Forum OpenACS Q&A: Re: References to qmail

Collapse
4: Re: References to qmail (response to 1)
Posted by Andrew Piskorski on
At least some of the folks doing sysadmin work at aD had a long-standing (and likely correct) belief that Sendmail was insecure, un-configurable junk, and that Qmail was by far the best replacement available. (I think Philip even had that in his book.)

Except for one ancient Post.Office (some commercial product) instance (which was serving all the arsdigita.com email for far, far too long), which I think was also finally replaced with Qmail, all the servers that I was ever aware of at aD were using Qmail as their MTA, as far as I knew.

There are other alternatives to Sendmail now (Exim, Postfix, Courier, etc.), but I don't think those were at all viable back then, and I'm really not sure how well they all compare vs. Qmail now. Certainly it's still a matter of debate - do a search here and you should see various old posts arguing both for and against Qmail and other DJB tools.

Collapse
9: Re: References to qmail (response to 4)
Posted by Joel Aufrecht on
I agree that sendmail (even the rewritten sendmail 9) has an apparently warranted reputation for insecurity.  The weird thing is why someone wrote an app that calls qmail directly.  The sendmail command seems to be the de facto standard API for sending mail, because the other mails can and do emulate it.  So the Right Way appears to be to call ns_sendmail and let it call sendmail and let your MTA of choice simulate sendmail.  And if I understand correctly, that's the decision the community has made?
Personally, I find that the djb tools exemplify unix: powerful, stable, and user-hostile.  Or rather, administrator-hostile.  They tend to fail silently and without explanation, which may (maybe?) be appropriate in some circumstances but makes them brutally unforgiving of mistakes or even just faulty assumptions while installing.