[TriLUG] qmail and RHEL 4 - all mail routed to same email...

Tue Apr 11 14:18:22 EDT 2006

On 4/11/06, John Jones <john at networkveterans.com> wrote:
> I am not sure why so many people are down on qmail.  It is an
> *extremely* secure MTA and also extremely stable.

Background: I ran sendmail for about 4 years then qmail for
about 5 years and finally postfix for the last four years.  So,
I have some idea about what I'm talking about.

That out of the way, here is what I see is wrong with qmail and
why I don't use it anymore.

1. Insistence upon dictating policy.  The local system administrator
should be the one to dictate policies like where do binaries go, yet
qmail insists on hard coding them into C code and even provides
their own C programs to enforce it.

2. Too much complexity.  While qmail is indeed less complex
(to configure at least) than sendmail, it is still way too complex.
The insistence upon having every configuration option in a different
file is just insane.  Most qmail administrators have absolutely no
clue about what does what in their configuration.

3. Non standardized behavior.  Why in the world does qmail
accept an e-mail, close the socket (thereby indicating to the
delivering server that it will be queued for delivery) and *then*
generate a bounce, which will often go back to the wrong person
because qmail does absolutely no checking to see if the e-mail
address is forged or not.  This behavior is absolutely inexcusable
and cannot be changed to do the standard behavior of rejecting
before closing the socket so that an extraneous bounce isn't
generated.

4. Qmail was a fine mailer, for the '90s but time has passed it
by.  Mail programs these days are at a minimum expected to
support both SSL/TLS and authentication, yet qmail does not
without patching.  How about storing your information in ldap?
Better get out the patch command.  Oh, and what happens
if you have two patches that interfere with each other (this happened
to me more times than I want to remember)?  Well, I hope
you remembered to bring a paddle because you're way up a
creek without any help.  Qmail just doesn't support what a
modern mailer need to support, which brings me to my last point.

5. Qmail is abandonware.  The author, Daniel Bernstein, has
completely stopped work on it and the license he placed on
it means that no one else can do any work on it either.  If someone
else wants to provide more features or fix bugs, they must
distribute their changes as patches and are not allowed to
provide binaries.  If people are providing binaries, (and I'm
sure they are) they are going against the license.  We get
upset when people break the GPL and other licenses so
to not do the same for the qmail license is hypocritical in
the extreme.

Based on those five things and many others, I STRONGLY
recommend people stay away from qmail.  There are much
better alternatives these days, like postfix.  How can you
not like a mailer where the author is extremely helpful
on the mailing lists and very willing to listen to questions,
comments, criticisms, or whatever?  I guarantee you won't
get that from DJB.

Cheers,
Tanner

Friends don't let friends use qmail.

--
Tanner Lovelace
clubjuggler at gmail dot com
http://wtl.wayfarer.org/
(fieldless) In fess two roundels in pale, a billet fesswise and an
increscent, all sable.