Replacing Sendmail with Postfix in the base system

Marcin Jessa lists at yazzy.org
Wed Jun 14 10:46:18 PDT 2006


On Wed, 14 Jun 2006 09:13:40 -0700 (PDT)
Matthew Dillon <dillon at xxxxxxxxxxxxxxxxxxxx> wrote:

>      Ok.  This may come as a surprise to some of you but I am frankly
> all for changing the default MTA from sendmail to postfix.  I've used
>      sendmail ever since 1985, and I have dug into the code on more
>      then one occassion.  It's a huge mess and I've been unhappy with
> the way it has been going for at least a decade.
> 
>      But I am not going to pull the rug out of sendmail users.  I use 
>      sendmail myself... at this point only because I have three other
>      subsystems (popper, domain routing, spam filter) heavily
> integrated into it and cringe at the thought of having to rewire the
> whole mess.
> 
>      So if people want postfix, this is how you have to go about it:
> 
>      (1) Either bring postfix into base or integrate it into the
> NRELEASE infrastructure as a package.
> 
>      (2) Provide an RC option to select postfix instead of sendmail
> as the MTA.
> 
> 	 The default would still have to be sendmail.  That is, if
> someone were to installworld after these changes and 'reboot' without
> 	 making any other changes, the system would have to come up
> using sendmail.
> 
> 	 But the nrelease / installer could certainly enable postfix
> as the default for new installations instead of sendmail.
> 
>      (3) It is important that either sendmail or postfix be selectable
> 	 via an RC option.  Both do not have to operate in tandem,
> one or the other is just fine.  But it is important that we do not 
> 	 blow up existing mail subsystems.
> 
> :FYI, sendmail was recently removed from the base of NetBSD leaving
> only :postfix. The core of NetBSD AFAIK did not come yet with official
> :announcement so  reasons for that are just speculations.
> :
> :[...]
> :
> :Cheers,
> :Marcin.
> 
>     They did announce it.  Well, it was on slashdot a few weeks ago
> anyhow. The reason is simple:  Too many security holes, with more
> being found. Not enough functionality.  A basic refusal by the
> authors to bring the feature set into the 21st century.  The code is
> a huge mess.  They added threading without dealing with races.  They
> added all sorts of junk without cleaning up the existing junk.  I
> never liked the sendmail code but I really *HATE* it now.

Funny thing how good the timing of this announcement was:
http://security.freebsd.org/advisories/FreeBSD-SA-06:17.sendmail.asc

As modular and secure as postfix ? Eh...


Marcin.






More information about the Users mailing list