Mercurial > docs > diploma
comparison thesis/tex/3-MailTransferAgents.tex @ 402:e57129f57faa
finished the indexing in a huge last effort
| author | meillo@marmaro.de |
|---|---|
| date | Sun, 08 Feb 2009 22:51:42 +0100 |
| parents | 5254a119ad56 |
| children | b357dfc509b5 |
comparison
equal
deleted
inserted
replaced
| 401:d6ff5728dcd1 | 402:e57129f57faa |
|---|---|
| 36 | 36 |
| 37 \subsubsection*{Relay-only MTAs} | 37 \subsubsection*{Relay-only MTAs} |
| 38 \label{subsec:relay-only} | 38 \label{subsec:relay-only} |
| 39 | 39 |
| 40 Also called \name{forwarders}. This is the most simple kind of an \MTA. It transfers mail only to defined \name{smart hosts}\footnote{\name{smart host}s are mail servers that receive email and route it to the actual destination.}. Relay-only \MTA{}s do not receive mail from outside the system and they do not deliver locally. All they do is transfer mail to a specified smart host for further relay. | 40 Also called \name{forwarders}. This is the most simple kind of an \MTA. It transfers mail only to defined \name{smart hosts}\footnote{\name{smart host}s are mail servers that receive email and route it to the actual destination.}. Relay-only \MTA{}s do not receive mail from outside the system and they do not deliver locally. All they do is transfer mail to a specified smart host for further relay. |
| 41 \index{forwarder} | |
| 42 \index{relay-only mta} | 41 \index{relay-only mta} |
| 43 \index{smart host} | 42 \index{smart host} |
| 44 | 43 |
| 45 Most \MTA{}s can be configured to act as such a \name{forwarder}. But this is usually an additional functionality. | 44 Most \MTA{}s can be configured to act as such a \name{forwarder}. But this is usually an additional functionality. |
| 46 | 45 |
| 58 | 57 |
| 59 Examples for groupware are: \name{Lotus Notes}, \name{Microsoft Exchange}, and \name{OpenGroupware.org}. | 58 Examples for groupware are: \name{Lotus Notes}, \name{Microsoft Exchange}, and \name{OpenGroupware.org}. |
| 60 | 59 |
| 61 | 60 |
| 62 \subsubsection*{``Real'' MTAs} | 61 \subsubsection*{``Real'' MTAs} |
| 63 \index{real mta} | 62 \index{mta!real ones} |
| 64 | 63 |
| 65 There is a third type of \MTA{}s in between the minimalistic \name{relay-only} \MTA{}s and the feature loaded \name{groupware}. Those programs may be named ``real \MTA{}s'', or ``proper \MTA{}s'', though there is no common name. They are what is meant with the term ``mail transfer agent''---programs that transfer mail between hosts. | 64 There is a third type of \MTA{}s in between the minimalistic \name{relay-only} \MTA{}s and the feature loaded \name{groupware}. Those programs may be named ``real \MTA{}s'', or ``proper \MTA{}s'', though there is no common name. They are what is meant with the term ``mail transfer agent''---programs that transfer mail between hosts. |
| 66 | 65 |
| 67 Common to them is their focus on the email transfer, while they are able to act as smart hosts. Their variety ranges from ones mostly restricted to mail transfer (e.g.\ \qmail) to others having interfaces for adding further mail processing modules (e.g.\ \postfix). This group covers everything in between the other two groups. | 66 Common to them is their focus on the email transfer, while they are able to act as smart hosts. Their variety ranges from ones mostly restricted to mail transfer (e.g.\ \qmail) to others having interfaces for adding further mail processing modules (e.g.\ \postfix). This group covers everything in between the other two groups. |
| 68 | 67 |
| 69 \name{Real} \MTA{}s include \sendmail, \exim, \qmail, and \postfix. | 68 \name{Real} \MTA{}s include \sendmail, \exim, \qmail, and \postfix. |
| 69 \index{sendmail} | |
| 70 \index{postfix} | |
| 71 \index{qmail} | |
| 72 \index{exim} | |
| 70 | 73 |
| 71 | 74 |
| 72 \subsubsection*{Other segmenting} | 75 \subsubsection*{Other segmenting} |
| 73 | 76 |
| 74 \MTA{}s can also be split in other ways. | 77 \MTA{}s can also be split in other ways. |
| 75 | 78 |
| 76 Due to \sendmail's significance in the early times of email, compatibility interfaces to \sendmail\ are important for Unix \MTA{}s. The reason is that many mail applications simply assume the \sendmail\ \MTA\ to be installed on the system. Being not \name{sendmail-compatible} may not matter for some fields of action, but makes the program ineligible for serving as a general purpose \MTA\ on Unix systems. Hence being sendmail-compatible is a major property of an \MTA. \MTA{}s without \name{sendmail-compatible} interfaces, or at least compatibility add-ons, will not be covered here. One example for such a program is \name{Apache James}. | 79 Due to \sendmail's significance in the early times of email, compatibility interfaces to \sendmail\ are important for Unix \MTA{}s. The reason is that many mail applications simply assume the \sendmail\ \MTA\ to be installed on the system. Being not \name{sendmail-compatible} may not matter for some fields of action, but makes the program ineligible for serving as a general purpose \MTA\ on Unix systems. Hence being sendmail-compatible is a major property of an \MTA. \MTA{}s without \name{sendmail-compatible} interfaces, or at least compatibility add-ons, will not be covered here. One example for such a program is \name{Apache James}. |
| 77 \index{sendmail!compatibility} | 80 \index{sendmail!compatibility} |
| 81 \index{Unix} | |
| 78 | 82 |
| 79 Another separation can be done between Free Software \MTA{}s and proprietary ones. Many of the \MTA{}s for Unix systems are Free Software. Only these are regarded throughout this thesis, because comparing Free Software with proprietary or commercial software is not what typical users of programs like \masqmail\ do. Comparison with non-free programs may be a point for large Free Software projects that try to step into the business world. Small projects, mostly used by individuals at home, need to be compared against other projects of similar shape. The document is seen from \masqmail's point of view---an \MTA\ for Unix systems on home servers and workstations---so non-free software is out of the way. | 83 Another separation can be done between Free Software \MTA{}s and proprietary ones. Many of the \MTA{}s for Unix systems are Free Software. Only these are regarded throughout this thesis, because comparing Free Software with proprietary or commercial software is not what typical users of programs like \masqmail\ do. Comparison with non-free programs may be a point for large Free Software projects that try to step into the business world. Small projects, mostly used by individuals at home, need to be compared against other projects of similar shape. The document is seen from \masqmail's point of view---an \MTA\ for Unix systems on home servers and workstations---so non-free software is out of the way. |
| 80 \index{freesw} | 84 \index{Free Software} |
| 85 \index{Free Software projects} | |
| 81 | 86 |
| 82 | 87 |
| 83 | 88 |
| 84 | 89 |
| 85 | 90 |
| 86 | 91 |
| 87 \subsubsection*{\masqmail's position} | 92 \subsubsection*{\masqmail's position} |
| 88 \index{masqmail!position of} | 93 \index{masqmail!position} |
| 89 | 94 |
| 90 Now, where does \masqmail\ fit in? It is not groupware nor a simple forwarder, thus it belongs to the ``real \MTA{}s''. Additionally, it is Free Software and is sendmail-compatible to a large degree. This makes it similar to \sendmail, \exim, \qmail, and \postfix. \masqmail\ is intended to be a replacement for those \MTA{}s. | 95 Now, where does \masqmail\ fit in? It is not groupware nor a simple forwarder, thus it belongs to the ``real \MTA{}s''. Additionally, it is Free Software and is sendmail-compatible to a large degree. This makes it similar to \sendmail, \exim, \qmail, and \postfix. \masqmail\ is intended to be a replacement for those \MTA{}s. |
| 91 | 96 |
| 92 But: It was not designed to be used as a general replacement for them. (See: section~\ref{sec:masqmail-target-field}) In fact, \masqmail\ is only a replacement \emph{in some situations}. This primary excludes working in an untrusted environment. | 97 But: It was not designed to be used as a general replacement for them. (See: section~\ref{sec:masqmail-target-field}) In fact, \masqmail\ is only a replacement \emph{in some situations}. This primary excludes working in an untrusted environment. |
| 93 | 98 |
| 103 \section{Popular MTAs} | 108 \section{Popular MTAs} |
| 104 | 109 |
| 105 This section introduces a selection of popular \MTA{}s; they are the most likely substitutes for \masqmail. All are sendmail-compatible ``smart'' Free Software \MTA{}s that focus on mail transfer, as is \masqmail. | 110 This section introduces a selection of popular \MTA{}s; they are the most likely substitutes for \masqmail. All are sendmail-compatible ``smart'' Free Software \MTA{}s that focus on mail transfer, as is \masqmail. |
| 106 | 111 |
| 107 The programs chosen to be compared are: \sendmail, \exim, \qmail, and \postfix. They are the most important representatives of the regarded group. | 112 The programs chosen to be compared are: \sendmail, \exim, \qmail, and \postfix. They are the most important representatives of the regarded group. |
| 113 \index{sendmail} | |
| 114 \index{postfix} | |
| 115 \index{qmail} | |
| 116 \index{exim} | |
| 108 | 117 |
| 109 | 118 |
| 110 \subsection{Market share analysis} | 119 \subsection{Market share analysis} |
| 111 \label{sec:market-share} | 120 \label{sec:market-share} |
| 112 \index{mta!market share analysis} | 121 \index{mta!market share} |
| 113 | 122 |
| 114 \MTA\ statistics are rare, differ, and good data is hard to collect. These points are bad if good statistics are wanted. Thus it is obvious there are only few available. | 123 \MTA\ statistics are rare, differ, and good data is hard to collect. These points are bad if good statistics are wanted. Thus it is obvious there are only few available. |
| 115 | 124 |
| 116 Table~\ref{tab:mta-market-share} shows the most used \MTA{}s determined by three different statistics. The first was done by \person{Daniel~J.\ Bernstein} (the author of \qmail) in 2001 \cite{bernstein01}. The second is by \person{Simpson} and \person{Bekman} in 2007 and was published on \name{O'ReillyNet} \cite{simpson07}. And the third is from \name{MailRadar.com} with unknown date\footnote{The footer of the website shows ``Copyright 2007'' but more likely does this refer to the whole website.} \citeweb{mailradar:mta-stats}. | 125 Table~\ref{tab:mta-market-share} shows the most used \MTA{}s determined by three different statistics. The first was done by \person{Daniel~J.\ Bernstein} (the author of \qmail) in 2001 \cite{bernstein01}. The second is by \person{Simpson} and \person{Bekman} in 2007 and was published on \name{O'ReillyNet} \cite{simpson07}. And the third is from \name{MailRadar.com} with unknown date\footnote{The footer of the website shows ``Copyright 2007'' but more likely does this refer to the whole website.} \citeweb{mailradar:mta-stats}. |
| 117 | 126 |
| 118 \begin{table} | 127 \begin{table} |
| 119 \begin{center} | 128 \begin{center} |
| 120 \input{tbl/mta-market-share.tbl} | 129 \input{tbl/mta-market-share.tbl} |
| 121 \end{center} | 130 \end{center} |
| 122 \caption{Market share of \MTA{}s} | 131 \caption{Market share of \MTA{}s} |
| 123 \index{table!Market share of \MTA{}s} | |
| 124 \label{tab:mta-market-share} | 132 \label{tab:mta-market-share} |
| 125 \end{table} | 133 \end{table} |
| 126 | 134 |
| 127 All surveys show high market shares for the four \MTA{}s: \sendmail, \exim, \qmail, and \postfix. Only the \name{Microsoft} mail server software and \name{IMail} have comparable large shares. Other Free Software \MTA{}s (\name{smail}, \name{zmailer}, \NAME{MMDF}, \name{courier-mta}) are less important and seldom used. | 135 All surveys show high market shares for the four \MTA{}s: \sendmail, \exim, \qmail, and \postfix. Only the \name{Microsoft} mail server software and \name{IMail} have comparable large shares. Other Free Software \MTA{}s (\name{smail}, \name{zmailer}, \NAME{MMDF}, \name{courier-mta}) are less important and seldom used. |
| 136 \index{mmdf} | |
| 137 \index{smail} | |
| 138 \index{zmailer} | |
| 139 \index{courier-mta} | |
| 128 | 140 |
| 129 The three surveys base on different data. \person{Bernstein} took 1\,000\,000 randomly chosen \NAME{IP} addresses, containing 39\,206 valid hosts; 958 of them accepted \NAME{SMTP} connections. The \name{O'ReillyNet} survey used only domains owned by companies; in total 400\,000 hosts. \name{MailRadar} scanned 2\,818\,895 servers, leading to 59\,209 accepted connections. | 141 The three surveys base on different data. \person{Bernstein} took 1\,000\,000 randomly chosen \NAME{IP} addresses, containing 39\,206 valid hosts; 958 of them accepted \NAME{SMTP} connections. The \name{O'ReillyNet} survey used only domains owned by companies; in total 400\,000 hosts. \name{MailRadar} scanned 2\,818\,895 servers, leading to 59\,209 accepted connections. |
| 130 | 142 |
| 131 All surveys show \sendmail\ to be the most popular \MTA. \postfix, \qmail, and \exim\ are among the top six in each. \exim\ has slightly smaller shares than the other two. The four programs together share more than half of the market according to \person{Bernstein} and the \name{MailRadar} statistics. \name{O'ReillyNet} has their share to be somewhere between a third and the half. This uncertainty comes from the large amount of unidentifiable \MTA{}s. | 143 All surveys show \sendmail\ to be the most popular \MTA. \postfix, \qmail, and \exim\ are among the top six in each. \exim\ has slightly smaller shares than the other two. The four programs together share more than half of the market according to \person{Bernstein} and the \name{MailRadar} statistics. \name{O'ReillyNet} has their share to be somewhere between a third and the half. This uncertainty comes from the large amount of unidentifiable \MTA{}s. |
| 144 \index{sendmail} | |
| 145 \index{postfix} | |
| 146 \index{qmail} | |
| 147 \index{exim} | |
| 132 | 148 |
| 133 The 22 percent of \name{mail security layers} in the \name{O'ReillyNet} survey is remarkable. Mail security layers are software guards between the network and the \MTA\ that filter unwanted mail before it reaches the \MTA. This increases security by filtering malicious content and by blocking attacks against the \MTA. The large share here may be a result of only regarding business mail servers. The problem concerning the survey is the disguise of the \MTA{}s that run behind the security layer. It seems wrong to assume equal shares for the \MTA{}s behind the guards as for the unguarded \MTA{}s, because mail security layers will be more often used to guard weak \MTA{}s, as strong ones do not need them so much. This needs to be kept in mind when looking at the \name{O'ReillyNet} survey. | 149 The 22 percent of \name{mail security layers} in the \name{O'ReillyNet} survey is remarkable. Mail security layers are software guards between the network and the \MTA\ that filter unwanted mail before it reaches the \MTA. This increases security by filtering malicious content and by blocking attacks against the \MTA. The large share here may be a result of only regarding business mail servers. The problem concerning the survey is the disguise of the \MTA{}s that run behind the security layer. It seems wrong to assume equal shares for the \MTA{}s behind the guards as for the unguarded \MTA{}s, because mail security layers will be more often used to guard weak \MTA{}s, as strong ones do not need them so much. This needs to be kept in mind when looking at the \name{O'ReillyNet} survey. |
| 134 \index{mail security layer} | 150 \index{mail security layer} |
| 135 | 151 |
| 136 The date of the \name{Mailradar} statistics is not known; a mail to \name{Mailradar} with a request for information has not been replied, unfortunately. However, it seems quite sure that the statistics were published after 2001, caused by the \sendmail\ and \postfix\ shares. But to decide whether before or after the one from \name{O'ReillyNet} would be just guessing. Possibly it receives constant input and thus displays a current state. | 152 The date of the \name{Mailradar} statistics is not known; a mail to \name{Mailradar} with a request for information has not been replied, unfortunately. However, it seems quite sure that the statistics were published after 2001, caused by the \sendmail\ and \postfix\ shares. But to decide whether before or after the one from \name{O'ReillyNet} would be just guessing. Possibly it receives constant input and thus displays a current state. |
| 137 | 153 |
| 138 | 154 |
| 139 \subsection{The four major Free Software MTAs} | 155 \subsection{The four major Free Software MTAs} |
| 156 \index{Free Software} | |
| 140 | 157 |
| 141 Now follows a small introduction to the four programs chosen for comparison. \masqmail\ is not presented here as it was already introduced in chapter~\ref{chap:introduction}. Longer introductions, including analysis and comparison, were written by \person{Jonathan de Boyne Pollard} \cite{jdebp}. | 158 Now follows a small introduction to the four programs chosen for comparison. \masqmail\ is not presented here as it was already introduced in chapter~\ref{chap:introduction}. Longer introductions, including analysis and comparison, were written by \person{Jonathan de Boyne Pollard} \cite{jdebp}. |
| 142 | 159 |
| 143 | 160 |
| 144 | 161 |
| 145 \subsubsection*{sendmail} | 162 \subsubsection*{sendmail} |
| 146 \label{sec:sendmail} | 163 \label{sec:sendmail} |
| 147 \index{sendmail} | 164 \index{sendmail} |
| 148 | 165 |
| 149 \sendmail\ is the best known \MTA, since it was one of the first and surely the one that made \MTA{}s popular. It also was shipped as default \MTA{}s by many Unix system vendors \citeweb{wikipedia:sendmail}. | 166 \sendmail\ is the best known \MTA, since it was one of the first and surely the one that made \MTA{}s popular. It also was shipped as default \MTA{}s by many Unix system vendors \citeweb{wikipedia:sendmail}. |
| 167 \index{Unix} | |
| 150 | 168 |
| 151 The program was written by \person{Eric Allman} as the successor of his program \name{delivermail}. \person{Allman} was not the only one who was working on the program. Other people developed own versions of it and a variety of flavors came up, especially in the late eighties when Allman was inactive \cite[page~5]{vixie01}. | 169 The program was written by \person{Eric Allman} as the successor of his program \name{delivermail}. \person{Allman} was not the only one who was working on the program. Other people developed own versions of it and a variety of flavors came up, especially in the late eighties when Allman was inactive \cite[page~5]{vixie01}. |
| 170 \index{delivermail} | |
| 152 | 171 |
| 153 \sendmail\ is designed to transfer mails between different protocols and networks, this lead to a very flexible, though complex, configuration. | 172 \sendmail\ is designed to transfer mails between different protocols and networks, this lead to a very flexible, though complex, configuration. |
| 154 | 173 |
| 155 The program was first released with \NAME{BSD} 4.1c in 1983. The latest version is 8.14.3 from May 2008. The program is distributed under the \name{Sendmail License} as both, free and proprietary software. | 174 The program was first released with \NAME{BSD} 4.1c in 1983. The latest version is 8.14.3 from May 2008. The program is distributed under the \name{Sendmail License} as both, free and proprietary software. |
| 156 \index{bsd} | 175 \index{bsd} |
| 157 %fixme: write about its importance and about sendmail-compat | 176 %fixme: write about its importance and about sendmail-compat |
| 158 | 177 |
| 159 Further development will go into the project \name{MeTA1} which succeeds \sendmail. The former name of this new project was \name{sendmail~X}. | 178 Further development will go into the project \name{MeTA1} which succeeds \sendmail. The former name of this new project was \name{sendmail~X}. |
| 160 \index{meta1} | 179 \index{sendmail!meta1} |
| 161 \index{sendmailx} | 180 \index{sendmail!sendmailx} |
| 162 | 181 |
| 163 More information can be found on the \sendmail\ homepage \citeweb{sendmail:homepage} and in the, so called, \name{Bat Book} \cite{costales97}. | 182 More information can be found on the \sendmail\ homepage \citeweb{sendmail:homepage} and in the, so called, \name{Bat Book} \cite{costales97}. |
| 164 \index{sendmail!homepage} | |
| 165 | 183 |
| 166 | 184 |
| 167 | 185 |
| 168 \subsubsection*{exim} | 186 \subsubsection*{exim} |
| 169 \label{sec:exim} | 187 \label{sec:exim} |
| 170 \index{exim} | 188 \index{exim} |
| 171 | 189 |
| 172 \exim\ was started in 1995 by \person{Philip Hazel} at the \name{University of Cambridge}. It is a fork of \name{smail-3}, and inherited the monolithic architecture which is similar to \sendmail's. But having no architecture-given separation of the individual components of the system did not hurt. Its security is quite good \cite{blanco05}. | 190 \exim\ was started in 1995 by \person{Philip Hazel} at the \name{University of Cambridge}. It is a fork of \name{smail-3}, and inherited the monolithic architecture which is similar to \sendmail's. But having no architecture-given separation of the individual components of the system did not hurt. Its security is quite good \cite{blanco05}. |
| 191 \index{smail} | |
| 173 | 192 |
| 174 \exim\ is highly configurable, especially in the field of mail policies. This makes it easy to specify how mail is routed through the system and who is allowed to send email to whom. Interfaces to integrate spam and malware checkers are provided by design, too. | 193 \exim\ is highly configurable, especially in the field of mail policies. This makes it easy to specify how mail is routed through the system and who is allowed to send email to whom. Interfaces to integrate spam and malware checkers are provided by design, too. |
| 175 | 194 |
| 176 The program is Free Software, released under the \NAME{GPL}. The latest stable version is 4.69 from December 2007. | 195 The program is Free Software, released under the \NAME{GPL}. The latest stable version is 4.69 from December 2007. |
| 177 \index{gpl} | 196 \index{gpl} |
| 178 | 197 |
| 179 One finds \exim\ on its homepage \citeweb{exim:homepage}. The standard literature is \person{Hazel}'s \exim\ book \cite{hazel01}. | 198 One finds \exim\ on its homepage \citeweb{exim:homepage}. The standard literature is \person{Hazel}'s \exim\ book \cite{hazel01}. |
| 180 \index{exim!homepage} | |
| 181 | 199 |
| 182 | 200 |
| 183 | 201 |
| 184 \subsubsection*{qmail} | 202 \subsubsection*{qmail} |
| 185 \label{sec:qmail} | 203 \label{sec:qmail} |
| 186 \index{qmail} | 204 \index{qmail} |
| 187 | 205 |
| 188 \qmail\ is seen by its community as ``a modern \SMTP\ server which makes sendmail obsolete'' \citeweb{qmail:homepage2}. It was written by \person{Daniel~J.\ Bernstein}, starting in 1995. His primary goal was to create a secure \MTA\ to replace the popular, but vulnerable, \sendmail. His own words are: ``This is why I started writing qmail: I was sick of the security holes in sendmail and other \MTA{}s.'' \citeweb{qmail:homepage1}. | 206 \qmail\ is seen by its community as ``a modern \SMTP\ server which makes sendmail obsolete'' \citeweb{qmail:homepage2}. It was written by \person{Daniel~J.\ Bernstein}, starting in 1995. His primary goal was to create a secure \MTA\ to replace the popular, but vulnerable, \sendmail. His own words are: ``This is why I started writing qmail: I was sick of the security holes in sendmail and other \MTA{}s.'' \citeweb{qmail:homepage1}. |
| 207 \index{sendmail} | |
| 189 | 208 |
| 190 \qmail\ first introduced many innovative concepts in \MTA\ design. The most obvious contrast to \sendmail\ and \exim\ is its modular design. But \qmail\ was not the first modular \MTA. \NAME{MMDF}, which predates even \sendmail, was modular, too. Regardless of \NAME{MMDF}'s modular architecture, \qmail\ is generally seen as the first security-aware \MTA\ \citeweb{wikipedia:qmail}. | 209 \qmail\ first introduced many innovative concepts in \MTA\ design. The most obvious contrast to \sendmail\ and \exim\ is its modular design. But \qmail\ was not the first modular \MTA. \NAME{MMDF}, which predates even \sendmail, was modular, too. Regardless of \NAME{MMDF}'s modular architecture, \qmail\ is generally seen as the first security-aware \MTA\ \citeweb{wikipedia:qmail}. |
| 210 \index{exim} | |
| 211 \index{mmdf} | |
| 191 | 212 |
| 192 The latest release of \qmail\ is version 1.03 from July 1998. Afterwards, in November 2007, \qmail's source was put into the \name{public domain}. This made it Free Software. | 213 The latest release of \qmail\ is version 1.03 from July 1998. Afterwards, in November 2007, \qmail's source was put into the \name{public domain}. This made it Free Software. |
| 193 \index{public domain} | |
| 194 | 214 |
| 195 Because of \person{Bernstein}'s inactivity, though the requirements changed since 1998, ``[a] motley krewe of qmail contributors (see the \NAME{README}) has put together a netqmail-1.06 distribution of qmail. It is derived from Daniel Bernstein's qmail-1.03 plus bug fixes, a few feature enhancements, and some documentation.'' \citeweb{netqmail:homepage}. | 215 Because of \person{Bernstein}'s inactivity, though the requirements changed since 1998, ``[a] motley krewe of qmail contributors (see the \NAME{README}) has put together a netqmail-1.06 distribution of qmail. It is derived from Daniel Bernstein's qmail-1.03 plus bug fixes, a few feature enhancements, and some documentation.'' \citeweb{netqmail:homepage}. |
| 196 \index{netqmail} | 216 \index{qmail!netqmail} |
| 197 | 217 |
| 198 \qmail's homepages are \citeweb{qmail:homepage1} and \citeweb{qmail:homepage2}. The best book about \qmail, from \person{Bernstein}'s view, is \person{Dave Sill}'s handbook \cite{sill02}. His free available guide ``Life with qmail'' is another valuable source \cite{lifewithqmail}. | 218 \qmail's homepages are \citeweb{qmail:homepage1} and \citeweb{qmail:homepage2}. The best book about \qmail, from \person{Bernstein}'s view, is \person{Dave Sill}'s handbook \cite{sill02}. His free available guide ``Life with qmail'' is another valuable source \cite{lifewithqmail}. |
| 199 \index{qmail!homepage} | |
| 200 | 219 |
| 201 | 220 |
| 202 | 221 |
| 203 \subsubsection*{postfix} | 222 \subsubsection*{postfix} |
| 204 \label{sec:postfix} | 223 \label{sec:postfix} |
| 205 \index{postfix} | 224 \index{postfix} |
| 206 | 225 |
| 207 The \postfix\ project started in 1999 at \NAME{IBM} \name{research}, then called \name{VMailer} or \NAME{IBM} \name{Secure Mailer}. \person{Wietse Venema}'s program ``attempts to be fast, easy to administer, and secure. The outside has a definite Sendmail-ish flavor, but the inside is completely different.'' \citeweb{postfix:homepage}. In fact, \postfix\ was mainly designed after qmail's architecture to gain security. But in contrast to \qmail\ it aims much more on being fast and full-featured. | 226 The \postfix\ project started in 1999 at \NAME{IBM} \name{research}, then called \name{VMailer} or \NAME{IBM} \name{Secure Mailer}. \person{Wietse Venema}'s program ``attempts to be fast, easy to administer, and secure. The outside has a definite Sendmail-ish flavor, but the inside is completely different.'' \citeweb{postfix:homepage}. In fact, \postfix\ was mainly designed after qmail's architecture to gain security. But in contrast to \qmail\ it aims much more on being fast and full-featured. |
| 227 \index{qmail} | |
| 208 | 228 |
| 209 Today \postfix\ is taken by many Unix systems and \NAME{GNU}/Linux distributions as default \MTA. | 229 Today \postfix\ is taken by many Unix systems and \NAME{GNU}/Linux distributions as default \MTA. |
| 230 \index{Unix} | |
| 210 | 231 |
| 211 The latest stable version is numbered 2.5.6 from December 2008. \postfix\ is covered by the \NAME{IBM} \name{Public License 1.0} which is a Free Software license. | 232 The latest stable version is numbered 2.5.6 from December 2008. \postfix\ is covered by the \NAME{IBM} \name{Public License 1.0} which is a Free Software license. |
| 212 | 233 |
| 213 Additional information can be retrieved from the program's homepage \citeweb{postfix:homepage}. \person{Dent}'s \postfix\ book \cite{dent04} claims to be ``the definitive guide'', and it is. | 234 Additional information can be retrieved from the program's homepage \citeweb{postfix:homepage}. \person{Dent}'s \postfix\ book \cite{dent04} claims to be ``the definitive guide'', and it is. |
| 214 \index{postfix!homepage} | |
| 215 | 235 |
| 216 | 236 |
| 217 | 237 |
| 218 | 238 |
| 219 | 239 |
| 223 \index{mta!comparison} | 243 \index{mta!comparison} |
| 224 | 244 |
| 225 This section does not try to provide a throughout \MTA\ comparison, because this is already done by others. Remarkable comparisons are the one by \person{Dan Shearer} \cite{shearer06} and a discussion on the mailing list \name{plug@lists.q-linux.com} \cite{plug:mtas}. Tabular overviews may be found at \citeweb{mailsoftware42}, \citeweb{wikipedia:comparison-of-mail-servers}, and \cite[section 1.9]{lifewithqmail}. | 245 This section does not try to provide a throughout \MTA\ comparison, because this is already done by others. Remarkable comparisons are the one by \person{Dan Shearer} \cite{shearer06} and a discussion on the mailing list \name{plug@lists.q-linux.com} \cite{plug:mtas}. Tabular overviews may be found at \citeweb{mailsoftware42}, \citeweb{wikipedia:comparison-of-mail-servers}, and \cite[section 1.9]{lifewithqmail}. |
| 226 | 246 |
| 227 Here provided is an overview on important properties of the four previously introduced \MTA{}s. The data comes from the above stated sources and is collected in table~\ref{tab:mta-comparison}\footnote{The lines of code were measured with \person{David~A.\ Wheeler}'s \name{sloccount} \citeweb{sloccount}.}. | 247 Here provided is an overview on important properties of the four previously introduced \MTA{}s. The data comes from the above stated sources and is collected in table~\ref{tab:mta-comparison}\footnote{The lines of code were measured with \person{David~A.\ Wheeler}'s \name{sloccount} \citeweb{sloccount}.}. |
| 248 \index{lines of code} | |
| 228 | 249 |
| 229 \begin{table} | 250 \begin{table} |
| 230 \begin{center} | 251 \begin{center} |
| 231 \input{tbl/mta-comparison.tbl} | 252 \input{tbl/mta-comparison.tbl} |
| 232 \end{center} | 253 \end{center} |
| 233 \caption{Comparison of \MTA{}s} | 254 \caption{Comparison of \MTA{}s} |
| 234 \index{table!Comparison of \MTA{}s} | |
| 235 \label{tab:mta-comparison} | 255 \label{tab:mta-comparison} |
| 236 \end{table} | 256 \end{table} |
| 237 | 257 |
| 238 | 258 |
| 239 \subsubsection*{Architecture} | 259 \subsubsection*{Architecture} |
| 242 Architecture is most important when comparing \MTA{}s. Many other properties of a program depend on its architecture. \person{Munawar Hafiz} discusses in detail on \MTA\ architecture, comparing \sendmail, \qmail, \postfix, and \name{sendmail~X} \cite{hafiz05}. \person{Jonathan de Boyne Pollard}'s \MTA\ review \cite{jdebp} is a source, too. | 262 Architecture is most important when comparing \MTA{}s. Many other properties of a program depend on its architecture. \person{Munawar Hafiz} discusses in detail on \MTA\ architecture, comparing \sendmail, \qmail, \postfix, and \name{sendmail~X} \cite{hafiz05}. \person{Jonathan de Boyne Pollard}'s \MTA\ review \cite{jdebp} is a source, too. |
| 243 | 263 |
| 244 Two different architecture types show off: monolithic and modular \MTA{}s. | 264 Two different architecture types show off: monolithic and modular \MTA{}s. |
| 245 | 265 |
| 246 Monolithic \MTA{}s are \sendmail, \name{smail}, \exim, and \masqmail. They all consist of one single \emph{setuid root}\footnote{\emph{setuid} lets a program run with the rights of its owner, here root. This is considered to be a security risk. Thus it it should be avoided if possible.} binary which does all the work. | 266 Monolithic \MTA{}s are \sendmail, \name{smail}, \exim, and \masqmail. They all consist of one single \emph{setuid root}\footnote{\emph{setuid} lets a program run with the rights of its owner, here root. This is considered to be a security risk. Thus it it should be avoided if possible.} binary which does all the work. |
| 267 \index{root privilege} | |
| 268 \index{setuid} | |
| 269 \index{sendmail} | |
| 270 \index{exim} | |
| 271 \index{smail} | |
| 247 | 272 |
| 248 Modular \MTA{}s are \NAME{MMDF}, \qmail, \postfix, and \name{MeTA1}. They consist of several programs, each doing only a part of the overall job. The different programs run with the least permissions they need, \emph{setuid root} can be avoided completely. | 273 Modular \MTA{}s are \NAME{MMDF}, \qmail, \postfix, and \name{MeTA1}. They consist of several programs, each doing only a part of the overall job. The different programs run with the least permissions they need, \emph{setuid root} can be avoided completely. |
| 274 \index{postfix} | |
| 275 \index{qmail} | |
| 276 \index{mmdf} | |
| 277 \index{sendmail!meta1} | |
| 249 | 278 |
| 250 The architecture does not directly define the program's security, but ``[t]he goal of making a software secure can be better achieved by making the design simple and easier to understand and verify'' \cite[chapter~6]{hafiz05}. \exim, though being monolithic, has a fairly clean security record. But it is very hard to keep the security up as the program growth. \person{Wietse Venema} (the author of \postfix) says, it was the architecture that enabled \postfix\ to grow without running into security problems \cite[page 13]{venema:postfix-growth}. | 279 The architecture does not directly define the program's security, but ``[t]he goal of making a software secure can be better achieved by making the design simple and easier to understand and verify'' \cite[chapter~6]{hafiz05}. \exim, though being monolithic, has a fairly clean security record. But it is very hard to keep the security up as the program growth. \person{Wietse Venema} (the author of \postfix) says, it was the architecture that enabled \postfix\ to grow without running into security problems \cite[page 13]{venema:postfix-growth}. |
| 251 \index{security} | 280 \index{security} |
| 281 \index{postfix} | |
| 282 \index{exim} | |
| 252 | 283 |
| 253 The modular design, with each sub-program doing one part of the overall job, conforms to the \name{Unix Philosophy}. The Unix Philosophy \cite{gancarz95} demands ``small is beautiful'' and ``make each program do one thing well''. Monolithic \MTA{}s fail here. | 284 The modular design, with each sub-program doing one part of the overall job, conforms to the \name{Unix Philosophy}. The Unix Philosophy \cite{gancarz95} demands ``small is beautiful'' and ``make each program do one thing well''. Monolithic \MTA{}s fail here. |
| 285 \index{Unix!philosophy} | |
| 254 | 286 |
| 255 Today modular \MTA\ architectures are the state-of-the-art. | 287 Today modular \MTA\ architectures are the state-of-the-art. |
| 256 | 288 |
| 257 | 289 |
| 258 \subsubsection*{Spam checking and content processing} | 290 \subsubsection*{Spam checking and content processing} |
| 259 \index{spam} | 291 \index{spam} |
| 260 | 292 |
| 261 Spam and malware increased during the last years. Today it is important for an \MTA\ to be able to provide checking for bad mail. This can be done by implementing functionality into the \MTA\ or by invoking external programs to do this job. | 293 Spam and malware increased during the last years. Today it is important for an \MTA\ to be able to provide checking for bad mail. This can be done by implementing functionality into the \MTA\ or by invoking external programs to do this job. |
| 262 | 294 |
| 263 \sendmail\ invented \name{milter}\footnote{``milter'' is a common abbreviation for ``sendmail mail filter \NAME{API}''.}, which is used to interface external programs of various kind. \postfix\ adopted the \name{milter} interface but is also able to easily include scanning modules into its modular structure. \qmail\ is pretty old and did not evolve with the changing market situation. Anyhow, its modular structure enables external scanners to be included into \qmail. \exim\ has the advantage that it was designed with the goal to provide extensive scanning facilities; it is therefore very good suited to scan itself or invoke external scanners. | 295 \sendmail\ invented \name{milter}\footnote{``milter'' is a common abbreviation for ``sendmail mail filter \NAME{API}''.}, which is used to interface external programs of various kind. \postfix\ adopted the \name{milter} interface but is also able to easily include scanning modules into its modular structure. \qmail\ is pretty old and did not evolve with the changing market situation. Anyhow, its modular structure enables external scanners to be included into \qmail. \exim\ has the advantage that it was designed with the goal to provide extensive scanning facilities; it is therefore very good suited to scan itself or invoke external scanners. |
| 296 \index{sendmail} | |
| 297 \index{postfix} | |
| 298 \index{qmail} | |
| 264 \index{milter} | 299 \index{milter} |
| 300 \index{exim} | |
| 265 | 301 |
| 266 | 302 |
| 267 \subsubsection*{Future trends} | 303 \subsubsection*{Future trends} |
| 268 | 304 |
| 269 In chapter~\ref{chap:market-analysis}, it was tried to figure out trends and future requirements for \MTA{}s. The four programs are compared on these possible future requirements now. | 305 In chapter~\ref{chap:market-analysis}, it was tried to figure out trends and future requirements for \MTA{}s. The four programs are compared on these possible future requirements now. |
| 270 \index{email!trends} | 306 \index{email!trends} |
| 271 | 307 |
| 272 \paragraph{Provider independence} | 308 \paragraph{Provider independence} |
| 273 The first trend was provider independence, which requires easy configuration. \postfix\ seems to do best here. It uses primary two configuration files (\path{master.cf} and \path{main.cf}) which are easy to manage. \sendmail\ appears to have a bad position. Its configuration file \path{sendmail.cf} is cryptic and very complex (it has legendary Turing-completeness) thus it needs simplification wrappers around it to provide easier configuration. They exist in form of the \name{m4} macros that generate the \path{sendmail.cf} file. Unfortunately, adjusting the generated result by hand appears to be necessary for non-trivial configurations. \qmail's configuration files are simple but the whole system is complex to set up; it requires various system users and \qmail\ is hardly usable without applying several patches that add functionality which is required nowadays. \name{netqmail} is the community's effort to help in the latter point. \exim\ has only one single configuration file (\path{exim.conf}) which suffers most from its flexibility---like in \sendmail's case. Flexibility and easy configuration are almost always contrary goals. | 309 The first trend was provider independence, which requires easy configuration. \postfix\ seems to do best here. It uses primary two configuration files (\path{master.cf} and \path{main.cf}) which are easy to manage. \sendmail\ appears to have a bad position. Its configuration file \path{sendmail.cf} is cryptic and very complex (it has legendary Turing-completeness) thus it needs simplification wrappers around it to provide easier configuration. They exist in form of the \name{m4} macros that generate the \path{sendmail.cf} file. Unfortunately, adjusting the generated result by hand appears to be necessary for non-trivial configurations. \qmail's configuration files are simple but the whole system is complex to set up; it requires various system users and \qmail\ is hardly usable without applying several patches that add functionality which is required nowadays. \name{netqmail} is the community's effort to help in the latter point. \exim\ has only one single configuration file (\path{exim.conf}) which suffers most from its flexibility---like in \sendmail's case. Flexibility and easy configuration are almost always contrary goals. |
| 310 \index{sendmail} | |
| 311 \index{postfix} | |
| 312 \index{qmail} | |
| 313 \index{wrapper} | |
| 314 \index{exim} | |
| 315 \index{configuration} | |
| 316 \index{m4 macros} | |
| 274 | 317 |
| 275 \paragraph{Performance} | 318 \paragraph{Performance} |
| 276 \index{performance} | 319 \index{performance} |
| 277 As second trend was the decreasing necessity for high per\-for\-mance identified. This goes along with the move of \MTA{}s from service providers to home servers. \postfix\ focuses much on performance, this might not be an important point in the future. Of course there will still be the need for high performance \MTA{}s, but a growing share of the market will not require high performance. Energy and space efficiency is related to performance; it is a similar goal in a different direction. But optimization, be it for performance or other efficiencies, is often in contrast to simplicity and clarity; these two improve security. Optimizing does in most times decrease the simplicity and clarity. Simple \MTA{}s that do not aim for high performance are what is needed in future. The simple design of \qmail\footnote{\qmail\ is still fast} is a good example. | 320 As second trend was the decreasing necessity for high per\-for\-mance identified. This goes along with the move of \MTA{}s from service providers to home servers. \postfix\ focuses much on performance, this might not be an important point in the future. Of course there will still be the need for high performance \MTA{}s, but a growing share of the market will not require high performance. Energy and space efficiency is related to performance; it is a similar goal in a different direction. But optimization, be it for performance or other efficiencies, is often in contrast to simplicity and clarity; these two improve security. Optimizing does in most times decrease the simplicity and clarity. Simple \MTA{}s that do not aim for high performance are what is needed in future. The simple design of \qmail\footnote{\qmail\ is still fast} is a good example. |
| 321 \index{postfix} | |
| 322 \index{qmail} | |
| 278 | 323 |
| 279 \paragraph{Security} | 324 \paragraph{Security} |
| 280 \index{security} | 325 \index{security} |
| 281 The third trend (even more security awareness) is addressed by each of the four programs. It seems as if all widely used \MTA{}s provide good security nowadays. Even \sendmail\ can be configured to be secure today. However, the modular architecture, used by \qmail\ and \postfix, is generally seen to be conceptually more secure. \sendmail's creators have started \name{MeTA1}, a modular \MTA\ that merges the best of \qmail\ and \postfix, to replace the old \sendmail. It will be interesting to watch \exim's future---will it become modular, too? | 326 The third trend (even more security awareness) is addressed by each of the four programs. It seems as if all widely used \MTA{}s provide good security nowadays. Even \sendmail\ can be configured to be secure today. However, the modular architecture, used by \qmail\ and \postfix, is generally seen to be conceptually more secure. \sendmail's creators have started \name{MeTA1}, a modular \MTA\ that merges the best of \qmail\ and \postfix, to replace the old \sendmail. It will be interesting to watch \exim's future---will it become modular, too? |
| 327 \index{sendmail} | |
| 328 \index{postfix} | |
| 329 \index{qmail} | |
| 330 \index{sendmail!meta1} | |
| 331 \index{exim} | |
| 282 | 332 |
| 283 | 333 |
| 284 | 334 |
| 285 | 335 |
| 286 | 336 |