Jason R. Mastaler wrote: > "Jesse D. Guardiani" <[EMAIL PROTECTED]> writes: > >> From what I've read, Postfix seems to be a superior MTA over qmail >> for everything but virtual domain management and security. > > I'm not aware of any security problems with Postfix. Like djb, WV has > lots of experience writing secure code (SATAN, tcp wrappers, etc.), > and security is probably the #1 goal of Postfix.
Hmm. Well that's interesting. I suppose there's more probability for security issues in Postfix due to the fact that it's actually under development, but if you code with security in mind I guess that should offset the danger quite a bit. (Personally I don't know the first thing about writing secure C code. I need to get a book or something.) <snip> > >> If Postfix had something like VMailMgr or vpopmail I'd use it >> myself. But it doesn't. > > The vpopmail homepage says it supports Postfix as well as qmail. > http://inter7.com/vpopmail.html It lies. It only supports Postfix for outgoing mail I think. You still have to have qmail installed on the system. > >> That's pretty slick. I like it. I'll have to give this a try >> tommorrow and see how it works (without the 'drop' at first, I >> think). > > I think doing this from TMDA makes the most sense for an individual > installation. If you have 200 TMDA users, you don't want each user > doing an SMTP probe upon each incoming message. It makes more sense > to do it once from the MTA. Yeah. But Perl and Python code is a heck of a lot easier to write than C code. :) If I get this working system-wide in Perl then it'll probably be a while before I feel compelled to implement it in qmail. I may indeed eventually, but with address caching I think a Python or Perl program would be just as good. > >> Yeah. CDB or MySQL system wide caching. I like it! That's getting >> almost as good as an MTA level implementation! > > If you can handle the "locking" issues properly than this might work > just as good. Then once one TMDA user verifies a bad address, the > rest of them won't have to since it will be cached. > > I wonder how expiration of the bad addresses should be handled. You > wouldn't want to cache them forever since a legitimate address might > be deemed bad due to a transient problem. Exim appears to keep > entries for 24-hours, whilst Postfix requires manual intervention. I vote for a configurable amount, personally. I'd like to tweak this value as I evaluate the system. -- Jesse Guardiani, Systems Administrator WingNET Internet Services, P.O. Box 2605 // Cleveland, TN 37320-2605 423-559-LINK (v) 423-559-5145 (f) http://www.wingnet.net We are actively looking for companies that do a lot of long distance faxing and want to cut their long distance bill by up to 50%. Contact [EMAIL PROTECTED] for more info. _________________________________________________ tmda-workers mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-workers
