Replacing Sendmail with Postfix in the base system

Jeremy C. Reed reed at reedmedia.net
Wed Jun 14 09:30:16 PDT 2006


> I also disagree on the "not-as-secure" point.  The days when
> sendmail CERT advisories were issued weekly are long gone.
> Sendmail isn't monolithic anymore, it has been split into
> several processes using separated priviledges, similar to
> postfix and qmail.

Still very different. sendmail is one big binary. postfix and qmail use 
several small binaries that do not easily trust each other.

Yes, there is a sendmail that is modular. It is in development. A version 
can be tested from pkgsrc-wip at wip/sendmailX. sm-X is a rewrite. See 
http://www.sendmail.org/sm-X/.

(I am not suggesting switching to it.)

> I strongly disagree that postfix is a "better alternative"
> that warrants removing a piece of BSD software that has
> been working fine for many years.

sendmail may be "BSD" softare. But it is not BSD licensed.

> HOWEVER:  If someone wants to remove the MTA entirely
> from the base system (i.e. not replacing it with another
> one), then I support that.  It should be possible to
> move sendmail to pkgsrc (I think it's already there),
> and only leave a simple local delivery agent in the base
> system (something like mail.local), so delivery of mails
> from local cron jobs will work if no real MTA -- be it
> sendmail, postfix, exim, whatever -- has been installed
> from pkgsrc.  If locally generated mails need to be sent
> to a mail server (this is what sendmail calls a "null
> client"), no fully-fledged MTA is required either:  a
> simple and secure SMTP client (such as ssmtp) can be used.

For over five years, I have been running on some systems, my BSD-licensed 
sendmail client replacement, called mailout. It does out-bound only. I 
never finished the queueing or the local delivery support. Also I need to 
make it modern -- SASL and such :)


I like and use postfix myself. My one problem with it is that I need to 
have some of the processes running to even use it. I'd prefer to be able 
to have email services turned off but still be able to send an email as 
can be done with sendmail (depending on configuration) or mailout or 
other simple alternatives.

 Jeremy C. Reed

echo '9,J8HD,fDGG8B@?:536FC5=8 at I;C5?@H5B0D at 5GBIELD54DL>@8L?:5GDEJ8LDG1' |\
sed ss,s50EBsg | tr 0-M 'p.wBt SgiIlxmLhan:o,erDsduv/cyP'





More information about the Users mailing list