| 1 |
Alexander Skwar wrote: |
| 2 |
> Suranga Kasthuriarachchi wrote: |
| 3 |
> |
| 4 |
>> Which is the best for organization mail server. |
| 5 |
> |
| 6 |
> NOT qmail - too many holes and not good performancewise. |
| 7 |
|
| 8 |
|
| 9 |
Some clarification on the security of qmail: |
| 10 |
|
| 11 |
qmail has no known holes be default other than still playing the MTA |
| 12 |
game by 1998 rules which is are problems and almost as annoying as |
| 13 |
security issues. Patches like 0.0.0.0, limit-bounce size, etc solve most |
| 14 |
of those. It also has very few features which is sort of the root of the |
| 15 |
problem. In order to get features (and performance) you have to patch |
| 16 |
the hell out of qmail which is of course no longer the secure default |
| 17 |
build. The 1.0.3-r16 ebuild has 29 possible patches. It's through the |
| 18 |
patches that security problems are likely to be introduced, but IIRC |
| 19 |
there has one been one or two that have been found at least in mature |
| 20 |
non bleeding edges patches. |
| 21 |
|
| 22 |
and then on performance: |
| 23 |
|
| 24 |
qmail can be made to perform, but you have to add the performance |
| 25 |
patches (qmailqueue, big-todo, big-concurrency) and do much more tuning |
| 26 |
that you'd need to do with any other mail servers. However the one mail |
| 27 |
per TCP session is one thing you can't get around and will limit the |
| 28 |
speed of large installations. Most home user or small business users |
| 29 |
won't run into that. |
| 30 |
|
| 31 |
Or you can install Postfix/Sendmail/Exim which have had actual |
| 32 |
development over the last eight years. |
| 33 |
|
| 34 |
kashani |
| 35 |
-- |
| 36 |
gentoo-user@g.o mailing list |
Archives