On Wed, 18 Sep 2002, Rick Moen wrote: > > I disagree however with your point that sendmail, and its improvements > > done in response to security or performance reasons, is enough to consider > > it as a viable MTA solution today. > > Well, (1) I'm being charitable. People get too worked up over this. ;-> > (2) I wouldn't use it, myself: I'm a Sendmail refugee, having switched > to Exim, years ago. (I'd be happy with Postfix, I think -- but haven't > personally tried it.) >
Point(s) taken. \8) > > Its track record in security and performance reflects design flaws which > > existed from the time it was first deployed, and whatever improvements are > > simply 'band-aid' covering up what essentially is a broken design to begin > > with. > > Well, that's exactly the assumption that I'm honestly not sure is true. > What remains that's indisputably questionable about its design is being > a monolithic binary. (Exim shares this trait with it.) At least in > theory, a modular design _should_ be better, at some mild cost in > complexity in the form of inter-module structure. But there _was_ at > least one major design change: Having spawned instances drop privilege > according to role. Ever since then, it hasn't had significant security > problems, and I wouldn't expect them. If I were an expert in MUA > internals, I could probably comment further, but I'm not, so I won't. I'm too influenced by the 'program that does one thing, and one thing only, and does it d@mn well' methodology. That's why i'm not to keen on existing monolithic programs like bind and sendmail ( Apache has taken the middle ground with it's run time modules). Breaking up a service into several independent units makes for a cleaner source code (less interdependencies), and well defined and simple interfacing rules. The less moving parts in a system, the less things can go wrong... Of course they are harder to debug with all the IPC going around, but when you perfect the little 'proglets' the resulting efficiency is worth the extra time and effort. DJB has done this not only with the MTA but with the name server as well. BTW, the 'drop priv' technique is done by both bind and sendmail, both notorious for its security problems before, so it's something endemic in monolithic designs. > We do have one very major area of agreement: Neither one of us would > willingly use Sendmail. ;-> I would believe that most others in this list generally have the same sentiment, especially those who have actually opened their minds to sendmail alternatives and actually took the time to deploy it and gain the opportunity to compare. > (I forgot to mention that there are still some types of rewrite rulesets > and delivery modes that only Sendmail can do. For example, UUCP.) Yes, every software has its uses, i agree. _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] Fully Searchable Archives With Friendly Web Interface at http://marc.free.net.ph To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
