Maybe this is now a little off-topic but...
I didn't explain the background in my original posting - yes I am mainly
concerned with an internal mail server, we have decided to use MIMESweeper
as our initial mail drop from the internet because:
* although not foolproof the virus scanning function can only add to our
protection,
* since it isn't any of the well known mail programs, doesn't run on Unix,
isn't a generalised mail delivery program, etc. it should be less open to
attack and less useful to a hacker if they can crack it.
So I'm not as paranoid about SMTP as someone using one of the
aforementioned programs as their maildrop from the internet. I know, NT is
just as bad if not worse than Unix and we don't have any information on how
secure MIMESweeper is, but as someone else said today we just have to get
on with it.
So to return to the consideration of mail servers, and it seems mainly to
be between qmail and sendmail, what are the upsides and downsides ?
Yes qmail has a lot less code, but there is still a lot. I looked in some
detail at the build and configuration notes, and what frightened me was
having to set up and track lots of user accounts, lots of little programs,
and lots of little configuration files. In my position I have to 'deliver'
a supportable mail solution (ha !) to our support teams - one humungous
program with one complex configuration file seems from where I stand to be
easier to document. I can point support at large documents distributed with
the code, even an O'Reilly book !
Sendmail is also more commercially justifiable because 8.8.x is largely the
same as the vendor versions now slowly appearing - maybe one day we can use
one from IBM or whoever :->
I don't disagree that you have to be *very* sure of yourself before putting
sendmail in front of the internet, perhaps qmail is the right thing in that
context.
By the way, does anyone know anything about Netscape's mail server product
offerings - are they rebadged sendmail ?
Richard Bignell
|
|
