[Mailman-Users] Mailer

claw at kanga.nu claw at kanga.nu
Wed Dec 1 23:59:39 CET 1999


On Wed, 01 Dec 1999 08:55:50 +0200 
Richard Ellerbrock <richarde at eskom.co.za> wrote:

> I have been lurking and listening to this advocacy debate for a
> while now and have stayed clear of the debate up till now.

<bow>

I should probably give some credentials here.  I make my living as a
programmer and systems engineer.  I've built ISPs.  I've built
corporate interanets.  I've also programmed them, which is what I
prefer to do (less politics).  Client lists are available on
request.

> Just some hard facts to set the record straight:

> I run around 150000 e-mail messages a day through a single mail
> spool machine. This machine is configured with 3 virtual
> interfaces (each running a different configuration). I handle
> around 15 domains on this machine. Spam filters and blackhole
> lists are configured to the max. At any one time there are around
> 300 mail processes on this machine with the machine never going
> under 95% idle!

> Another machine (P133!) handles all my mailing lists on
> mailman. This machine has around 30 lists, with around 10 with
> over 3000 members each. Many of the lists are automagically
> generated each evening using sync_members from our HR database
> system.

Good stuff.

> I have never had a performance problem or a security violation in
> the last 5 years this setup has been running. It also never falls
> over and never needs maintenance.

> BTW, it is all running on sendmail 8.9.3

I suffered thru the Sendmail patch of the day, even patch of the
hour some years ago.  They were non-trivial patches.  The holes and
bugs they fixed were non-trivial.  Few to none of them shouold have
been encessary in the first place and certainly not for a program
that was already quite old.  Sendmail itself has a very long and
chequered history of root compromises ranging from the Morris worm
on up to the present day (I spent the weekend a couple weeks ago
helping to recover a site from a sendmail-based root compromise (he
didn't upgrade).  I would have preferred having my weekend to
myself.  Sendmail itself is a horribly ugly piece of code that has
long outlived its original design or intent.

Quite simply, and with the very small exception of those very very
few sites that have to do particularly grevious header re-writing
(and even then its rarely required), I don't and wouldn't recommend
anybody use sendmail anywhere.  It is both unnecessary and has good
even compelling reasons to do otherwise.  There just isn't any
reason to run Sendmail anymore when better, more capable, faster,
more secure and very well proven servers are freely available.

Is there any reason to still use coal fired automobiles?  Then why
use sendmail?

There is not a single large volume commercial mail site that runs
sendmail.  Not one.   Check for yourself.  

For those interested my current clients are Critical Path.  They
handle all the email for FedEX, Exodus, AT&T, 3Com, Auther Anderson,
ICQ, Lucent, NASA, and others -- and use QMail.  I'm not sure what
their average mail loads are, but I'd be surprised if they were any
lower than my last client at ~1.5Million per hour (also QMail
users).

> I have looked at the other offerings and have not found any other
> mailer that even comes close to what sendmail can do for you. 

Can you give a specific?

The only claims to fame I'm aware of that sendmail retains are a few
particularly grevious and invasive forms of header and envelope
re-writing -- and in fact Exim and and I think Postfix can now both
do that and more (haven't checked QMail), so there's no wins there.

> My suggestion to those that moan about complexity is to stay away
> from UNIX and go to NT. 

Sendmail's CF is daunting -- even moreso because it is needless.
SMail, Exim, WMail, Postfix and half a dozen others have
demonstrated that.  

I don't mid comlexity, but I'm not a fan of unjustified complexity,
most especially when that complxity is in the form of a required
system service that runs as a privileged user and therefor
potentially (in the event of a compromise) gives unfettered root
access to my systems.  No thanks.

No thanks.  Even chroot jails (which is where I run my MTAs) aren't
secure against a root compromise.

The goal is simplicity, not bolting on yet more levels of kludge.
Email systems in their nature are not inherently complex.  They
don't need to be and shouldn't be.  The only complexities present
there are ones we people add due to the fact that we're tried to cut
corners somwhere else and now have to pay for it in the email
system.  In fact email systems, again by their very nature, tend to
be extremely simple, even trivial in structure.

There's no reason an MTA shouldn't express and embody that
simplicity.  Somehow, sendmail doesn't.

> Also, it must be noted that every UNIX that I have ever worked
> with comes standard with sendmail, so you are bound to discover
> security problems if 90% of the mailers run your software. 

That may have been a valid argument 10 years ago in sendmail's
favour.  It isn't any more.  QMail and Exim in particular have large
well established communities of users and have had for years.
Postfix is rapidly gaining ground there, but hasn't (yet) matched
their scope.

FWIW Debian's default MTA is Exim.  

> The others are just lucky as their mailers only have a small
> number of users compared to sendmail.

You've peaked my curiosity here.  I suspect that while you may once
have been correct, you are aren't any more.  My bet is that more
email is handled by non-sendmail MTA's per day than sendmail.  There
may be more sendmail systems out there (if only due to the fact that
it is the default on commercial Unix systems), but that's not what
I'm looking at: Volume of mail handled.

Consider the impact of Aol, Hotmail, EGroups, CoolList, and every
last one of the larger ISP (half million or more users) not using
semdmail.

I should run some header analysis stats...

> My 2c worth, and no mail will be answered. Thanks.

Thanks.

-- 
J C Lawrence                                 Home: claw at kanga.nu
----------(*)                              Other: coder at kanga.nu
--=| A man is as sane as he is dangerous to his environment |=--




More information about the Mailman-Users mailing list