Mercurial > docs > diploma
annotate thesis/tex/3-MailTransferAgents.tex @ 193:ee687abf386c
a result is needed here
| author | meillo@marmaro.de |
|---|---|
| date | Wed, 31 Dec 2008 13:57:31 +0100 |
| parents | 0b17f6e5edae |
| children | 013a13ee0a5f |
| rev | line source |
|---|---|
| 89 | 1 \chapter{Mail transfer agents} |
| 2 | |
| 117 | 3 After having analyzed the market for electronic mail and trends for it in the last chapter, this chapter takes a look at \mta{}s, the intelligent most important parts of the email infrastructure. \MTA{}s will be grouped by similarities, and the four most popular \freesw\ \mta{}s, will be presented to the reader in a short overview and with the most important facts. At the end of this chapter a comparison of these programs in several disciplines will be done. |
| 89 | 4 |
| 117 | 5 |
| 89 | 6 |
| 7 | |
| 120 | 8 \section{Types of MTAs} |
| 117 | 9 ``Mail transfer agent'' is a term covering a variety of programs. One thing is common to them: they transfer email from one machine to another. |
| 89 | 10 |
| 143 | 11 This is how Bryan \person{Costales} defines a \mta\ in \cite{costales97}: |
| 117 | 12 \begin{quote} |
| 13 A mail transfer agent (MTA) is a highly specialized program that delivers mail and transports it between machines, like the post office. | |
| 14 \end{quote} | |
| 15 \name{The Free Dictionary} is a bit more concrete on the term: \citeweb{website:thefreedictionary} | |
| 16 \begin{quote} | |
| 17 Message Transfer Agent - (MTA, Mail Transfer Agent): Any program responsible for delivering e-mail messages. Upon receiving a message from a Mail User Agent or another MTA, [...] it [...] delivers it to any local addressees and/or forwards it to other remote MTAs (routing) for delivery to remote recipients. | |
| 18 \end{quote} | |
| 89 | 19 |
| 117 | 20 Common to all \MTA{}s is the transfer of mail to other machines; this is the actual job. Besides this similarity, \MTA{}s can be very different. Some of them have \NAME{POP3} and/or \NAME{IMAP} servers included. Some can fetch mails through these protocols. Others have have all features you can think of. And maybe there are some that do nothing else but transporting email. |
| 21 | |
| 22 Following is a classification of \mta{}s into groups of similar programs, regarding what is viewable from the outside. | |
| 23 | |
| 24 | |
| 120 | 25 \subsubsection*{Relay-only MTAs} |
| 89 | 26 \label{subsec:relay-only} |
| 27 This is the most simple kind of \MTA. It transfers mail only to defined \name{smart hosts}\footnote{\name{smart host}s are \MTA{}s that receives email and route it to the actual destination}. \name{Relay-only} \MTA{}s do not receive mail from outside the system, and they do not deliver locally. | |
| 28 | |
| 29 Most \MTA{}s can be configured to act as such a \name{forwarder}. But this is usually an additional functionality. | |
| 30 | |
| 31 One would use such a program to give a system the possibility to send mail, without the need to do lots of configuration. In a local network, usually the clients are set up with a \name{relay-only} \MTA, while there is one \name{mail server} that acts as a \name{smart host}. The ``dumb'' clients send mail to this one \name{mail server} which does all the work. | |
| 32 | |
| 33 Examples for that group are: \name{nullmailer}, \name{ssmtp} and \name{esmtp}. | |
| 34 | |
| 35 | |
| 117 | 36 \subsubsection*{Groupware} |
| 124 | 37 Normally the term ``groupware'' does not mean one single program, but a suite of programs. They build a framework which is then populated with various modules that provide actual functionality. Modules for mail transfer, file storage, calendars, resource management, instant messaging, etc., are commonly available. |
| 89 | 38 |
| 148 | 39 These program suites are used if the main work to do is providing integrated communication facilities and team working support for a group of people. Mail transfer is only part of the problem to solve. The most common scenario are companies. They have \name{groupware} running to provide adequate services for their teams to work efficiently. But one may use \name{groupware} on the home server for his family members also. |
| 89 | 40 |
| 41 Examples are: \name{Lotus Notes}, \name{Microsoft Exchange}, \name{OpenGroupware.org} and \name{eGroupWare}. | |
| 42 | |
| 43 | |
| 120 | 44 \subsubsection*{``Real'' MTAs} |
| 117 | 45 There is a third type of \mta{}s in between the minimalistic \name{relay-only} \MTA{}s and the bloated \name{groupware}. Those programs may be named ``real \MTA{}s'', or ``proper \MTA{}s'', though there is no common name. They are what is meant with the term ``\mta''---programs that transfer mail between hosts. |
| 89 | 46 |
| 132 | 47 Common to them is their focus on transferring email, while being able to act as \name{smart host}. Their variety ranges from ones mostly restricted to mail transfer (\qmail) to others already having interfaces for adding further mail processing modules (\postfix). They cover everything in between the other two groups. %FIXME: are postfix and qmail good examples? |
| 89 | 48 |
| 117 | 49 This group is of importance in this document. All programs selected for the comparison in the following section are ``real \MTA{}s''. \masqmail\ is one too. |
| 89 | 50 |
| 51 | |
| 117 | 52 \subsubsection*{Other segmenting} |
| 124 | 53 \name{Mail transfer agents} can also be split in other ways. |
| 117 | 54 \begin{itemize} |
| 55 \item | |
| 124 | 56 Due to \sendmail's significance---described in section \ref{sec:sendmail}---compatibility interfaces for \sendmail\ are of importance for \unix\ \MTA{}s. Being not \emph{sendmail-compatible} does not need to matter for some fields of action, but makes the program ineligible for serving as a general purpose \MTA\ on \unix\ systems. Hence being sendmail-compatible is a major property of a \mta. %todo: how many MTAs are sendmail-compatible? |
| 57 \MTA{}s not having a \emph{sendmail-compatible} interface or not offering it as a compatibility add-on, will not be covered here. One example for such a program is \name{Apache James}. %FIXME: check if correct | |
| 89 | 58 |
| 117 | 59 \item |
| 60 Another separation can be done between \freesw\ programs and proprietary software. Many of the \MTA{}s for \unix\ systems are \freesw. Only these are regarded in the following sections, because comparing \freesw\ with proprietary or commercial software is not what typical users of programs like \masqmail\ do. %fixme: what are typical users? | |
| 61 Comparison with those non-free programs may be a point for large \freesw\ projects, trying to step into the business world. Small projects, mostly used by individuals at home, %fixme: is this the right target field? see chap02 | |
| 119 | 62 need to be compared against other projects of similar shape. The document should be seen from \masqmail's point of view---an \MTA\ for a \unix\ system on home servers, workstations, or maybe embedded platforms---so non-free software is out of the way. |
| 117 | 63 \end{itemize} |
| 89 | 64 |
| 65 | |
| 66 | |
| 67 | |
| 120 | 68 \section{Popular MTAs} |
| 117 | 69 |
| 130 | 70 This section introduces a selection of popular \MTA{}s; they are the most likely substitutes for \masqmail. All are \emph{sendmail-compatible} ``smart'' \freesw\ \MTA{}s that focus on mail transfer, as is \masqmail. |
| 89 | 71 |
| 143 | 72 The programs chosen are: \sendmail, \exim, \qmail, and \postfix. They are the most important representatives of the regarded group. Although \MTA\ statistics are rare, differ, and good data is hard to collect, these programs tend to stay near the top. |
| 130 | 73 |
|
145
93a47593a493
changed order of mta stats cols; added subsection headings
meillo@marmaro.de
parents:
143
diff
changeset
|
74 |
|
93a47593a493
changed order of mta stats cols; added subsection headings
meillo@marmaro.de
parents:
143
diff
changeset
|
75 \subsection{Market share analysis} |
|
93a47593a493
changed order of mta stats cols; added subsection headings
meillo@marmaro.de
parents:
143
diff
changeset
|
76 |
| 155 | 77 Table \ref{tab:mta-market-share} shows the most used \MTA{}s determined by three different statistics. The first was done by Daniel~J.\ \person{Bernstein} (the author of \qmail) in 2001 \cite{bernstein01}. The second is by \person{Simpson} and \person{Bekman} in 2007 and was published by \name{O'ReillyNet} \cite{simpson07}. And the third is from \name{MailRadar.com} with unknown date\footnote{The footer of the website shows ``Copyright 2007'' but more likely does this refer to the whole website.} \citeweb{mailradar:mta-stats}. |
| 89 | 78 |
| 130 | 79 \begin{table} |
| 80 \begin{center} | |
| 81 \input{input/mta-market-share.tex} | |
| 82 \end{center} | |
| 83 \caption{Market share of \MTA{}s} | |
| 84 \label{tab:mta-market-share} | |
| 85 \end{table} | |
| 117 | 86 |
|
145
93a47593a493
changed order of mta stats cols; added subsection headings
meillo@marmaro.de
parents:
143
diff
changeset
|
87 All surveys show high market shares for the four \MTA{}s: \sendmail, \exim, \qmail, and \postfix. Only the \name{Microsoft} mail server software and \name{IMail} have comparable large shares. Other \freesw\ \mta{}s are: \name{smail}, \name{zmailer}, \name{MMDF}, and \name{courier-mta}. They all are less important and rarely used. |
|
93a47593a493
changed order of mta stats cols; added subsection headings
meillo@marmaro.de
parents:
143
diff
changeset
|
88 |
|
93a47593a493
changed order of mta stats cols; added subsection headings
meillo@marmaro.de
parents:
143
diff
changeset
|
89 The three surveys base on different data. \person{Bernstein} took 1,000,000 randomly chosen \NAME{IP} addresses, containing 39,206 valid hosts; 958 of them accepted \NAME{SMTP} connections. The \person{Simpson} and \person{Bekman} survey used only domains owned by companies; in total 400,000 hosts. \name{MailRadar} scanned 2,818,895 servers, leading to 59,209 accepted connections. |
|
93a47593a493
changed order of mta stats cols; added subsection headings
meillo@marmaro.de
parents:
143
diff
changeset
|
90 |
|
93a47593a493
changed order of mta stats cols; added subsection headings
meillo@marmaro.de
parents:
143
diff
changeset
|
91 All surveys show \sendmail\ to be the most popular \MTA. \postfix, \qmail, and \exim\ are among the best seven in each. \exim\ has lightly smaller shares than the other two. The four together share more than half of the market according to \person{Bernstein} and the \name{MailRadar} statistics. \person{Simpson} and \person{Bekman} have their share to be somewhere between a third and the half. The reason for this uncertainty follows. |
| 143 | 92 |
|
145
93a47593a493
changed order of mta stats cols; added subsection headings
meillo@marmaro.de
parents:
143
diff
changeset
|
93 Remarkable are the 22 percent of ``mail security layers''\footnote{\name{mail security layers} are software guards between the network and the \mta\ that filter unwanted mail before it reaches the \MTA. This increases security by filtering malicious content and by blocking attacks against the \MTA. It also decreases the work load of the guarded \MTA.} in the \name{O'Reilly} survey. This large size of this share may be a result of only regarding business mail servers. The problem concerning the survey is the deguise of the \mta\ working behind the security layer. It seems wrong to assume equal shares for the \MTA{}s behind the guards as for the unguarded \MTA{}s, because they will be more often used to guard weak \MTA{}s, as strong ones do not need them so much. This needs to be kept in mind when using the \name{O'Reilly} survey. |
| 143 | 94 |
|
145
93a47593a493
changed order of mta stats cols; added subsection headings
meillo@marmaro.de
parents:
143
diff
changeset
|
95 It seems quite sure that the \name{MailRadar} statistics were published after 2001, caused by the \sendmail\ and \postfix\ shares. But to decide whether before or after the one from \name{O'Reilly} would be just a guess. |
| 89 | 96 |
| 130 | 97 |
|
145
93a47593a493
changed order of mta stats cols; added subsection headings
meillo@marmaro.de
parents:
143
diff
changeset
|
98 \subsection{The four major Free Software MTAs} |
|
93a47593a493
changed order of mta stats cols; added subsection headings
meillo@marmaro.de
parents:
143
diff
changeset
|
99 |
| 155 | 100 Now follows a small introduction to the five programs chosen for comparison, except \masqmail\ which already was introduced in chapter \ref{chap:introduction}. Longer introductions, including analysis and comparison, were written by Jonathan de \person{Boyne Pollard} \cite{jdebp}. |
| 117 | 101 |
| 89 | 102 |
| 117 | 103 |
| 120 | 104 \subsubsection*{sendmail} |
| 89 | 105 \label{sec:sendmail} |
| 117 | 106 \sendmail\ is the most popular \mta, since it was one of the first and was shipped as default \MTA{}s by many vendors of \unix\ systems. %fixme: ref |
| 89 | 107 |
| 143 | 108 The program was written by Eric \person{Allman} as the successor of his program \name{delivermail}. \sendmail\ was first released with \NAME{BSD} 4.1c in 1983. Allman was not the only one working on the program. Other people developed own versions of it and a variety of flavors came up, especially in the late eighties when Allman was inactive. %fixme: ref |
| 89 | 109 |
| 124 | 110 \sendmail\ is focused on transferring mails between different protocols and networks, this lead to a very flexible (though complex) configuration. |
| 89 | 111 |
| 112 The latest version is 8.14.3 from May 2008. The program is distributed under the \name{Sendmail License} as both, \freesw\ and proprietary software of \name{Sendmail, Inc.}. | |
| 113 | |
| 128 | 114 Further development will go into the project \name{MeTA1} (the former name was \name{sendmail X}) which succeeds \sendmail. |
| 89 | 115 |
| 130 | 116 More information can be found on the \sendmail\ homepage \citeweb{sendmail:homepage}. |
| 89 | 117 |
| 118 | |
| 117 | 119 |
| 120 | 120 \subsubsection*{exim} |
| 117 | 121 \label{sec:exim} |
| 143 | 122 \exim\ was started in 1995 by Philip \person{Hazel} at the \name{University of Cambridge}. It is forked of \name{smail-3}, and inherited the monolithic architecture, similar to \sendmail's. But having no separation of the individual components of the system, like \qmail\ and \postfix\ have, did not hurt. Its security is comparably good. %fixme: ref |
| 117 | 123 |
| 132 | 124 \exim\ is highly configurable, especially in the field of mail policies. This makes it easy to specify how mail is routed through the system and who is allowed to send email to whom. Also interfaces for integration of virus and spam check programs are provided by design. %fixme: ref |
| 117 | 125 |
| 126 The program is \freesw, released under the \GPL. The latest stable version is 4.69 from December 2007. | |
| 127 | |
| 132 | 128 One finds \exim\ on its homepage \citeweb{exim:homepage}. |
| 117 | 129 |
| 130 | |
| 131 | |
| 120 | 132 \subsubsection*{qmail} |
| 89 | 133 \label{sec:qmail} |
| 132 | 134 \qmail\ is seen by its community as ``a modern SMTP server which makes sendmail obsolete''.%fixme: ref |
| 143 | 135 It was written by Daniel~J.\ \person{Bernstein} starting in 1995. His primary goal was to create a secure \MTA\ to replace the popular, but vulnerable, \sendmail. %fixme: ref |
| 89 | 136 |
| 132 | 137 \qmail\ first introduced many innovative concepts in \mta\ design and is generally seen as the first security-aware \MTA\ developed. %fixme:ref |
| 117 | 138 %fixme: what about mmdf? |
| 89 | 139 |
| 132 | 140 Since November 2007, \qmail\ is released in the \name{public domain} which makes it \freesw. The latest release is 1.03 from July 1998. |
| 89 | 141 |
| 155 | 142 The programs homepages are \citeweb{qmail:homepage1} and \citeweb{qmail:homepage2}. Further information about \qmail\ is available with Dave \person{Sill}'s ``Life with qmail'' \cite{lifewithqmail}. |
| 89 | 143 |
| 144 | |
| 117 | 145 |
| 120 | 146 \subsubsection*{postfix} |
| 89 | 147 \label{sec:postfix} |
| 143 | 148 The \postfix\ project was started in 1999 at \name{IBM research}, then called \name{VMailer} or \name{IBM Secure Mailer}. Wietse \person{Venema}'s program ``attempts to be fast, easy to administer, and secure. The outside has a definite Sendmail-ish flavor, but the inside is completely different.''\citeweb{postfix:homepage} In fact, \postfix\ was mainly designed after qmail's architecture to gain security. But in contrast to \qmail\ it aims much more on being fast and full-featured. |
| 89 | 149 |
| 132 | 150 Today \postfix\ is taken by many \unix\ systems and \gnulinux\ distributions as default \MTA. |
| 89 | 151 |
| 132 | 152 The latest stable version is numbered 2.5.5 from August 2008. \postfix\ is covered by the \name{IBM Public License 1.0} which is a \freesw\ license. |
| 89 | 153 |
| 132 | 154 Additional information can be retrieved from the program's homepage \citeweb{postfix:homepage}. |
| 89 | 155 |
| 156 | |
| 157 | |
| 158 | |
| 159 | |
| 160 | |
| 120 | 161 \section{Comparison of MTAs} |
| 89 | 162 |
| 155 | 163 This section does not try to provide an overall \MTA\ comparison, because this is already done by others. Remarkable comparisons are the one by Dan \person{Shearer} \cite{shearer06} and a discussion on the mailing list \name{plug@lists.q-linux.com} \cite{plug:mtas}. Tabulary overviews may be found at \citeweb{mailsoftware42}, \citeweb{wikipedia:comparison-of-mail-servers}, and \cite[section 1.9]{lifewithqmail}. |
| 89 | 164 |
| 128 | 165 Here provided is an overview on a selection of important properties, covering the four previously introduced programs. The data comes from the above stated sources and is collected in table \ref{tab:mta-comparison}. |
| 166 | |
| 117 | 167 \begin{table} |
| 126 | 168 \begin{center} |
| 169 \input{input/mta-comparison.tex} | |
| 170 \end{center} | |
| 171 \caption{Comparison of MTAs} | |
| 172 \label{tab:mta-comparison} | |
| 117 | 173 \end{table} |
| 89 | 174 |
| 175 | |
| 132 | 176 \subsection{Architecture} |
| 126 | 177 |
| 132 | 178 Architecture is most important when comparing \MTA{}s. Many other properties of a program depend on its architecture. %fixme: add ref? |
| 155 | 179 Munawar \person{Hafiz} \cite{hafiz05} discusses in detail on \mta\ architecture, comparing \sendmail, \qmail, \postfix, and \name{sendmail X}. Jonathan de \person{Boyne Pollard}'s \MTA\ review \cite{jdebp} is a source too. |
| 126 | 180 |
| 132 | 181 Two different architecture types show off: monolithic and modular \mta{}s. |
| 126 | 182 |
| 132 | 183 Monolithic \MTA{}s are \sendmail, \name{smail}, \exim, and \masqmail. They all consist of one single \emph{setuid root}\footnote{\emph{setuid root} lets a program run with the rights of its owner, here root. This is considered a security risk.} binary which does all the work. |
| 126 | 184 |
| 132 | 185 Modular \MTA{}s are \NAME{MMDF}, \qmail, \postfix, and \name{MeTA1}. They consist of several programs, each doing a part of the overall job. The different programs run with the least permissions the need, and \emph{setuid root} needs not to be used. |
| 89 | 186 |
| 155 | 187 The architecture does not directly define the program's security, but ``[t]he goal of making a software secure can be better achieved by making the design simple and easier to understand and verify''\cite[chapter 6]{hafiz05}. \exim, though being monolithic, has a fairly clean security record. But it is very hard to keep the security up, as the program growth. Wietse \person{Venema} (the author of \postfix) says, the architecture enabled \postfix\ to grow without running into security problems. \cite[page 13]{venema:postfix-growth} |
| 89 | 188 |
| 140 | 189 The modular design, with each sub-program doing one part of the overall job, is applied \name{Unix Philosophy}. The Unix Philosophy \cite{gancarz95} demands ``small is beautiful'' and ``make each program do one thing well''. Monolithic \MTA{}s fail here. |
| 89 | 190 |
| 132 | 191 Today modular \mta\ architectures are the state-of-the-art. |
| 89 | 192 |
| 193 | |
| 194 | |
| 132 | 195 \subsection{With focus on the future} |
| 126 | 196 |
| 132 | 197 Section \ref{sec:what-will-be-important} tried to figure out the importances for future \MTA{}s. The four programs are compared on these (possible) future requirements now. |
| 126 | 198 |
| 140 | 199 The first trend was provider independence, requiring easy configuration. \postfix\ seems to do best here. It used primary two configuration files (\path{master.cf} and \path{main.cf}) which are easy to manage. \sendmail\ appears to have a bad position. Its configuration file \path{sendmail.cf} is very complex, including Turing-completeness, thus it needs simplification wrappers around it to provide easier configuration. There exist the \name{m4} macros to generate \path{sendmail.cf}, but adjusting the generated result by hand seems to be nessesary for non-trivial configurations. \qmail's configuration files are simple, but the whole system is complex to set up; it requires various system users and is hardly usable without applying several patches to add basic functionality. \name{netqmail} is the community effort to help here. \exim\ has only one single configuration file (\path{exim.conf}), but it suffers most from its flexibility, like \sendmail. Flexibility and easy configuration are contrary. |
| 117 | 200 |
| 132 | 201 As second trend, the decreasing nessesarity for high performance was identified. This goes along with the move of \MTA{}s from service providers to home servers. \postfix\ focuses much on performance, this might not be an important point then. Of course there still will be the need for high performance \MTA{}s, but a growing share of the market will not require high performance. Performance is related to simplicity, which effects security. Increasing performance does in most times decrease the other two. Simple \mta{}s not aiming for highest performance are what is needed in future. The simple of \qmail, still being fast enough, seems to be a good example. |
|
93
a6f8a93abd64
new chapter 4 (split ch5); added lots of annotations
meillo@marmaro.de
parents:
92
diff
changeset
|
202 |
| 132 | 203 The third trend, even more security awareness, is addressed by each of the four programs. It seems as if all widely used \mta{}s provide good security nowadays---even \sendmail\ can be considered secure today. %fixme:ref |
| 204 The modular architecture, used by \qmail\ and \postfix, is generally seen to be conceptually more secure, however.%fixme: ref | |
| 205 \sendmail's creators have started \name{MeTA1}, a modular \MTA\ merging the best of \qmail\ and \postfix, to replace the old \sendmail. It will be interesting to watch \exim's future---will it become modular too? | |
| 89 | 206 |
| 117 | 207 |
| 130 | 208 |
| 193 | 209 \section{Result} |
| 210 | |
| 211 %fixme: write a result here | |
| 130 | 212 |
| 213 | |
| 117 | 214 |
| 215 | |
| 132 | 216 %todo: my own poll (?) |
| 130 | 217 |
| 218 | |
| 132 | 219 %<< complexity >> << security >> << simplicity of configuration and administration >> << flexibility of configuration and administration >> << code size >> << code quality >> << documentation (amount and quality) >> << community (amount and quality) >> << used it myself >> << had problems with it >> |
| 220 | |
| 221 | |
| 222 %<< quality criteria >> << standards of any kind >> << how to compare? >> << (bewertungsmatrix) objectivity >> << how many criteria for ``good''? >> | |
|
133
653ff21b89be
the last commit had a bad message better is:
meillo@marmaro.de
parents:
132
diff
changeset
|
223 |