Spam and mailing lists

Mark E. Mallett mem at mv.mv.com
Thu Oct 19 18:54:34 EDT 2006


On Thu, Oct 19, 2006 at 07:26:55AM -0400, Ben Scott wrote:
> On 10/16/06, Ben Scott <dragonhawk at gmail.com> wrote:
> >Hello, world!
> 
>  I'm a bit surprised we haven't heard from any Postfix or qmail fans
> in this thread.  Perfect holy war folder here, people, come on.  :)

Choices are fun, and not just for having a war.  sendmail, postfix, and
exim have all done a good job over the past few years of adding some
hooks for filtering requirements.  Among other things, sendmail has its
milter interface; postfix has its policy daemon interface, and now
(2.3?) has an initial stab at milter interface too; exim has a nice
built-in extension language.

Whereas the official qmail package is fixed in time at about 1998, but
has a bazillion patches and patchers.

Although that's a dig, qmail is mainly what we use.  One aspect of qmail
is that it's architected as lots of modules each handling one piece of
its mail flow.  This is both good and bad.  There are open source
replacements for some of qmail's pieces, and as I mentioned, patches for
others.  qmail is not just another choice, it's a gateway into another
universe of choices :)

The qmail setup here is, briefly:

 - stock qmail with a number of performance-improving patches applied.

 - from-scratch replacement of qmail-smtpd (SMTP receiver), written by
   me.  This includes the same scripting language as is contained in
   the MDA that I use (i.e., a procmail alternative).

 - a side daemon, the "mail client assessment" daemon, that the smtpd
   daemon consults for advice about how to deal with incoming connections.

The combination of smtpd daemon and client assessment daemon is very
powerful.  It supports a feedback loop where bad client action can be
remembered and acted on (and where feedback can come from other sources,
such as post-delivery assessment); it gives a central control interface
(e.g. allowing one to administratively shun certain senders and have the
block expire automatically, or having a web form where senders can
remove their own blocks); it helps enables things like greylisting and
other techniques; it can coordinate activity and policy across multiple
receivers; and other things that you can probably imagine.

But you can do some or all of these things with milters and policy
daemons too.

Anyway, you asked, so there's a qmail side.

-mm-  (forgotting, I am sure, something else I was going to say.)

PS: you mentioned running sendmail 8.13.1 -- you might want to look into
updating that.  There have been one or more security updates since then,
tho I don't recall offhand if any were exploitable.  But there was at
least one DOS type.


More information about the gnhlug-discuss mailing list