James Vahn wrote: > Bob Proulx wrote: > > I think you will get at least ten responses suggesting that you should > > move away from sendmail. Half will be to postfix. Half will be to > > exim. > > Any idea why? I've never understood why Debian moved to Exim as the > default MTA. Longtime sendmail user, 10-11 years. > ... > But your statement is one that I've often wondered about... > Any feedback? What am I missing? thanks!
I also ran Sendmail for years. It was a good mailer in its day and has set the standard. But unfortunately it has had a long history of security vulnerabilities. Mostly this one thing is what has driven people away from it. The classic unix paradigm is to have many small programs that are specific and targeted. Each program does one thing and does it well. Smaller programs are combined to form more powerful programs. This is the basis of the cat, grep, sed type of paradigm. Sendmail violates this classic unix philosophy. It is one huge monolithic program. Worse it is one huge monolithic program that runs as root. Therefore almost the entire program is available to find a security whole. And the history of security holes is very long in Sendmail. It is just a hard thing to secure. Additionally sendmail's configuration syntax is complex in its simplicity. It has a very low level configuration language that makes doing high level tasks tedious. And being so very flexible it is itself a vector of attack. Of course now most people use the m4 macros to make this much easier. But being macros you are really not getting away from the underlying language and for many things you will still need to work with the low level sendmail language. To counter the problems in Sendmail programs like Postfix and Exim are a fresh rewrite. They benefit from the experience gained from Sendmail. But for example Postfix follows the unix paradigm and has many smaller programs that do targeted tasks. Very few of the programs run with elevated privilege. A non-root user is used for tasks that allow this. This isolation makes auditing the code much easier because smaller sections of it are vulnerable to attack. Historically Postfix and Exim have had significantly fewer vulnerabilities and they were found were usually of lessor consequence than Sendmail. Personally I like Postfix because it is very powerful, fast and yet simple to configure because it is almost entirely table driven. I don't know as much about Exim but through association it also seems to be a capable mailer. I hope this helps, Bob
signature.asc
Description: Digital signature
