Re: My Anti-qmail Page
Quoting Yonah Russ, from the post of Sat, 05 Nov: On the other hand, qmail is such a pain to install (I mean download, patch, patch, patch,,patch and install) it ends up wasting more time than any server update. I apt-get install qmail-src and the patching and building is done for me. I know no other secure and smooth-looking free pop-toaster than a qmail+qmailadmin+vpopmail combo and from my experience it has the lowest maintenence demands compared to any of the other options I have had the pleasure of admining. yes, it bothers me it's not anywhere near GPL-complience, but I give DJB a lot of credit for for being a stubborn bastard where it counts. fact is that less security-critical bits of his published work are licensed almost as loosely as public-domain. his reasoning behind the strict Qmail distribution requirements is that many bugs get introduced during recompilations and ports that the original author is not able to control. he used to give the wide varaity of sendmail versions that once proliferated and at the time, there were indeed cases where the SunOS' sendmail had a sechole that did not happend on other vendors' sendmails since the source was radicly changed by Sun, yet still called Sendmail. If it was the case today I'd understand his reasoning, but those days are over. I offered him once to release Qmail under the GPL and under a different name, so there was sure to be no confusion if a man would want to compile the original or get a precompiled deriviative. sadly I never got a reply from him on the matter. Options that face the community: 1. rewrite the bloody thing from spec and make it GPL (lots threaten to do it but never do) 2. redist with patches and a script to automate patching and installation (done in many places in different ways) 3. bug DJB some more. 4. fork the code under a different name and give attribute to DJB, It's not clear from his blurb if that's legitimate or not. I should look into it. 5. Swallow the redist frog, distribute it as binaries as DJB instructs and maintain location links for compatibility. 6. continue regarding it as the niche solution that it has become, and use it only when it's the best solution (hey wait, that IS the case, afterall no distro comes with it as the default MTA!) I set up an anti-qmail page at: http://www.shlomifish.org/open-source/anti/qmail/ Comments, suggestions, corrections and flames are welcome. The concept of an anti page is in itself a bit rude and vulgar, the idea that your very personal opinions and misinformation is not marked as such is dishonest and I personally find it odd that someone whould take so much time and energy to attack a perfectly good, a-moral and popular product and dזmonize it (excuse the pun). but then again, it's a Fish-ism and I've come to accept them as necessary evi^H^H^Hweirdness. -- The silver lining Ira Abramov http://ira.abramov.org/email/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: My Anti-qmail Page
On 11/11/05, Ira Abramov [EMAIL PROTECTED] wrote: Quoting Yonah Russ, from the post of Sat, 05 Nov: On the other hand, qmail is such a pain to install (I mean download, patch, patch, patch,,patch and install) it ends up wasting more time than any server update.I apt-get install qmail-src and the patching and building is done forme. I know no other secure and smooth-looking free pop-toaster than aqmail+qmailadmin+vpopmail combo and from my experience it has the lowest maintenence demands compared to any of the other options I have had thepleasure of admining. I found that the standard debian qmail didn't have the features I needed and then you have the even more annoying job of patching something that has already been patched. In general I prefer IMAP microwaves over pop toasters anyway ;) yonah yes, it bothers me it's not anywhere near GPL-complience, but I give DJBa lot of credit for for being a stubborn bastard where it counts. fact is that less security-critical bits of his published work are licensedalmost as loosely as public-domain. his reasoning behind the strictQmail distribution requirements is that many bugs get introduced during recompilations and ports that the original author is not able tocontrol. he used to give the wide varaity of sendmail versions that onceproliferated and at the time, there were indeed cases where the SunOS'sendmail had a sechole that did not happend on other vendors' sendmails since the source was radicly changed by Sun, yet still called Sendmail.If it was the case today I'd understand his reasoning, but those daysare over.I offered him once to release Qmail under the GPL and under a different name, so there was sure to be no confusion if a man would want tocompile the original or get a precompiled deriviative. sadly I never gota reply from him on the matter.Options that face the community: 1. rewrite the bloody thing from spec and make it GPL (lots threaten todo it but never do)2. redist with patches and a script to automate patching andinstallation (done in many places in different ways) 3. bug DJB some more.4. fork the code under a different name and give attribute to DJB, It'snot clear from his blurb if that's legitimate or not. I should look intoit.5. Swallow the redist frog, distribute it as binaries as DJB instructs and maintain location links for compatibility.6. continue regarding it as the niche solution that it has become, anduse it only when it's the best solution (hey wait, that IS the case,afterall no distro comes with it as the default MTA!) I set up an anti-qmail page at: http://www.shlomifish.org/open-source/anti/qmail/ Comments, suggestions, corrections and flames are welcome. The concept of an anti page is in itself a bit rude and vulgar, theidea that your very personal opinions and misinformation is not markedas such is dishonest and I personally find it odd that someone whould take so much time and energy to attack a perfectly good, a-moral andpopular product and dזmonize it (excuse the pun).but then again, it's a Fish-ism and I've come to accept them asnecessary evi^H^H^Hweirdness. --The silver liningIra Abramovhttp://ira.abramov.org/email/=To unsubscribe, send mail to [EMAIL PROTECTED] withthe word unsubscribe in the message body, e.g., run the commandecho unsubscribe | mail [EMAIL PROTECTED]-- I have gmail invitations. Let me know if you want an account.
Re: My Anti-qmail Page
I agree with Ira's comments - qmail is not difficult to install. It is robust, low maintenance and it works superbly with SA and ClamAV Spam Assasin is a different story entirely - you gotta know your stuff administering SA in a high volume environment dL Ira Abramov wrote: Quoting Yonah Russ, from the post of Sat, 05 Nov: On the other hand, qmail is such a pain to install (I mean download, patch, patch, patch,,patch and install) it ends up wasting more time than any server update. I apt-get install qmail-src and the patching and building is done for me. I know no other secure and smooth-looking free pop-toaster than a qmail+qmailadmin+vpopmail combo and from my experience it has the lowest maintenence demands compared to any of the other options I have had the pleasure of admining. yes, it bothers me it's not anywhere near GPL-complience, but I give DJB a lot of credit for for being a stubborn bastard where it counts. fact is that less security-critical bits of his published work are licensed almost as loosely as public-domain. his reasoning behind the strict Qmail distribution requirements is that many bugs get introduced during recompilations and ports that the original author is not able to control. he used to give the wide varaity of sendmail versions that once proliferated and at the time, there were indeed cases where the SunOS' sendmail had a sechole that did not happend on other vendors' sendmails since the source was radicly changed by Sun, yet still called Sendmail. If it was the case today I'd understand his reasoning, but those days are over. I offered him once to release Qmail under the GPL and under a different name, so there was sure to be no confusion if a man would want to compile the original or get a precompiled deriviative. sadly I never got a reply from him on the matter. Options that face the community: 1. rewrite the bloody thing from spec and make it GPL (lots threaten to do it but never do) 2. redist with patches and a script to automate patching and installation (done in many places in different ways) 3. bug DJB some more. 4. fork the code under a different name and give attribute to DJB, It's not clear from his blurb if that's legitimate or not. I should look into it. 5. Swallow the redist frog, distribute it as binaries as DJB instructs and maintain location links for compatibility. 6. continue regarding it as the niche solution that it has become, and use it only when it's the best solution (hey wait, that IS the case, afterall no distro comes with it as the default MTA!) I set up an anti-qmail page at: http://www.shlomifish.org/open-source/anti/qmail/ Comments, suggestions, corrections and flames are welcome. The concept of an anti page is in itself a bit rude and vulgar, the idea that your very personal opinions and misinformation is not marked as such is dishonest and I personally find it odd that someone whould take so much time and energy to attack a perfectly good, a-moral and popular product and dזmonize it (excuse the pun). but then again, it's a Fish-ism and I've come to accept them as necessary evi^H^H^Hweirdness. -- Danny Lieberman Visit us at http://www.software.co.il Office + 972 8 970-1485 Cell + 972 54 447-1114 = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Apache to do everything except milk delivery (was: Re: My Anti-qmail Page)
On 11/6/05, Omer Zak [EMAIL PROTECTED] wrote: Then all it will miss is mod_bootloader. You forgot the catch-all mod_emacs. Uh uh, tsk tsk. mod_vi comes first, I say! -- Arik
My Anti-qmail Page
Hi all! I set up an anti-qmail page at: http://www.shlomifish.org/open-source/anti/qmail/ Comments, suggestions, corrections and flames are welcome. Regards, Shlomi Fish - Shlomi Fish [EMAIL PROTECTED] Homepage:http://www.shlomifish.org/ 95% of the programmers consider 95% of the code they did not write, in the bottom 5%. = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: My Anti-qmail Page
You of course forgot almost unmatched security (no security issues in 32-bit machines, only in 64-bit machines). The fact that DJB has bad attitude doesn't affect the fact he knows how to write code (try djbdns as well). I suggest you won't buy anything from him - but that's your call. It's configuration is very easy and straightforward, and its performance is good. And of course, the most important stuff - it is an open source (not free software). Last time I tried to compile it, it went by the book. -- Orr Dunkelman, [EMAIL PROTECTED] If it wasn't for C, we'd be writing programs in BASI, PASAL, and OBOL, anon Spammers: http://vipe.technion.ac.il/~orrd/spam.html GPG fingerprint: C2D5 C6D6 9A24 9A95 C5B3 2023 6CAB 4A7C B73F D0AA (This key will never sign Emails, only other PGP keys.) On Sat, 5 Nov 2005, i Fish wrote: Hi all! I set up an anti-qmail page at: http://www.shlomifish.org/open-source/anti/qmail/ Comments, suggestions, corrections and flames are welcome. Regards, Shlomi Fish - Shlomi Fish [EMAIL PROTECTED] Homepage:http://www.shlomifish.org/ 95% of the programmers consider 95% of the code they did not write, in the bottom 5%. = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: My Anti-qmail Page
On Saturday 05 November 2005 18:34, Orr Dunkelman wrote: You of course forgot almost unmatched security (no security issues in 32-bit machines, only in 64-bit machines). I didn't place it there on purpose. The fact that DJB has bad attitude doesn't affect the fact he knows how to write code (try djbdns as well). Still, he wouldn't let me fork his code, wouldn't let me distribute modified sources or binaries and holds all the cards to himself. And because of his stubbornness, I won't be able to convince him to remedy this. I suggest you won't buy anything from him - but that's your call. It's configuration is very easy and straightforward, and its performance is good. And of course, the most important stuff - it is an open source (not free software). Last time I tried to compile it, it went by the book. Sorry, but open source does not mean viewable source or sourceware. See the open source definition: http://www.opensource.org/docs/definition.php So it is anything but open source, despite the fact its source code is available. Regards, Shlomi Fish - Shlomi Fish [EMAIL PROTECTED] Homepage:http://www.shlomifish.org/ 95% of the programmers consider 95% of the code they did not write, in the bottom 5%. = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: My Anti-qmail Page
Hi Just one observation: On Sat, Nov 05, 2005 at 06:34:52PM +0200, Orr Dunkelman wrote: And of course, the most important stuff - it is an open source (not free software). Last time I tried to compile it, it went by the book. the people from OSI have not managed to trademark open soruce, thus it can mean what ever you want it to mean: either a program whose source code is availble or a program that conforms to OSI's definition (practically: free software). Practically qmail is not free enough to be included in a Linux distribution. This alone is basically responsible to about half of the points Shlomi has raised. And this also means that in the long run, sendmail/exim/postfix will pervail. Still, Shlomi, would you mind pointing to the some security bugs? http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=qmail gives: - 3 bugs from the latest 64bit isue - 1 bug in autorespond - 1 bug in qmailadmin - 1 bug in Sophos AV - As for the two 1999 advisories: see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0144 for a discussion. So this basically means: nothing, except the latest 64bit issues. Compare that to postfix, exim and sendmail for the same tiem period. -- Tzafrir Cohen | [EMAIL PROTECTED] | VIM is http://tzafrir.org.il | | a Mutt's [EMAIL PROTECTED] | | best ICQ# 16849755 | | friend = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: My Anti-qmail Page
iF I set up an anti-qmail page at: iF iF http://www.shlomifish.org/open-source/anti/qmail/ I think that if you make some claims (like: qmail lags behind other MTA's in its feature-set), it is good to substantiate them, like say which features it lacks and how important are they. With that, it is worth to verify if patches exist for qmail that do that and state that too. The same for all other talking points. Then the page would look more like a credible resourse than a rant. Not that I have something against rants, everybody likes a good rant now and then, but opening a webpage just for that... I think they had invented blogs for that purpose ;) -- [EMAIL PROTECTED] \/ There shall be counsels taken Stanislav Malyshev /\ Stronger than Morgul-spells phone +972-54-6524945 /\ JRRT LotR. whois:!SM8333 = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: My Anti-qmail Page
I personally agree with every word. So what if people don't find bugs in qmail. Does it make a difference to me whether the bug exists or whether the bug is found and patched before anyone exploits it. Chances are that if you use a supported distribution and you update regularly, any bugs will be taken care of before something happens. On the other hand, qmail is such a pain to install (I mean download, patch, patch, patch,,patch and install) it ends up wasting more time than any server update. yonah On 11/5/05, i Fish [EMAIL PROTECTED] wrote: Hi all!I set up an anti-qmail page at:http://www.shlomifish.org/open-source/anti/qmail/Comments, suggestions, corrections and flames are welcome. Regards,Shlomi Fish-Shlomi Fish[EMAIL PROTECTED]Homepage: http://www.shlomifish.org/95% of the programmers consider 95% of the code they did not write, in thebottom 5%.= To unsubscribe, send mail to [EMAIL PROTECTED] withthe word unsubscribe in the message body, e.g., run the commandecho unsubscribe | mail [EMAIL PROTECTED]-- I have gmail invitations. Let me know if you want an account.
Re: My Anti-qmail Page
I set up an anti-qmail page at: http://www.shlomifish.org/open-source/anti/qmail/ Comments, suggestions, corrections and flames are welcome. Regards, Shlomi Fish I don't want to express any opinion about qmail. It has some good points, and Dan Bernstein should be credited for many positive things too. I saw the sub-title Alternatives at Shlomi's page, and just want to bring your attention to a secret revolution that may possibly come from the direction of Apache, thanks to Google's Summer of Code. When Apache 2.0 was designed (4-6 years ago), it was re-built to serve different protocols, and not only HTTP. Ryan Bloom wrote an example (mod_pop3), and some other projects were started too (e.g. mod_mbox). It had been clear that the main targets are FTP and SMTP, and finally, after SoC, mod_smtpd became a reality. SoC also helped to create satellite projects, such as a module for black-lists. Maybe it's too early to include mod_smtpd in the list of alternatives, but I believe that in the long run, it has good chances to become the best MTA for Linux/UNIX, especially if it will be integrated well with the HTTP module, as well as the surrounding modules (mod_pop3, mod_mbox, the black lists module, etc.). The only missing piece, at least in my opinion, is mod_dns (or mod_bind or mod_named, the name is not important...). Maybe some of you prefer the UNIX philosophy (of having many tiny tools that make up a great system by combining them), but the integration is not less important, especially when it's done around the most successful OSS project (I don't know any other OSS project, including sendmail, that still holds 70% of the market against Microsoft). P.S. Its license is very convenient (Apache's ASL). -- Eli Marmor [EMAIL PROTECTED] Netmask (El-Mar) Internet Technologies Ltd. __ Tel.: +972-9-766-1020 8 Yad-Harutzim St. Fax.: +972-9-766-1314 P.O.B. 7004 Mobile: +972-50-5237338 Kfar-Saba 44641, Israel = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: My Anti-qmail Page
On 11/5/05, Eli Marmor [EMAIL PROTECTED] wrote: [snip] Maybe it's too early to include mod_smtpd in the list of alternatives, but I believe that in the long run, it has good chances to become the best MTA for Linux/UNIX, especially if it will be integrated well with the HTTP module, as well as the surrounding modules (mod_pop3, mod_mbox, the black lists module, etc.). The only missing piece, at least in my opinion, is mod_dns (or mod_bind or mod_named, the name is not important...). Then all it will miss is mod_bootloader. -- Arik
Apache to do everything except milk delivery (was: Re: My Anti-qmail Page)
On Sun, 2005-11-06 at 02:22 +0200, Arik Baratz wrote: On 11/5/05, Eli Marmor [EMAIL PROTECTED] wrote: [snip] Maybe it's too early to include mod_smtpd in the list of alternatives, but I believe that in the long run, it has good chances to become the best MTA for Linux/UNIX, especially if it will be integrated well with the HTTP module, as well as the surrounding modules (mod_pop3, mod_mbox, the black lists module, etc.). The only missing piece, at least in my opinion, is mod_dns (or mod_bind or mod_named, the name is not important...). Then all it will miss is mod_bootloader. -- Arik You forgot the catch-all mod_emacs. --- Omer -- Sent from a PC running a top secret test version of Windows 97. My own blog is at http://www.livejournal.com/users/tddpirate/ My opinions, as expressed in this E-mail message, are mine alone. They do not represent the official policy of any organization with which I may be affiliated in any way. WARNING TO SPAMMERS: at http://www.zak.co.il/spamwarning.html = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
