Re: [tlug] Hi from new server and a couple of questions

["Stephen J. Turnbull" <stephen@example.com>]

>>>>> "scott" == scott  <scott@example.com> writes:

    scott> Well I would have to admit I'm only using sendmail out of
    scott> habit, but I'm certainly open to trying out a new MTA- is
    scott> procmail the other standard?  And would I notice a
    scott> difference?

As Godwin points out, procmail is a message delivery agent (MDA).  A
message transport agent (MTA) talks SMTP (or other wire protocol such
as UUCP or X.25) on input, output, or both, and provides certain
guarantees that make asynchronous operation reliable (ie, you delegate
to it the responsibility for ensuring final delivery).  For SMTP the
behavior is specified in RFC 2821.  An MDA is a local delivery agent
that operates synchronously (ie, you wait for it to come back and tell
you final delivery has been made).

There are three very popular MTAs besides sendmail, as well as a host
of niche and relative unknowns.  qmail is A Dan Bernstein Production of
very high code quality and security, and is often used in production
settings like those that indicate the use of sendmail.  However, it's
characterized by "demented design", non-open-source licensing, and
generally irascible behavior by its author/maintainer.  I don't
recommend it unless you are willing to become a qmail specialist, or
have lots of money (qmail consultants are pretty expensive because
they're in high demand in corporate settings).  qmail is not known for
working and playing well with others; it's typically a massive PITA to
integrate with other applications like mailing lists and filters
(unless you are willing to restrict yourself to those written
explicitly for qmail, which generally have zero following outside the
qmail community).

exim is an MTA written for flexibility and ease of design.  I believe
it's the default for Debian.  Anyway, that's what I'm using, have been
doing so for years, and have never had *any* trouble although I'm
running `sid' (and have been doing so for years), so get all of the
brain belch uploads by dope-smoking deb maintainers.  Exim is known to
work and play very well with other applications.  AFAIK it has a
reasonably good security track record (see smail, infra, for why this
is not high priority for me).

postfix is an MTA written by Wietse Venema, a noted security expert,
for (what else but) security.  (Venema also wrote and maintains the
tcpwrappers library.)  postfix uses a multiple executable architecture
so that every process in the pipeline has exactly the privileges
needed to accomplish its task.  postfix is known to work and play very
well with other applications.  It is the MTA recommended by a lot of
people whose mail skills I respect a lot, such as the Mailman
developers.  It is now the default MTA on the Mac.

On my net-facing server, I'm using smail, but I think that's a long
dead project.  I don't worry about it much because my organization
severely restricts connections to internal boxes on port 25, and it's
never been quite worth it to go through the hassle of getting an MX
permit.  (And it probably wouldn't matter if it were buggy as hell
since the firewall spoofs all internal MXs on port 25 anyway.)

I believe that the Courier suite has an MTA.  The advantage to Courier
is that it provides a full, integrated suite of mail applications such
as an MDA, POP3, and IMAP.

As for noticing a difference, you will notice a big difference with
qmail.  Most programs that use the /usr/sbin/sendmail interface won't
notice a difference, but a few do.  Administration also tends to be
more complex.

exim is easier to configure than sendmail, and is pretty much a
drop-in replacement from the point of view of mail-using programs.
The concepts you've learned with sendmail mostly carry over, but
they're expressed and configured differently.

postfix is easier to configure than sendmail, but is also pretty much
a drop-in replacement.  Again, much general knowledge about mail
systems you might learn from sendmail apply, but of course the
configuration is different.  Postfix can be harder to configure than
exim because of the multi-binary architecture: you have to get file
systems permissions just right.  Of course this is normally done for
you by packaging systems, but add-on applications like MDAs and
mailing list managers may tempt you to change things.  Again, if you
stick to the MLMs packaged by your distro things are probably preset
correctly.

The main worry when switching is to make sure your mail queues for the
old MTA are clear.  You might want to close port 25 during the
switchover.

-- 
School of Systems and Information Engineering http://turnbull.sk.tsukuba.ac.jp
University of Tsukuba                    Tennodai 1-1-1 Tsukuba 305-8573 JAPAN
               Ask not how you can "do" free software business;
              ask what your business can "do for" free software.