[OpenIndiana-discuss] Qmail-to-go on openindiana?

Gary Gendel gary at genashor.com
Wed Apr 25 15:06:47 UTC 2012 

Chris,

I've replaced my qmail chain for SASL delivery with postfix. It took me 
a few rounds to get all the bits I needed working, but I'm good with the 
results.

The non-SASL chain will be a big nut to crack.  There are a lot of 
useful spam features in spamdyke that I haven't found an equivalent for 
in postfix.  For example, spamdyke can find an ip address buried in the 
fqdn and check if it matches the sending MTA's ip address. This can be 
done for the domains you specify.  I have the one spamdyke option turned 
on to do this against all country code domains.  I also have a list of 
about 60 other domains to do this against.

If it weren't for spamdyke, I wouldn't have an issue but Sam Clippinger 
did an impressive job at making an open source anti-spam tool 
specifcally for qmail that beats anything else I've seen.

As for the dot-qmail stuff.  I've moved away from that quite awhile ago 
except for my mailing lists which I don't have a problem shutting down.

Gary

On 4/25/12 10:42 AM, Christopher Chan wrote:
> On 24/04/12 09:30 PM, Gary Gendel wrote:
>
>> The pipeline architecture of qmail has been instrumental at making
>> third-party additions incredibly simple. You can easily plug in special
>> debugging modules, and even tee off things so you can test new modules
>> in parallel with real operations. Before spamdyke was available, I had
>> developed a number of homebrew modules for spam analysis and control.
>> That said, qmail isn't 100% sendmail compatible, so occasionally I ran
>> into issues with unhandled sendmail options (until patched). I don't
>> know whether postfix suffers from the same issue yet.
>
> postfix will be fine with sendmail options. postfix also support 
> milters and you can use something like mimedefang to do the same 
> although you will have write from scratch or go hunting.
>
>>
>> Since my Qmail based system does not inherently support IPV6 and would
>> require significant patching I'm committed to move to Postfix before
>> this becomes necessary. However, Postfix configuration is far more
>> complex if you are someone that likes to understand the purpose of each
>> option and it's impact to other options. I will also miss the simplicity
>> of making a split-horizon caching DNS service via dnscache/tinydns when
>> I need to go to IPV6 which is an important piece of any email system in
>> a private networked LAN.
>
> postfix configuration is only complex because it offers more than 
> qmail. If someone were to look at your setup, it would be complex for 
> them too in the beginning.
>
> djbdns has a ipv6 patch available. Unless you need dnssec, i don't see 
> why one needs to move off djbdns. But qmail or any patched ones is 
> another story. Just the need to stop qmail-send to do any queue 
> management is reason enough not to use qmail for incoming.
>
>>
>> Gary
>>
>> On 4/24/12 8:44 AM, låzaro wrote:
>>> anyway... postfix is the better today :D
>>>
>>> I saw using Qmail long time ago, I like it, but is obsolete
>>>
>>> Also, I have my compiled Qmail and configured just as "personal email
>>> museum"
>>>
>>> Thread name: "Re: [OpenIndiana-discuss] Qmail-to-go on openindiana?"
>>> Mail number: 17
>>> Date: Tue, Apr 24, 2012
>>> In reply to: Christopher Chan<christopher.chan at bradbury.edu.hk>
>>>> On Monday, April 23, 2012 08:44 PM, låzaro wrote:
>>>>> in Qmail, the security is patch-maked in postfix is by-design-maked
>>>> NO, that is not accurate. "security" where it means anti-spam, DJB
>>>> did not bother because as far as he is concerned, the way things
>>>> are, things are just broken. Too bad his idea of how email should
>>>> work never took off. So any anti-spam features are provided by
>>>> THIRD-PARTIES. It is not 'patch-maked'. There is zero anti-spam.
>>>>
>>>> As for postfix, 'by-design-maked' just means Wietse put in the time
>>>> to develop postfix unlike DJB who stopped in 1998.
>>>>
>>>>> for example, smtp auth, SASL, TLS and soon. Also postfix is more
>>>>> modular. You can use it with someSQL LDAP and all thats cute things.
>>>> There is a qmail fork that does both sql and ldap too. postfix is
>>>> only better because its developer continued to work on the code and
>>>> keep up with the times and he built a good reputation while at it.
>>>>
>>>> No qmail fork has ever managed that because of DJB's stand on
>>>> licensing but now that qmail is public domain, maybe in the future
>>>> one of these forks might.
>>>>
>>>> _______________________________________________
>>>> OpenIndiana-discuss mailing list
>>>> OpenIndiana-discuss at openindiana.org
>>>> http://openindiana.org/mailman/listinfo/openindiana-discuss
>>
>>
>> _______________________________________________
>> OpenIndiana-discuss mailing list
>> OpenIndiana-discuss at openindiana.org
>> http://openindiana.org/mailman/listinfo/openindiana-discuss
>
>
> _______________________________________________
> OpenIndiana-discuss mailing list
> OpenIndiana-discuss at openindiana.org
> http://openindiana.org/mailman/listinfo/openindiana-discuss

More information about the OpenIndiana-discuss mailing list