Mercurial > docs > diploma
comparison thesis/tex/3-MailTransferAgents.tex @ 248:724cc6057105
complete names are now in small caps
| author | meillo@marmaro.de |
|---|---|
| date | Sun, 11 Jan 2009 20:49:50 +0100 |
| parents | 47af8eb539cf |
| children | db81f3cc6675 |
comparison
equal
deleted
inserted
replaced
| 247:50240b753a46 | 248:724cc6057105 |
|---|---|
| 6 | 6 |
| 7 | 7 |
| 8 \section{Types of MTAs} | 8 \section{Types of MTAs} |
| 9 ``Mail transfer agent'' is a term covering a variety of programs. One thing is common to them: they transfer email from one senders to recipients. | 9 ``Mail transfer agent'' is a term covering a variety of programs. One thing is common to them: they transfer email from one senders to recipients. |
| 10 | 10 |
| 11 This is how Bryan \person{Costales} defines a \mta: | 11 This is how \person{Bryan Costales} defines a \mta: |
| 12 \begin{quote} | 12 \begin{quote} |
| 13 A mail transfer agent (\MTA) is a highly specialized program that delivers mail and transports it between machines, like the post office. | 13 A mail transfer agent (\MTA) is a highly specialized program that delivers mail and transports it between machines, like the post office. |
| 14 \hfill\cite{costales97} | 14 \hfill\cite{costales97} |
| 15 \end{quote} | 15 \end{quote} |
| 16 \name{The Free Dictionary} is a bit more concrete on the term: | 16 \name{The Free Dictionary} is a bit more concrete on the term: |
| 72 | 72 |
| 73 \subsection{Market share analysis} | 73 \subsection{Market share analysis} |
| 74 | 74 |
| 75 \MTA\ statistics are rare, differ, and good data is hard to collect. These points are bad if one wants good statistics. Thus it is obvious there are only few available. | 75 \MTA\ statistics are rare, differ, and good data is hard to collect. These points are bad if one wants good statistics. Thus it is obvious there are only few available. |
| 76 | 76 |
| 77 Table \ref{tab:mta-market-share} shows the most used \MTA{}s determined by three different statistics. The first was done by Daniel~J.\ \person{Bernstein} (the author of \qmail) in 2001 \cite{bernstein01}. The second is by \person{Simpson} and \person{Bekman} in 2007 and was published on \name{O'ReillyNet} \cite{simpson07}. And the third is from \name{MailRadar.com} with unknown date\footnote{The footer of the website shows ``Copyright 2007'' but more likely does this refer to the whole website.} \citeweb{mailradar:mta-stats}. | 77 Table \ref{tab:mta-market-share} shows the most used \MTA{}s determined by three different statistics. The first was done by \person{Daniel~J.\ Bernstein} (the author of \qmail) in 2001 \cite{bernstein01}. The second is by \person{Simpson} and \person{Bekman} in 2007 and was published on \name{O'ReillyNet} \cite{simpson07}. And the third is from \name{MailRadar.com} with unknown date\footnote{The footer of the website shows ``Copyright 2007'' but more likely does this refer to the whole website.} \citeweb{mailradar:mta-stats}. |
| 78 | 78 |
| 79 \begin{table} | 79 \begin{table} |
| 80 \begin{center} | 80 \begin{center} |
| 81 \input{input/mta-market-share.tex} | 81 \input{input/mta-market-share.tex} |
| 82 \end{center} | 82 \end{center} |
| 95 The date of the \name{Mailradar} statistics is not mentioned with it; a mail to \name{Mailradar} asking for information was not replied, unfortunately. However, it seems quite sure that the statistics were published after 2001, caused by the \sendmail\ and \postfix\ shares. But to decide whether before or after the one from \name{O'Reilly} would be just guessing. | 95 The date of the \name{Mailradar} statistics is not mentioned with it; a mail to \name{Mailradar} asking for information was not replied, unfortunately. However, it seems quite sure that the statistics were published after 2001, caused by the \sendmail\ and \postfix\ shares. But to decide whether before or after the one from \name{O'Reilly} would be just guessing. |
| 96 | 96 |
| 97 | 97 |
| 98 \subsection{The four major Free Software MTAs} | 98 \subsection{The four major Free Software MTAs} |
| 99 | 99 |
| 100 Now follows a small introduction to the four programs chosen for comparison. \masqmail\ is not presented here, as it was already introduced in chapter \ref{chap:introduction}. Longer introductions, including analysis and comparison, were written by Jonathan \person{de Boyne Pollard} \cite{jdebp}. | 100 Now follows a small introduction to the four programs chosen for comparison. \masqmail\ is not presented here, as it was already introduced in chapter \ref{chap:introduction}. Longer introductions, including analysis and comparison, were written by \person{Jonathan de Boyne Pollard} \cite{jdebp}. |
| 101 | 101 |
| 102 | 102 |
| 103 | 103 |
| 104 \subsubsection*{sendmail} | 104 \subsubsection*{sendmail} |
| 105 \label{sec:sendmail} | 105 \label{sec:sendmail} |
| 106 \sendmail\ is the best known \mta, since it was one of the first and surely the one that made \MTA{}s popular. It also was shipped as default \MTA{}s by many vendors of \unix\ systems. %fixme: ref | 106 \sendmail\ is the best known \mta, since it was one of the first and surely the one that made \MTA{}s popular. It also was shipped as default \MTA{}s by many vendors of \unix\ systems. %fixme: ref |
| 107 | 107 |
| 108 The program was written by Eric \person{Allman} as the successor of his program \name{delivermail}. \person{Allman} was not the only one working on the program. Other people developed own versions of it and a variety of flavors came up, especially in the late eighties when Allman was inactive. %fixme: ref | 108 The program was written by \person{Eric Allman} as the successor of his program \name{delivermail}. \person{Allman} was not the only one working on the program. Other people developed own versions of it and a variety of flavors came up, especially in the late eighties when Allman was inactive. %fixme: ref |
| 109 | 109 |
| 110 \sendmail\ designed to transfer mails between different protocols and networks, this lead to a very flexible, though complex, configuration. | 110 \sendmail\ designed to transfer mails between different protocols and networks, this lead to a very flexible, though complex, configuration. |
| 111 | 111 |
| 112 It was first released with \NAME{BSD} 4.1c in 1983. The latest version is 8.14.3 from May 2008. The program is distributed under the \name{Sendmail License} as both, \freesw\ and proprietary software. | 112 It was first released with \NAME{BSD} 4.1c in 1983. The latest version is 8.14.3 from May 2008. The program is distributed under the \name{Sendmail License} as both, \freesw\ and proprietary software. |
| 113 | 113 |
| 117 | 117 |
| 118 | 118 |
| 119 | 119 |
| 120 \subsubsection*{exim} | 120 \subsubsection*{exim} |
| 121 \label{sec:exim} | 121 \label{sec:exim} |
| 122 \exim\ was started in 1995 by Philip \person{Hazel} at the \name{University of Cambridge}. It is a fork of \name{smail-3}, and inherited a monolithic architecture similar to \sendmail's. But having no separation of the individual components of the system did not hurt. Its security is quite good. %fixme: ref | 122 \exim\ was started in 1995 by \person{Philip Hazel} at the \name{University of Cambridge}. It is a fork of \name{smail-3}, and inherited a monolithic architecture similar to \sendmail's. But having no separation of the individual components of the system did not hurt. Its security is quite good. %fixme: ref |
| 123 | 123 |
| 124 \exim\ is highly configurable, especially in the field of mail policies. This makes it easy to specify how mail is routed through the system and who is allowed to send email to whom. Also interfaces for integration of virus and spam checkers are provided by design. %fixme: ref | 124 \exim\ is highly configurable, especially in the field of mail policies. This makes it easy to specify how mail is routed through the system and who is allowed to send email to whom. Also interfaces for integration of virus and spam checkers are provided by design. %fixme: ref |
| 125 | 125 |
| 126 The program is \freesw, released under the \GPL. The latest stable version is 4.69 from December 2007. | 126 The program is \freesw, released under the \GPL. The latest stable version is 4.69 from December 2007. |
| 127 | 127 |
| 129 | 129 |
| 130 | 130 |
| 131 | 131 |
| 132 \subsubsection*{qmail} | 132 \subsubsection*{qmail} |
| 133 \label{sec:qmail} | 133 \label{sec:qmail} |
| 134 \qmail\ is seen by its community as ``a modern SMTP server which makes sendmail obsolete'' \citeweb{qmail:homepage2}. It was written by Daniel~J.\ \person{Bernstein} starting in 1995. His primary goal was to create a secure \MTA\ to replace the popular, but vulnerable, \sendmail. %fixme: ref | 134 \qmail\ is seen by its community as ``a modern SMTP server which makes sendmail obsolete'' \citeweb{qmail:homepage2}. It was written by \person{Daniel~J.\ Bernstein} starting in 1995. His primary goal was to create a secure \MTA\ to replace the popular, but vulnerable, \sendmail. %fixme: ref |
| 135 | 135 |
| 136 \qmail\ first introduced many innovative concepts in \mta\ design. The most obvious contrast to \sendmail\ and \exim\ is its modular design. But \qmail\ was not the first modular \MTA. \NAME{MMDF}, which predates even \sendmail, was modular too. Regardless of \NAME{MMDF}'s modular architecture, \qmail\ is generally seen as the first security-aware \MTA. %fixme:ref | 136 \qmail\ first introduced many innovative concepts in \mta\ design. The most obvious contrast to \sendmail\ and \exim\ is its modular design. But \qmail\ was not the first modular \MTA. \NAME{MMDF}, which predates even \sendmail, was modular too. Regardless of \NAME{MMDF}'s modular architecture, \qmail\ is generally seen as the first security-aware \MTA. %fixme:ref |
| 137 | 137 |
| 138 The latest release of \qmail\ is version 1.03 from July 1998. In November 2007, afterwards, \qmail's source was put into the \name{public domain}. This makes it Free Software. | 138 The latest release of \qmail\ is version 1.03 from July 1998. In November 2007, afterwards, \qmail's source was put into the \name{public domain}. This makes it Free Software. |
| 139 | 139 |
| 140 Because of \person{Bernstein}'s inactivity though changing requirements since 1998, ``[a] motley krewe of qmail contributors (see the README) has put together a netqmail-1.06 distribution of qmail. It is derived from Daniel Bernstein's qmail-1.03 plus bug fixes, a few feature enhancements, and some documentation.'' \citeweb{netqmail:homepage}. | 140 Because of \person{Bernstein}'s inactivity though changing requirements since 1998, ``[a] motley krewe of qmail contributors (see the README) has put together a netqmail-1.06 distribution of qmail. It is derived from Daniel Bernstein's qmail-1.03 plus bug fixes, a few feature enhancements, and some documentation.'' \citeweb{netqmail:homepage}. |
| 141 | 141 |
| 142 \qmail's homepages are \citeweb{qmail:homepage1} and \citeweb{qmail:homepage2}. The best book about \qmail, from \person{Bernstein}'s view, is Dave \person{Sill}'s handbook \cite{sill02}. His free available guide ``Life with qmail'' is another valuable source \cite{lifewithqmail}. | 142 \qmail's homepages are \citeweb{qmail:homepage1} and \citeweb{qmail:homepage2}. The best book about \qmail, from \person{Bernstein}'s view, is \person{Dave Sill}'s handbook \cite{sill02}. His free available guide ``Life with qmail'' is another valuable source \cite{lifewithqmail}. |
| 143 | 143 |
| 144 | 144 |
| 145 | 145 |
| 146 \subsubsection*{postfix} | 146 \subsubsection*{postfix} |
| 147 \label{sec:postfix} | 147 \label{sec:postfix} |
| 148 The \postfix\ project started in 1999 at \name{IBM research}, then called \name{VMailer} or \name{IBM Secure Mailer}. Wietse \person{Venema}'s program ``attempts to be fast, easy to administer, and secure. The outside has a definite Sendmail-ish flavor, but the inside is completely different.''\citeweb{postfix:homepage} In fact, \postfix\ was mainly designed after qmail's architecture to gain security. But in contrast to \qmail\ it aims much more on being fast and full-featured. | 148 The \postfix\ project started in 1999 at \name{IBM research}, then called \name{VMailer} or \name{IBM Secure Mailer}. \person{Wietse Venema}'s program ``attempts to be fast, easy to administer, and secure. The outside has a definite Sendmail-ish flavor, but the inside is completely different.''\citeweb{postfix:homepage} In fact, \postfix\ was mainly designed after qmail's architecture to gain security. But in contrast to \qmail\ it aims much more on being fast and full-featured. |
| 149 | 149 |
| 150 Today \postfix\ is taken by many \unix\ systems and \gnulinux\ distributions as default \MTA. | 150 Today \postfix\ is taken by many \unix\ systems and \gnulinux\ distributions as default \MTA. |
| 151 | 151 |
| 152 The latest stable version is numbered 2.5.5 from August 2008. \postfix\ is covered by the \name{IBM Public License 1.0} which is a \freesw\ license. | 152 The latest stable version is numbered 2.5.5 from August 2008. \postfix\ is covered by the \name{IBM Public License 1.0} which is a \freesw\ license. |
| 153 | 153 |
| 158 | 158 |
| 159 | 159 |
| 160 | 160 |
| 161 \section{Comparison of MTAs} | 161 \section{Comparison of MTAs} |
| 162 | 162 |
| 163 This section does not try to provide an overall \MTA\ comparison, because this is already done by others. Remarkable comparisons are the one by Dan \person{Shearer} \cite{shearer06} and a discussion on the mailing list \name{plug@lists.q-linux.com} \cite{plug:mtas}. Tabular overviews may be found at \citeweb{mailsoftware42}, \citeweb{wikipedia:comparison-of-mail-servers}, and \cite[section 1.9]{lifewithqmail}. | 163 This section does not try to provide an overall \MTA\ comparison, because this is already done by others. Remarkable comparisons are the one by \person{Dan Shearer} \cite{shearer06} and a discussion on the mailing list \name{plug@lists.q-linux.com} \cite{plug:mtas}. Tabular overviews may be found at \citeweb{mailsoftware42}, \citeweb{wikipedia:comparison-of-mail-servers}, and \cite[section 1.9]{lifewithqmail}. |
| 164 | 164 |
| 165 Here provided is an overview on important properties of the four previously introduced \MTA{}s. The data comes from the above stated sources and is collected in table \ref{tab:mta-comparison}. | 165 Here provided is an overview on important properties of the four previously introduced \MTA{}s. The data comes from the above stated sources and is collected in table \ref{tab:mta-comparison}. |
| 166 | 166 |
| 167 \begin{table} | 167 \begin{table} |
| 168 % FIXME: improve table data!!! | 168 % FIXME: improve table data!!! |
| 175 | 175 |
| 176 | 176 |
| 177 \subsubsection*{Architecture} | 177 \subsubsection*{Architecture} |
| 178 | 178 |
| 179 Architecture is most important when comparing \MTA{}s. Many other properties of a program depend on its architecture. %fixme: add ref? | 179 Architecture is most important when comparing \MTA{}s. Many other properties of a program depend on its architecture. %fixme: add ref? |
| 180 Munawar \person{Hafiz} \cite{hafiz05} discusses in detail on \mta\ architecture, comparing \sendmail, \qmail, \postfix, and \name{sendmail X}. Jonathan \person{de Boyne Pollard}'s \MTA\ review \cite{jdebp} is a source too. | 180 \person{Munawar Hafiz} \cite{hafiz05} discusses in detail on \mta\ architecture, comparing \sendmail, \qmail, \postfix, and \name{sendmail X}. \person{Jonathan de Boyne Pollard}'s \MTA\ review \cite{jdebp} is a source too. |
| 181 | 181 |
| 182 Two different architecture types show off: monolithic and modular \mta{}s. | 182 Two different architecture types show off: monolithic and modular \mta{}s. |
| 183 | 183 |
| 184 Monolithic \MTA{}s are \sendmail, \name{smail}, \exim, and \masqmail. They all consist of one single \emph{setuid root}\footnote{\emph{setuid root} lets a program run with the rights of its owner, here root. This is considered to be a security risk often. Thus it it should be avoided if possible.} binary which does all the work. | 184 Monolithic \MTA{}s are \sendmail, \name{smail}, \exim, and \masqmail. They all consist of one single \emph{setuid root}\footnote{\emph{setuid root} lets a program run with the rights of its owner, here root. This is considered to be a security risk often. Thus it it should be avoided if possible.} binary which does all the work. |
| 185 | 185 |
| 186 Modular \MTA{}s are \NAME{MMDF}, \qmail, \postfix, and \name{MeTA1}. They consist of several programs, each doing a part of the overall job. The different programs run with the least permissions the need, and \emph{setuid root} can be avoided. | 186 Modular \MTA{}s are \NAME{MMDF}, \qmail, \postfix, and \name{MeTA1}. They consist of several programs, each doing a part of the overall job. The different programs run with the least permissions the need, and \emph{setuid root} can be avoided. |
| 187 | 187 |
| 188 The architecture does not directly define the program's security, but ``[t]he goal of making a software secure can be better achieved by making the design simple and easier to understand and verify''\cite[chapter 6]{hafiz05}. \exim, though being monolithic, has a fairly clean security record. But it is very hard to keep the security up, as the program growth. Wietse \person{Venema} (the author of \postfix) says, it was the architecture that enabled \postfix\ to grow without running into security problems. \cite[page 13]{venema:postfix-growth} | 188 The architecture does not directly define the program's security, but ``[t]he goal of making a software secure can be better achieved by making the design simple and easier to understand and verify''\cite[chapter 6]{hafiz05}. \exim, though being monolithic, has a fairly clean security record. But it is very hard to keep the security up, as the program growth. \person{Wietse Venema} (the author of \postfix) says, it was the architecture that enabled \postfix\ to grow without running into security problems. \cite[page 13]{venema:postfix-growth} |
| 189 | 189 |
| 190 The modular design, with each sub-program doing one part of the overall job, conforms to the \name{Unix Philosophy}. The Unix Philosophy \cite{gancarz95} demands ``small is beautiful'' and ``make each program do one thing well''. Monolithic \MTA{}s fail here. | 190 The modular design, with each sub-program doing one part of the overall job, conforms to the \name{Unix Philosophy}. The Unix Philosophy \cite{gancarz95} demands ``small is beautiful'' and ``make each program do one thing well''. Monolithic \MTA{}s fail here. |
| 191 | 191 |
| 192 Today modular \mta\ architectures are the state-of-the-art. | 192 Today modular \mta\ architectures are the state-of-the-art. |
| 193 | 193 |