On Thursday, May 30, 2013 05:11:06, Bernhard R. Link wrote: > * Chris Knadle <chris.kna...@coredump.us> [130529 08:29]: > > - Exim configuration is more human readable than Postifx's, IMHO. > > > > Postfix configuration is concise but terse, and there are typically > > blocks of options separated by commas that doesn't easily allow > > commenting on specific config options. > > Configurability is an important point. Having had to use postfix lately > I'm quite suprised anyone voluntarily uses that thing. Postfix feels > like some ad-hoc configuration gone absurd, by only making special use > cases configuable and then misusing those options for other things.
There's a reason it feels like this. Postfix was designed with security in mind, but wasn't focused on being a general purpose MTA. It happens to /work/ pretty well in that role in many cases, though. http://shearer.org/MTA_Comparison#Postfix Exim is exactly the opposite: its design was focused on being a general purpose MTA, but wasn't focused on security. Yet this doesn't mean that Exim is insecure. http://shearer.org/MTA_Comparison#Exim > Together with this splitting in many little programs which all lack most > of the information, configuring postfix is a large puzzle and any > advanced postfix configuration (even from the official documentation) > looks like McGyver was out of duct-tape but had to build a nuclear reactor > from kitchen parts with only the transparent tape for office use. This feels like a fitting description. [Postfix's master.cf file is what I find the most confusing.] > The only positive thing you can say about Postfix' configuration is that > it might be better than sendmail's. Sendmail's configuration is so unreadable that nobody [in their right mind] configures it in the native format and instead does it with m4 scripts. However with m4 scripts I think Sendmail configuration might actually be less confusing than Postfix's. -- Chris -- Chris Knadle chris.kna...@coredump.us GPG Key: 4096R/0x1E759A726A9FDD74
signature.asc
Description: This is a digitally signed message part.
