display | more...
It's easier than you think. Or at least, it was for me.

I think the root of the problem was that I was approaching its configuration as I did sendmail, which was a mixture of trial and error, and walking through a junkyard with a blindfold on.

My advice, for anyone else thinking that qmail is too difficult, would be to turn off sendmail, and start qmail. Then worry about the configuration.

Qmail will not relay mail by default, so there's no reason to fear being an open relay. If you want to add/change/remove hostnames that qmail will receive mail for, check /var/qmail/control/ to do that. Once done with that, I've found that a ``killall -1 qmail-send'' works fine for getting it to reload its configuration. (Yes, I am advocating a somewhat stupid thing--run something, then figure out how it works... But, really, understanding something in theory is much more difficult than understanding something in practice--at least, for me.)

Qmail - Current Version is 1.03


Qmail, by Daniel J. Bernstein, is a Mail Transport Agent which was designed from scratch with security in mind. It is totally modular, using many programs that do not trust each other to hand off and deliver mail. It is also extremely compact and very fast.


While many there are many programs that ask you to create a single user to run the program, qmail has you create many, each for a different task. The user qmaill is for logging, qmailq is for handling the queue, qmaild is for delivering mail, and so on. This fits in nicely with Bernstein's no-trust model so that, unlike sendmail, each task runs under a separate and distinct uid that has no permissions outside of its own task. This makes it impossible to fool another task into blindly accepting what is being passed to it, which has been the problem with many security holes in other MTAs.


Qmail is also compact and lean, which is very good for a high-volume server. This means that on a less enterprise-worthy server, it can accept far more connections than a larger MTA could, and it handles traffic with surprising speed. On an enterprise level server, you would not even notice it running even if it was getting nailed with connections.


There's not a lot to say on this. Qmail has compiled on every type of *NIX box I have tried. These include, FreeBSD, Linux, SunOS 4, Solaris, AIX and Ultrix. It uses its own compilation routines and compiles static, so as to avoid any unpleasantries with shared library libc bugs or what have you.


Another nice thing about Qmail is that there is ample support for it. There are also lots of utilities designed to work with qmail such as vpopmail, a pop3 virtual domain manager, and qmail-scanner, an intermediary for the queue to scan for viruses. There are plenty of online HOWTOs and help files, but if you prefer, there are also companies that will provide support for qmail for money, if that is what you need. It is worth noting that almost all utilities available for qmail, including qmail itself, are free.


After such a glowing review, you'd think I had some stake in qmail. I do. I'm a network administrator who depends on qmail as my only transport agent. It has, in the 4 years I have been using it, caused me precisely zero headaches. If you are in the market for an MTA that is fast, portable, and doesn't leave you open to new exploits every two weeks, give qmail a try. You won't be disappointed.

Log in or register to write something here or to contact authors.