, and they're in
quite readable language.  However, there's no lacking a qmail-HOWTO
afaik, and there's no ORA book.  Actually, I find the strucutre of the
qmail man pages exemplary: one begins with qmail-intro and can then
fork to different pages about commands, files, subsystems, or
miscellaneous info.  For example, there's a man page on how addresses
are parsed, and on how to prevent or trace forgeries.

Configuration is much simpler than configuring sendmail.

Building qmail is straightforward and well-documented.  It uses a kind
of home-brewed autoconfig.  The documentation includes a
regression-test suite to assure yourself that everything installed
properly.

I hear from qmail advocates that it is more efficient (in terms of
messages per second per dollar of hw).  It's architecture seems more
likely to run efficiently than that of sendmail.  

qmail doesn't include the general rewriting tools of sendmail.
Rather, it tries to please most of the people all of the time: one can
rewrite user names, do virtual domains, and so on.  I imagine most
organizations would be perfectly happy with it's capabilities: if not,
they probably have a sendmail guru on staff already.

Of course, perhaps people should try both to broaden their set of
skills.  Do qmail first: you'll understand it after a month of
operation and can then spend the rest of your life learning sendmail.

qmail's source is quite usable.  It looks a lot like it was written by
a real engineer: the design is clean, careful, and correct, but
variable names are terse and comments scarce.

On might consider using qmail on a firewall to protect a sendmail
server, if you need sendmail's flexibility.

The comparison is not at all like that between vi and emacs, or pico
and emacs.  To me, qmail feels kind of like C: deterministic,
reliable, clean[2].  sendmail feels like C++: ten times more
complicated, ugly, hairy, useful for some big projects but a bad
choice for many people.

--
Martin Pool

[1] It's an absolute requirement
[2] This is how I think of C.  UQCS people can reply to nul.
----------------------- HUMBUG General List --------------------------------
echo "unsubscribe general" | mail majordomo at humbug.org.au # To Unsubscribe

More information about the General mailing list