From owner-freebsd-questions Thu Feb 1 18:34: 4 2001 Delivered-To: freebsd-questions@freebsd.org Received: from sabre.velocet.net (sabre.velocet.net [198.96.118.66]) by hub.freebsd.org (Postfix) with ESMTP id 0F80D37B503; Thu, 1 Feb 2001 18:33:43 -0800 (PST) Received: from office.tor.velocet.net (trooper.velocet.net [204.138.45.2]) by sabre.velocet.net (Postfix) with ESMTP id 44FC0138067; Thu, 1 Feb 2001 21:33:41 -0500 (EST) Received: (from dgilbert@localhost) by office.tor.velocet.net (8.11.2/8.9.3) id f122Xdl66970; Thu, 1 Feb 2001 21:33:39 -0500 (EST) (envelope-from dgilbert) From: David Gilbert MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <14970.7298.155915.471272@trooper.velocet.net> Date: Thu, 1 Feb 2001 21:33:38 -0500 (EST) To: "Andre Hall" Cc: "Dragos Ruiu" , "Christopher Farley" , "Fenix" , , Subject: [security] Re: sendmail vs. postfix question In-Reply-To: <001c01c08c60$a49ee640$040aa8c0@pcgameauthority.com> References: <01020104192002.01203@xs4some.net> <20010131235613.A7019@northernbrewer.com> <01020103331409.27656@smp.kyx.net> <001c01c08c60$a49ee640$040aa8c0@pcgameauthority.com> X-Mailer: VM 6.75 under 20.4 "Emerald" XEmacs Lucid Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG [various, deleted] I must say that I actually understand sendmail at a low level. Back in '92 (before many alternatives were viable) I did signifcant raw .cf hacking that I am confident modern alternatives would not be able to grok. But those problems were extrodinary... Last year, I installed one of our machines with postfix. Since then, I have been happy and when opportunity has presented itself, I have loaded other machines with postfix in our network. It performs well, and I have only had minor issues. - recently rmail changed the flags it uses. Caused some coniptions before I relized what was causing delivery failure. Luckily uucp saves failed data. - One machine mysteriously "looses" the postfix master process. It's still running, but not working ... and (annoyingly) at a different PID than "postfix reload" expects it to be. I havn't got a fix for this one yet. - You can't get "real" status from Postfix. The latter is apparently a design issue. With little daemons doing little jobs, it's difficult to get the type of status info that you get from ps -axww about sendmail. That said, only one major machine in our network is left running sendmail. It will likely fall. I could fix what I don't like about it with .cf hacking, but postfix does it's job better and has more direct configuration for it's issue. In short, I like the security of non-root processing (esp. for smptd). I like the simple configuration and speed. I don't like that I can't tell that a certain smtp instance is talking to a certain host X. Dave. -- ============================================================================ |David Gilbert, Velocet Communications. | Two things can only be | |Mail: dgilbert@velocet.net | equal if and only if they | |http://www.velocet.net/~dgilbert | are precisely opposite. | =========================================================GLO================ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message