Very dodgy statistics. The underlaying reasons for any statistical result comes down to human activity. All mail servers are good. Some easier to configure than others. Some only work on specific systems. Some come preinstalled and wide open by default.
It always, and in all cases, comes down to the operator. You either take the time to get the configurations right, or pay someone who knows what they are doing to do it for you. Or you leave it alone and use Google or Yahoo whatever. and even Google and Microsoft have a couple of misconfigured spf servers!!! Spam is sent by idiots. Open relays are managed by idiots. Spam servers are run by idiots. .... or using your statistics... 53% of Postfix servers are managed by idiots. Apparently 35% of those idiots live in the US.??? Where do the other 65% live I wonder? So it must be good software, because even an idiot can make it work. The trick is in making it work properly. The funniest disgruntled thread I've seen this year. Thanks for the laugh. ----- From my iPhone. > On 29 Dec 2015, at 12:01 pm, sb <se...@runbox.com> wrote: > > > 90% of global e-mail is SPAM. > 91% of targeted attacks start with e-mail. > > What is Postfix's share of SPAM? > -------------------------------- > > A recent survey of 2.8M SMTP servers shows the following. > > - 53% of Postfix servers are black-listed (DNSBL) > http://www.mailradar.com/mailstat/mta/Postfix.html > > - 44% of open relays are Postfix servers > http://www.mailradar.com/mailstat/open-relay/ > > - 35% of Postfix servers are hosted in the USA > http://www.mailradar.com/mailstat/mta/Postfix.html > > Who makes Postfix? > ------------------ > > Wietse Venema > IBM T.J. Watson Research > P.O. Box 704 > Yorktown Heights, NY 10598, USA > > What is Postfix's share of the SMTP server market? > -------------------------------------------------- > > A recent survey of 2.3M SMTP servers shows the following. > > #1: 53.25% EXIM > #2: 32.64% POSTFIX > #3: 6.66% SENDMAIL > http://www.securityspace.com/s_survey/data/man.201511/mxsurvey.html > > What is wrong with Postfix? > --------------------------- > > Suppose you are a school/SME/you-name-it, you want a secure server, > and you run Postfix. The following is what you get in your inbox. > >> Date: Thu, 17 Dec 2015 15:6:1 > >> From: paulnoah@ > >> Message-ID: <8038f16fe88ca0b6a66649d005c232e9@localhost.localdomain> > >> Received: from 1-160-101-156.dynamic.hinet.net ([1.160.101.156]:52001 >> helo=uwtir.com) by seth.lunarpages.com with esmtpsa [...] > >> Received: from localhost (localhost.localdomain [127.0.0.1]) >> by zimbra.baycix.de (Postfix) with ESMTP id E7078416A85 [...] > >> Received: from [127.0.0.1] by omp1062.mail.bf1.yahoo.com with NNFMP; > 25 Dec 2015 23:24:21 -0000 > >> Received: from uhosp.example.com ([37.230.116.83]) > >> Received: [...] >> ... >> Message-ID: [...] <----------- >> Delivered-To: [...] >> Received: [...] >> Received: [...] > > [anonymised] >> To: <y...@your-domain.com> >> ... >> Reply-To: <y...@your-domain.com> > > There are more examples, and the all reduce to Postfix accepting incoming > e-mail whose origin and envelope are not RFC compliant. > > In fact, the task of writing PCRE parsers and policies is delegated > to the user, that is you, as part of your own configuration > (access, helo_access, header_checks, etc). > > Writing such parsers and policies is highly rewarding: my servers > reject 95% of SPAM by rejecting non-RFC-compliant e-mails, without > any DNSxL or anti-spam add-on. The task required months of full-time > labour. The same task cannot be brought to completion, however. > > The postfix-users forum would be a good place where to discuss > Postfix's problems in detail. However, the same forum is rather focused > on self-celebration than active collaboration, where attempts to > address SPAM as a problem are scornfully dismissed. Given the above > statistics, this is no longer surprising. > > Postfix is easy on the spammers and hard on the honest. > > unsubscribe postfix-users
