Replacing Sendmail with Postfix in the base system

Oliver Fromme check+j0uazm00rs6d84yn at fromme.com
Wed Jun 14 01:22:55 PDT 2006


elekktretterr at xxxxxxxxxxxxxx wrote:
 > Seeing that sendmail is old,archaic, not-as-secure and difficult we should

That's bike-shed stuff.  :-)

Sendmail is old (but actively maintained), but that doesn't
mean that it's bad.  E.g. qmail is much newer than sendmail,
but is it better?  I don't think so.

I also disagree on the "not-as-secure" point.  The days when
sendmail CERT advisories were issued weekly are long gone.
Sendmail isn't monolithic anymore, it has been split into
several processes using separated priviledges, similar to
postfix and qmail.

Finally I also disagree on "diificult".  Sendmail's master
configuration (.mc) format is well documented (I think that
postfix' docuemtation more difficult to read), and if that's
not sufficient, the op.me guide contains everything you ever
wanted to know about sendmail.  (Personally I've never felt
the need to pick up the "bat book" which is often recommen-
ded to sendmail admins.)

For 99% of users (those who don't run a mail server, but
just want cron mails to be delivered locally) there is even
no need to configure anything.  It works right out of the
box.

 > start moving to a better alternative such as Postfix.

I strongly disagree that postfix is a "better alternative"
that warrants removing a piece of BSD software that has
been working fine for many years.

HOWEVER:  If someone wants to remove the MTA entirely
from the base system (i.e. not replacing it with another
one), then I support that.  It should be possible to
move sendmail to pkgsrc (I think it's already there),
and only leave a simple local delivery agent in the base
system (something like mail.local), so delivery of mails
from local cron jobs will work if no real MTA -- be it
sendmail, postfix, exim, whatever -- has been installed
from pkgsrc.  If locally generated mails need to be sent
to a mail server (this is what sendmail calls a "null
client"), no fully-fledged MTA is required either:  a
simple and secure SMTP client (such as ssmtp) can be used.

Just my 2 cents.  YMMV.

Best regards
   Oliver

-- 
Oliver Fromme,  secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing
Dienstleistungen mit Schwerpunkt FreeBSD: http://www.secnetix.de/bsd

Any opinions expressed in this message may be personal to the author
and may not necessarily reflect the opinions of secnetix in any way.





More information about the Users mailing list