Replacing Sendmail with Postfix in the base system
Marcin Jessa
lists at yazzy.org
Wed Jun 14 10:46:18 PDT 2006
On Wed, 14 Jun 2006 09:13:40 -0700 (PDT)
Matthew Dillon <dillon at xxxxxxxxxxxxxxxxxxxx> wrote:
> Ok. This may come as a surprise to some of you but I am frankly
> all for changing the default MTA from sendmail to postfix. I've used
> sendmail ever since 1985, and I have dug into the code on more
> then one occassion. It's a huge mess and I've been unhappy with
> the way it has been going for at least a decade.
>
> But I am not going to pull the rug out of sendmail users. I use
> sendmail myself... at this point only because I have three other
> subsystems (popper, domain routing, spam filter) heavily
> integrated into it and cringe at the thought of having to rewire the
> whole mess.
>
> So if people want postfix, this is how you have to go about it:
>
> (1) Either bring postfix into base or integrate it into the
> NRELEASE infrastructure as a package.
>
> (2) Provide an RC option to select postfix instead of sendmail
> as the MTA.
>
> The default would still have to be sendmail. That is, if
> someone were to installworld after these changes and 'reboot' without
> making any other changes, the system would have to come up
> using sendmail.
>
> But the nrelease / installer could certainly enable postfix
> as the default for new installations instead of sendmail.
>
> (3) It is important that either sendmail or postfix be selectable
> via an RC option. Both do not have to operate in tandem,
> one or the other is just fine. But it is important that we do not
> blow up existing mail subsystems.
>
> :FYI, sendmail was recently removed from the base of NetBSD leaving
> only :postfix. The core of NetBSD AFAIK did not come yet with official
> :announcement so reasons for that are just speculations.
> :
> :[...]
> :
> :Cheers,
> :Marcin.
>
> They did announce it. Well, it was on slashdot a few weeks ago
> anyhow. The reason is simple: Too many security holes, with more
> being found. Not enough functionality. A basic refusal by the
> authors to bring the feature set into the 21st century. The code is
> a huge mess. They added threading without dealing with races. They
> added all sorts of junk without cleaning up the existing junk. I
> never liked the sendmail code but I really *HATE* it now.
Funny thing how good the timing of this announcement was:
http://security.freebsd.org/advisories/FreeBSD-SA-06:17.sendmail.asc
As modular and secure as postfix ? Eh...
Marcin.
More information about the Users
mailing list