I don't want to throw cold water of the qmail authors' enthusiasm, but
a reality check on this comparison seems needed. It is excellent to see
someone is doing this but I can't see sendmail fading out the picture
any time soon.
In some mail from Adam Shostack, sie said:
>
> qmail sendmail
> ----- --------
> 210k tar.gz 900k tar.gz
how many lines of code ?
the sendmail .tar.gz comes with a _lot_ of other things such as scripts
for easy building of sendmail.cf, sample sendmail.cf's, etc.
> one setuid (qmail) one (root) setuid program
one setuid program is one too many.
> designed for security designed to handle complex mail,
> like uucp/smtp/chaos
I'm sure others *must* have asked this question: how do you use sendmail
in conjunction with qmail so you can handle all the various complexities
which are found in today's Internet ?
> many small confusing one famously painful config file
> config files
"famously painful" - it is _much_ better than it was. Personally, I would
prefer to have one config file (the FWTK has one - netperm-table - but many
small programs) rather than try configure many things to interact correctly.
Why doesn't someone write a sendmail.cf -> qmail configuration converter
and then compare ?
> release of the month club bug of the month club
> (soon to hit v1.0)
bug of the month/release of the month - which do you go for ?
They're both bad (but could be worse). It does mean they both
receive attention which is good.
Not being v1.0 means, to me, it is a young product that has a long way to
go before it matures.
> (no security holes)
Correction: no known security holes (yet).
Darren
References:
|
|
