comparison thesis/tex/3-MailTransferAgents.tex @ 140:002fd18820cc

small changes
author meillo@marmaro.de
date Thu, 11 Dec 2008 17:29:09 +0100
parents 067e2482f6e9
children 70201774b457
comparison
equal deleted inserted replaced
139:f81c6ed4dcaa 140:002fd18820cc
69 69
70 This section introduces a selection of popular \MTA{}s; they are the most likely substitutes for \masqmail. All are \emph{sendmail-compatible} ``smart'' \freesw\ \MTA{}s that focus on mail transfer, as is \masqmail. 70 This section introduces a selection of popular \MTA{}s; they are the most likely substitutes for \masqmail. All are \emph{sendmail-compatible} ``smart'' \freesw\ \MTA{}s that focus on mail transfer, as is \masqmail.
71 71
72 The programs chosen are: \sendmail, \exim, \qmail, and \postfix. They are the most important representatives of the regarded group. Although \MTA\ statistics are rare, FIXME(have different results), and good data is hard to collect, these programs tend to stay near the top. 72 The programs chosen are: \sendmail, \exim, \qmail, and \postfix. They are the most important representatives of the regarded group. Although \MTA\ statistics are rare, FIXME(have different results), and good data is hard to collect, these programs tend to stay near the top.
73 73
74 Table \ref{tab:mta-market-share} shows the Top 10 \MTA{}s of three different statistics. The first published by \name{O'ReillyNet} in YYYY \citeweb{oreillynet:mta-stats} , the second by \name{Mailradar.com} from YYYY \citeweb{mailradar:mta-stats} , and the third by \person{Daniel~J.\ Bernstein} (the author of \qmail) done in 2001 \citeweb{djb:mta-stats}. 74 Table \ref{tab:mta-market-share} shows the Top 10 \MTA{}s of three different statistics. The first published by \name{O'ReillyNet} in 2007 \citeweb{oreillynet:mta-stats} , the second by \name{MailRadar.com} from YYYY \citeweb{mailradar:mta-stats} , and the third by \person{Daniel~J.\ Bernstein} (the author of \qmail) done in 2001 \citeweb{djb:mta-stats}.
75 75
76 \begin{table} 76 \begin{table}
77 \begin{center} 77 \begin{center}
78 \input{input/mta-market-share.tex} 78 \input{input/mta-market-share.tex}
79 \end{center} 79 \end{center}
169 169
170 Monolithic \MTA{}s are \sendmail, \name{smail}, \exim, and \masqmail. They all consist of one single \emph{setuid root}\footnote{\emph{setuid root} lets a program run with the rights of its owner, here root. This is considered a security risk.} binary which does all the work. 170 Monolithic \MTA{}s are \sendmail, \name{smail}, \exim, and \masqmail. They all consist of one single \emph{setuid root}\footnote{\emph{setuid root} lets a program run with the rights of its owner, here root. This is considered a security risk.} binary which does all the work.
171 171
172 Modular \MTA{}s are \NAME{MMDF}, \qmail, \postfix, and \name{MeTA1}. They consist of several programs, each doing a part of the overall job. The different programs run with the least permissions the need, and \emph{setuid root} needs not to be used. 172 Modular \MTA{}s are \NAME{MMDF}, \qmail, \postfix, and \name{MeTA1}. They consist of several programs, each doing a part of the overall job. The different programs run with the least permissions the need, and \emph{setuid root} needs not to be used.
173 173
174 The architecture does not directly define the program's security, but ``[t]he goal of making a software secure can be better achieved by making the design simple and easier to understand and verify''\cite[chapter 6]{hafiz05}. \exim, though being monolithic, has a fairly clean security record. But it is very hard to keep the security up, as the program growth. \person{Wietse Venema} (the author of \postfix) says, the architecture enabled \postfix\ to grow without running into security problems. \citeweb{venema:postfix-growth} 174 The architecture does not directly define the program's security, but ``[t]he goal of making a software secure can be better achieved by making the design simple and easier to understand and verify''\cite[chapter 6]{hafiz05}. \exim, though being monolithic, has a fairly clean security record. But it is very hard to keep the security up, as the program growth. \person{Wietse Venema} (the author of \postfix) says, the architecture enabled \postfix\ to grow without running into security problems. \citeweb[page 13]{venema:postfix-growth}
175 175
176 The modular design, with each sub-program doing one part of the overall job, is applied \name{Unix Philosophy}. The Unix Philosophy \cite{gancarz} demands ``small is beautiful'' and ``do one job and do it good''. Monolithic \MTA{}s fail here. %fixme: check correct wording 176 The modular design, with each sub-program doing one part of the overall job, is applied \name{Unix Philosophy}. The Unix Philosophy \cite{gancarz95} demands ``small is beautiful'' and ``make each program do one thing well''. Monolithic \MTA{}s fail here.
177 177
178 Today modular \mta\ architectures are the state-of-the-art. 178 Today modular \mta\ architectures are the state-of-the-art.
179 179
180 180
181 181
182 \subsection{With focus on the future} 182 \subsection{With focus on the future}
183 183
184 Section \ref{sec:what-will-be-important} tried to figure out the importances for future \MTA{}s. The four programs are compared on these (possible) future requirements now. 184 Section \ref{sec:what-will-be-important} tried to figure out the importances for future \MTA{}s. The four programs are compared on these (possible) future requirements now.
185 185
186 The first trend was provider independence, requiring easy configuration. \postfix\ seems to do best here. It has one single configuration file (FIXME) which is easy to manage. \sendmail\ and \qmail\ appear to have bad positions. Their configuration is complex, thus they would need simplification wrappers around them to provide easy configuration. For \path{sendmail.cf} exist the \name{m4} macros, but adjusting \path{sendmail.cf} by hand seems to be nessesary for non-trivial configurations. And \path{sendmail.cf}'s complexity, including Turing-completeness,%fixme: ref 186 The first trend was provider independence, requiring easy configuration. \postfix\ seems to do best here. It used primary two configuration files (\path{master.cf} and \path{main.cf}) which are easy to manage. \sendmail\ appears to have a bad position. Its configuration file \path{sendmail.cf} is very complex, including Turing-completeness, thus it needs simplification wrappers around it to provide easier configuration. There exist the \name{m4} macros to generate \path{sendmail.cf}, but adjusting the generated result by hand seems to be nessesary for non-trivial configurations. \qmail's configuration files are simple, but the whole system is complex to set up; it requires various system users and is hardly usable without applying several patches to add basic functionality. \name{netqmail} is the community effort to help here. \exim\ has only one single configuration file (\path{exim.conf}), but it suffers most from its flexibility, like \sendmail. Flexibility and easy configuration are contrary.
187 is legendary. \qmail's configuration files are not so complex, but the whole system (requiring various system users) is complex to set up. \exim\ suffers most from its flexibility, like \sendmail. Flexibility and easy configuration are contrary.
188 187
189 As second trend, the decreasing nessesarity for high performance was identified. This goes along with the move of \MTA{}s from service providers to home servers. \postfix\ focuses much on performance, this might not be an important point then. Of course there still will be the need for high performance \MTA{}s, but a growing share of the market will not require high performance. Performance is related to simplicity, which effects security. Increasing performance does in most times decrease the other two. Simple \mta{}s not aiming for highest performance are what is needed in future. The simple of \qmail, still being fast enough, seems to be a good example. 188 As second trend, the decreasing nessesarity for high performance was identified. This goes along with the move of \MTA{}s from service providers to home servers. \postfix\ focuses much on performance, this might not be an important point then. Of course there still will be the need for high performance \MTA{}s, but a growing share of the market will not require high performance. Performance is related to simplicity, which effects security. Increasing performance does in most times decrease the other two. Simple \mta{}s not aiming for highest performance are what is needed in future. The simple of \qmail, still being fast enough, seems to be a good example.
190 189
191 The third trend, even more security awareness, is addressed by each of the four programs. It seems as if all widely used \mta{}s provide good security nowadays---even \sendmail\ can be considered secure today. %fixme:ref 190 The third trend, even more security awareness, is addressed by each of the four programs. It seems as if all widely used \mta{}s provide good security nowadays---even \sendmail\ can be considered secure today. %fixme:ref
192 The modular architecture, used by \qmail\ and \postfix, is generally seen to be conceptually more secure, however.%fixme: ref 191 The modular architecture, used by \qmail\ and \postfix, is generally seen to be conceptually more secure, however.%fixme: ref