On Fri, Jan 23, 2015 at 09:43:39PM +0800, Roger Goh wrote:
> We are using a commercial version of sendmail (refer to sendmail.com)
> on RHEL 5.x
>
> We have seen something like 20000 mails sent to it within 5 mins &
> it just hung up or caused severe delay in delivery.
Sendmail has no queue manager, and its congestion management is
rather crude (QueueLA, RefuseLA are not good).
> Q1:
> Is postfix (which is now the default Smtp with RHEL 6.x) more robust ie can
> take bursts of high
> volumes & can handle huge attachments/mails with faster deliveries?
Yes. Postfix handles congestion gracefully.
> Q2:
> In the past VA scans 5-10years ago, sendmail is always reported as
> something that should
> not be used. Does postfix has similar issue or it's not vulnerable to most
> VA scans today?
While Sendmail's history of major security issues seems to be in
the past, Postfix has no history of such vulnerabilities. However,
both Postfix and Sendmail are potentially exposed to any applicable
OpenSSL issues when linked with OpenSSL for TLS support.
> Q3:
> Was told by our vendor that they set up 'commercial' version of sendmail
> which has a
> separate interface/module GUI for whitelisting & blacklisting. Is there a
> commercial
> version of 'postfix' which we can get official (eg: supported by RHEL)
> support with
> add-on user-friendly interfaces/GUI?
Some commercial email appliances are Postfix under the hood, but I am
not aware of any commercial software support for Postfix.
--
Viktor.
