qmail

Qmail is a mail server for Unix systems. It was developed by Dan Bernstein.

Security

The main reason for the development of qmail was the dissatisfaction of the author with the existing solutions. In particular, the well-known Sendmail always fell back on by security vulnerabilities. Therefore qmail designed so that it is possible unsusceptible for safety-critical vulnerabilities. Bernstein has suspended in March 1997, a premium of $ 500 for the discovery of a vulnerability and the premium after the 10 - year anniversary doubled qmail (see page 2 in PDF). This premium has not been paid, however, claimed Wietse Venema, to found a gap, what Daniel Bernstein denies categorically so far.

Construction

Qmail has a modular structure, which means each of the tasks of a mail server does another program. This is in contrast to most other MTAs that usually have a monolithic structure. This approach creates smaller programs that are easier to maintain and are less prone to errors in the code.

The directory / var / qmail contains the main component of qmail.

Innovations

  • Maildir is a storage concept that was introduced with qmail.
  • XVERP is an extension for ESMTP, reveals the sources of bounce messages and dates back to qmail.
  • Delivered-To derives an additional header of e -mails, the excess deliveries in derogation and goes back to qmail.

Criticisms

The software have given rise to discussion. Proponents of the mail server perform the simple construction and robust design in the field. Opponents criticize among others the missing Anti-Spam-/Virus-Merkmale as they are found in modern mail servers. The latest official version of qmail is was when spam still not widespread in 1998.

Also caused offense to many of the unusual approach of Bernstein in the placement of qmail files in the file system together with the restrictions laid down by him for the transfer of pre-configured qmail packages, such as Linux distributions. Although qmail stood in the source code available for download from Dan Bernstein's Web server that was from him but not - as usual in similar software usual - been explicitly placed under a free software license, so the copyright precluded its change and passing on to third parties. Was tolerated disclosure of modifications and extensions in the form of source code patches, which many properties as spam or virus protection, SMTP - after- POP or SMTP Auth, which were implemented by third parties, could be " retrofitted ". However, the maintenance of such a qmail installation was more complicated than, for example, the use of ready-made binary packages within a Linux distribution, as it is possible for most other mail servers freely available - Bernstein restrictive practice to allow the transfer of qmail binary package only if they corresponded exactly with its original source code, together with the fact that Bernstein's standard file structure for qmail the Filesystem Hierarchy contradicts standard for Linux, meant that most Linux distributions offered no qmail binaries.

Since the end of November 2007, qmail however the public domain, so this problem has basically done. A number of qmail- users has issued qmail, a package that contains some important bug fixes, but otherwise incorporated only a few changes compared to Bernstein's last version. Important additional features such as SMTP -AUTH, TLS and virus protection must as before be realized via additional source code patches by third parties, which qmail provides a disadvantage compared to other modern mail servers such as Postfix, especially since the major Linux distributions deliver still not finished qmail binaries.

de