Linux Today: Linux News On Internet Time.

ServerWatch: qmail Mail Server Review

Dec 10, 2001, 18:20 (19 Talkback[s])
(Other stories by M.A. Dockter)
"qmail is an Internet Mail Transfer Agent (MTA) written by Dan Bernstein for Unix, Linux, and BSD operating systems. As a replacement for the sendmail system provided with virtually every UNIX server, qmail functions uses the Simple Mail Transfer Protocol (SMTP) to exchange messages with MTAs on other systems.

qmail promises four things over sendmail and other MTAs: security, performance, reliability and simplicity. Being more secure than sendmail is not a major issue. Sendmail is many years old, and is known to be very insecure. Performance is enhanced through the use of a system that allows 20 messages to be sent simultaneously, while reliability is boosted by the use of small, yet strictly performing modules that guarantee that once a message is received, it will get to its designation. Bernstein also claims that qmail is simpler than any other similarly performing competitor because it is small.

qmail is in fact much more secure than Sendmail. qmail is made up of separate modules that each perform a specific task. Each of the separate modules are paranoid of each other; they each run at different security levels and do not trust one another to ensure that they perform correctly. This prevents a malicious user from taking over the whole qmail system by taking over just one potion of it. Because each module runs at a different security level, a malicious user would have to take over each module independently, which would require access to each level (names and passwords)."

Complete Story

Related Stories: