1 |
Alexander Skwar wrote: |
2 |
> Suranga Kasthuriarachchi wrote: |
3 |
> |
4 |
>> Which is the best for organization mail server. |
5 |
> |
6 |
> NOT qmail - too many holes and not good performancewise. |
7 |
|
8 |
|
9 |
Some clarification on the security of qmail: |
10 |
|
11 |
qmail has no known holes be default other than still playing the MTA |
12 |
game by 1998 rules which is are problems and almost as annoying as |
13 |
security issues. Patches like 0.0.0.0, limit-bounce size, etc solve most |
14 |
of those. It also has very few features which is sort of the root of the |
15 |
problem. In order to get features (and performance) you have to patch |
16 |
the hell out of qmail which is of course no longer the secure default |
17 |
build. The 1.0.3-r16 ebuild has 29 possible patches. It's through the |
18 |
patches that security problems are likely to be introduced, but IIRC |
19 |
there has one been one or two that have been found at least in mature |
20 |
non bleeding edges patches. |
21 |
|
22 |
and then on performance: |
23 |
|
24 |
qmail can be made to perform, but you have to add the performance |
25 |
patches (qmailqueue, big-todo, big-concurrency) and do much more tuning |
26 |
that you'd need to do with any other mail servers. However the one mail |
27 |
per TCP session is one thing you can't get around and will limit the |
28 |
speed of large installations. Most home user or small business users |
29 |
won't run into that. |
30 |
|
31 |
Or you can install Postfix/Sendmail/Exim which have had actual |
32 |
development over the last eight years. |
33 |
|
34 |
kashani |
35 |
-- |
36 |
gentoo-user@g.o mailing list |