Mercurial > docs > diploma
comparison thesis/tex/3-MailTransferAgents.tex @ 313:a3fba017ef01
added missing parts to ch03
| author | meillo@marmaro.de |
|---|---|
| date | Wed, 21 Jan 2009 14:48:10 +0100 |
| parents | a62fe460b8de |
| children | f3a86ce788ec |
comparison
equal
deleted
inserted
replaced
| 312:a62fe460b8de | 313:a3fba017ef01 |
|---|---|
| 200 | 200 |
| 201 | 201 |
| 202 \subsubsection*{Architecture} | 202 \subsubsection*{Architecture} |
| 203 | 203 |
| 204 Architecture is most important when comparing \MTA{}s. Many other properties of a program depend on its architecture. %fixme: add ref? | 204 Architecture is most important when comparing \MTA{}s. Many other properties of a program depend on its architecture. %fixme: add ref? |
| 205 \person{Munawar Hafiz} \cite{hafiz05} discusses in detail on \mta\ architecture, comparing \sendmail, \qmail, \postfix, and \name{sendmail X}. \person{Jonathan de Boyne Pollard}'s \MTA\ review \cite{jdebp} is a source too. | 205 \person{Munawar Hafiz} \cite{hafiz05} discusses in detail on \MTA\ architecture, comparing \sendmail, \qmail, \postfix, and \name{sendmail X}. \person{Jonathan de Boyne Pollard}'s \MTA\ review \cite{jdebp} is a source too. |
| 206 | 206 |
| 207 Two different architecture types show off: monolithic and modular \mta{}s. | 207 Two different architecture types show off: monolithic and modular \mta{}s. |
| 208 | 208 |
| 209 Monolithic \MTA{}s are \sendmail, \name{smail}, \exim, and \masqmail. They all consist of one single \emph{setuid root}\footnote{\emph{setuid root} lets a program run with the rights of its owner, here root. This is considered to be a security risk often. Thus it it should be avoided if possible.} binary which does all the work. | 209 Monolithic \MTA{}s are \sendmail, \name{smail}, \exim, and \masqmail. They all consist of one single \emph{setuid root}\footnote{\emph{setuid root} lets a program run with the rights of its owner, here root. This is considered to be a security risk. Thus it it should be avoided if possible.} binary which does all the work. |
| 210 | 210 |
| 211 Modular \MTA{}s are \NAME{MMDF}, \qmail, \postfix, and \name{MeTA1}. They consist of several programs, each doing a part of the overall job. The different programs run with the least permissions the need, and \emph{setuid root} can be avoided. | 211 Modular \MTA{}s are \NAME{MMDF}, \qmail, \postfix, and \name{MeTA1}. They consist of several programs, each doing a part of the overall job. The different programs run with the least permissions the need, and \emph{setuid root} can be avoided completely. |
| 212 | 212 |
| 213 The architecture does not directly define the program's security, but ``[t]he goal of making a software secure can be better achieved by making the design simple and easier to understand and verify''\cite[chapter 6]{hafiz05}. \exim, though being monolithic, has a fairly clean security record. But it is very hard to keep the security up, as the program growth. \person{Wietse Venema} (the author of \postfix) says, it was the architecture that enabled \postfix\ to grow without running into security problems. \cite[page 13]{venema:postfix-growth} | 213 The architecture does not directly define the program's security, but ``[t]he goal of making a software secure can be better achieved by making the design simple and easier to understand and verify'' \cite[chapter 6]{hafiz05}. \exim, though being monolithic, has a fairly clean security record. But it is very hard to keep the security up, as the program growth. \person{Wietse Venema} (the author of \postfix) says, it was the architecture that enabled \postfix\ to grow without running into security problems. \cite[page 13]{venema:postfix-growth} |
| 214 | 214 |
| 215 The modular design, with each sub-program doing one part of the overall job, conforms to the \name{Unix Philosophy}. The Unix Philosophy \cite{gancarz95} demands ``small is beautiful'' and ``make each program do one thing well''. Monolithic \MTA{}s fail here. | 215 The modular design, with each sub-program doing one part of the overall job, conforms to the \name{Unix Philosophy}. The Unix Philosophy \cite{gancarz95} demands ``small is beautiful'' and ``make each program do one thing well''. Monolithic \MTA{}s fail here. |
| 216 | 216 |
| 217 Today modular \mta\ architectures are the state-of-the-art. | 217 Today modular \mta\ architectures are the state-of-the-art. |
| 218 | 218 |
| 219 | 219 |
| 220 \subsubsection*{Spam checking and content processing} | 220 \subsubsection*{Spam checking and content processing} |
| 221 | 221 |
| 222 << FIXME >> % fixme | 222 Spam and malware increased during the last years. Today it is important for an \MTA\ to be able to provide checking for bad mail. This can be done by implementing functionality into the \MTA, or by invoking external programs to do this job. |
| 223 | 223 |
| 224 | 224 \sendmail\ invented \name{milter} which is the common abbreviation for the \name{sendmail mail filter} \NAME{API}. It is used to interface external programs of various kind. \postfix\ adopted the \name{milter} interface, but is also able to easily include scanning modules into its modular structure. \qmail\ is pretty old and did not evolve with the changing market situation. Anyhow, its modular structure enables external scanners to be included into \qmail. \exim\ has the advantage that is was designed with the goal to provide extensive scanning facilities. It is therefore very good suited to scan itself or invoke external scanners. |
| 225 \subsubsection*{Future requirements} | 225 |
| 226 | |
| 227 \subsubsection*{Provider independence} | |
| 226 | 228 |
| 227 In chapter \ref{chap:market-analysis}, it was tried to figure out trends and future requirements for \MTA{}s. The four programs are compared on these (possible) future requirements now. | 229 In chapter \ref{chap:market-analysis}, it was tried to figure out trends and future requirements for \MTA{}s. The four programs are compared on these (possible) future requirements now. |
| 228 | 230 |
| 229 The first trend was provider independence, requiring easy configuration. \postfix\ seems to do best here. It used primary two configuration files (\path{master.cf} and \path{main.cf}) which are easy to manage. \sendmail\ appears to have a bad position. Its configuration file \path{sendmail.cf} is cryptic and very complex (it has legendary Turing-completeness) thus it needs simplification wrappers around it to provide easier configuration. There exist the \name{m4} macros to generate \path{sendmail.cf}, but adjusting the generated result by hand appears to be necessary for non-trivial configurations. \qmail's configuration files are simple, but the whole system is complex to set up; it requires various system users and is hardly usable without applying several patches to add basic functionality. \name{netqmail} is the community effort to help here. \exim\ has only one single configuration file (\path{exim.conf}), but it suffers most from its flexibility---like \sendmail. Flexibility and easy configuration are almost always contrary goals. | 231 The first trend was provider independence, requiring easy configuration. \postfix\ seems to do best here. It used primary two configuration files (\path{master.cf} and \path{main.cf}) which are easy to manage. \sendmail\ appears to have a bad position. Its configuration file \path{sendmail.cf} is cryptic and very complex (it has legendary Turing-completeness) thus it needs simplification wrappers around it to provide easier configuration. They exist in form of the \name{m4} macros that generate a \path{sendmail.cf} file. But adjusting the generated result by hand appears to be necessary for non-trivial configurations. \qmail's configuration files are simple, but the whole system is complex to set up; it requires various system users and is hardly usable without applying several patches to add functionality that is required nowadays. \name{netqmail} is the community effort to help in the latter point. \exim\ has only one single configuration file (\path{exim.conf}), but it suffers most from its flexibility---like \sendmail. Flexibility and easy configuration are almost always contrary goals. |
| 230 | 232 |
| 231 As second trend, the decreasing necessity for high performance was identified. This goes along with the move of \MTA{}s from service providers to home servers. \postfix\ focuses much on performance, this might not be an important point then. Of course there still will be the need for high performance \MTA{}s, but a growing share of the market will not require high performance. Performance is related to simplicity, which effects security. Increasing performance does in most times decrease the other two. Simple \mta{}s not aiming for highest performance are what is needed in future. The simple of \qmail, still being fast, seems to be a good example. | 233 \subsubsection*{Performance} |
| 234 | |
| 235 As second trend, the decreasing necessity for high performance was identified. This goes along with the move of \MTA{}s from service providers to home servers. \postfix\ focuses much on performance, this might not be an important point in the future. Of course there still will be the need for high performance \MTA{}s, but a growing share of the market will not require high performance. Energy and space efficiency is related to performance; it is a similar goal in a different direction. Optimization, be it for performance or other efficiencies, is often in contrast to simplicity and clarity, which effect security. Optimizing does in most times decrease the simplicity and clarity. Simple \mta{}s not aiming for high performance are what is needed in future. The simple design of \qmail (\qmail\ is still fast) seems to be a good example. | |
| 236 | |
| 237 \subsubsection*{Security} | |
| 232 | 238 |
| 233 The third trend---even more security awareness---is addressed by each of the four programs. It seems as if all widely used \mta{}s provide good security nowadays. Even \sendmail\ can be considered secure today. %fixme:ref | 239 The third trend---even more security awareness---is addressed by each of the four programs. It seems as if all widely used \mta{}s provide good security nowadays. Even \sendmail\ can be considered secure today. %fixme:ref |
| 234 But the modular architecture, used by \qmail\ and \postfix, is generally seen to be conceptually more secure, however. %fixme: ref | 240 But the modular architecture, used by \qmail\ and \postfix, is generally seen to be conceptually more secure, however. %fixme: ref |
| 235 \sendmail's creators have started \name{MeTA1}, a modular \MTA\ merging the best of \qmail\ and \postfix, to replace the old \sendmail. It will be interesting to watch \exim's future---will it become modular too? | 241 \sendmail's creators have started \name{MeTA1}, a modular \MTA\ merging the best of \qmail\ and \postfix, to replace the old \sendmail. It will be interesting to watch \exim's future---will it become modular too? |
| 236 | 242 |
| 239 | 245 |
| 240 | 246 |
| 241 | 247 |
| 242 \section{Summary} | 248 \section{Summary} |
| 243 | 249 |
| 244 FIXME %fixme | 250 This chapter first took an overview over the field of \MTA{}s. Three major types of \MTA{}s were identified: Relay-only \MTA{}s (also called forwarders), groupware, and the ``real \MTA{}s''. \masqmail\ belongs to the last group, it is additionally sendmail-compatible and Free Software. |
| 245 | 251 |
| 246 %fixme: write a result here | 252 Next a look at the market shares of \MTA{}s was taken and it was seen that four \MTA{}s, that are similar to \masqmail, have high importance: \sendmail, \postfix, \qmail, and \exim. Their combined share is between one third and the half of the market. The rest is split between proprietary \MTA{}s, unknown software behind mail security layers, and a rest of really small market shares. |
| 247 | 253 |
| 248 | 254 Each one of these four major Free Software \MTA{}s was presented afterwards and at the end, these programs were compared on some selected properties. |
| 255 | |
| 256 Now, the reader should have a general knowledge about the four important \MTA{}s. Further chapters will refer frequently to them. | |
| 249 | 257 |
| 250 | 258 |
| 251 %todo: my own poll (?) | 259 %todo: my own poll (?) |
| 252 | 260 |
| 253 | |
| 254 %<< complexity >> << security >> << simplicity of configuration and administration >> << flexibility of configuration and administration >> << code size >> << code quality >> << documentation (amount and quality) >> << community (amount and quality) >> << used it myself >> << had problems with it >> | |
| 255 | |
| 256 | |
| 257 %<< quality criteria >> << standards of any kind >> << how to compare? >> << (bewertungsmatrix) objectivity >> << how many criteria for ``good''? >> | |
| 258 |