A few years ago, only Sendmail was available for free mail servers in Linux. However, due to the Sendmail defect, some developers have developed several other mail server software. Currently, the free email server running in Linux, or the MTA (Mail Transfer Agent), has several options: Sendmail, Qmail, Postfix, exim, and Zmailer. This article will describe the characteristics of MTA in mainstream Linux environments with relatively large impact, and analyze and compare the advantages and disadvantages of MTA by Venus, this gives you a basis for choosing free MTA in Linux.
Postfix
Postfix is a product of a free software project developed by Wietse Venema, funded by IBM, to provide users with choice of email servers other than sendmail. Postfix is designed to be fast, easy to manage, and provide as much security as possible. It also tries its best to maintain compatibility with the sendmail mail server to meet users' usage habits. At first, the Postfix was published by the VMailer name, and later changed to Postfix for trademark reasons.
Main design objectives
The goal of the Postfix project is to implement an email server and provide users with choices other than sendmail. Its design goals include:
Performance: Postfix is three times faster than similar Server products. A desktop with Postfix installed can send and receive millions of emails a day. The Postfix design uses web server design techniques to reduce Process Creation overhead and other file access optimization techniques to improve efficiency, while ensuring software reliability.
Compatibility. The compatibility of Sendmail is considered during the design of Postfix to make the migration easier. Postfix supports/var [/spool]/mail,/etc/aliases, NIS, and ~ /. Forward and other files. However, to ensure the simplicity of management, Postfix does not support the configuration file sendmail. cf.
Security and robustness. Postfix is designed to ensure program reliability when the program is overloaded. When the local file system has no available space or no available memory, the Postfix will automatically give up, instead of making the situation worse by retrying.
Flexibility. The Postfix structure consists of more than 10 small sub-modules. Each sub-module completes a specific task, such as receiving a message through SMTP protocol, sending a message, and passing a message locally, rewrite an address. When a specific requirement occurs, you can use a new version of the module to replace the old one without updating the entire program. In addition, it is easy to disable a function.
Security. Postfix uses multi-layer protection to prevent attackers from protecting the local system. Almost every Postfix daemon can run under a fixed chroot with low permissions, there is no direct path between the network and the security-sensitive local shipping program-an attacker must first break through several other programs to access the local system. Postfix does not even trust the content in its own queue file or IPC message to prevent spoofing. Postfix filters messages before outputting messages provided by the sender. In addition, the Postfix program does not have set-uid.
Postfix features
Supports multiple transmission domains: sendmai supports message forwarding between the Internet, DECnet, X.400, and UUCP. Postfix is flexibly designed to implement such forwarding without virtual domain (vistual domai) or Alias. However, in the early release, only STMP was supported and UUCP was supported to a limited extent. However, for Chinese users, multi-transmission domain support was meaningless.
Virtual domain: In most general cases, adding support for a virtual domain only requires changing the Postfix query information table. Other mail servers usually require multiple levels of aliases or redirection to achieve this effect.
UCE control (UCE, unsolicited commercial email): Postfix can limit which host can forward mails by itself and which mails can be received. Postfix provides the following control functions: Blacklist list, RBL search, and HELO/sender DNS verification. Content-based filtering is not implemented currently.
Table view: Postfix does not implement address rewriting language, but uses an extended table view to implement address rewriting. The table can be in local dbm or db file format.
Postfix architecture and comparison with Sendmail
Postfix is based on the architecture of semi-resident and interoperable processes. Each process completes a specific task without any specific process derivative relationship (parent-child relationship ). In addition, independent processes to complete different functions have better isolation than "single block" programs. In addition, this implementation method has the following advantages: each service, such as address rewriting, can be used by any Postfix component without overhead such as process creation, but only needs to override one address, of course, this method is not used only by postfix.
Postfix is implemented in this way: a resident master server runs the Postfix daemon according to the command. The daemon can send or receive network mail messages and submit emails locally. The number of daemon is determined by the configuration parameters, and re-used times are determined based on the configuration. When the idle time reaches the limit specified by the configuration parameters, automatically disappears. This method significantly reduces the overhead of Process Creation, but maintains good isolation between individual processes.
Postfix is designed to be a replacement for Sendmail. For this reason, many parts of the Postfix system, such as local shipping programs, can be easily replaced by editing and modifying configuration files similar to inetd.
The core of Postfix is implemented by more than 10 semi-resident programs. To ensure confidentiality, these Postfix processes communicate with each other through a Unix socket or a FIFO under a protected directory. Even if this method is used to ensure confidentiality, the Postfix process does not blindly trust the data it receives in this way.
The amount of data transmitted between Postfix processes is limited. In many cases, the data information exchanged between Postfix processes is only the queue file name and receiver list, or some status information. Once an email message is saved into a file, it will be saved in it and read by a mail delivery program.
Postfix uses some common measures to avoid information loss: Call flush and fsync () to save all data to the disk before receiving confirmation. Check the returned results of all system calls to avoid errors.
Most people who build the Mail server will choose sendmail. In fairness, sendmail is a good MTA (Mail Transfer Agent). Eric Allman's design considerations at the initial development mainly focus on the success of Mail delivery. Unfortunately, the development of Sendmai does not take into account the security problems that may occur in the Internet environment. Sendmail can only run as the root user on most systems, which means that any vulnerability may cause very serious consequences. In addition to these problems, Sendmail is not running well under high load conditions.
Security
Postfix is required to run as root, but only one master program is required to run as root. The generated process is used to process access, sending, and local mail delivery. By using a series of module components, each task is run by a separate program (which makes the audit easier ). For example, if the sent mail is uninstalled to a queue directory, the "pcikup" program obtains the mail and passes the mail to the "cleanup" program, it then delivers the mail to "trivial-rewrite", which is responsible for processing the mail header, and finally delivers the mail to the "smtp" program if the mail is for another system. In addition, Postfix is easier to set the chroot' ed environment than Sendmail. Simply edit the master. the cf (usually in the/etc/postfix) file can be implemented, and the Postfix will run chroot 'ed, to be limited to the queue directory defined by it (usually located in/var/spool/postfix), it can also be in the master. in cf, process restrictions are set for a single module of Postfix. Users can restrict the identity of the user to which the Postfix runs. Generally, the postfix user (similar to Apache's nobody) is used to run the Postfix. the user can access a specific queue directory. The other major advantage of Postfix is that the configuration file is clear and easy to understand.
Compared with Sendmail, mail systems such as sendmail are designed and implemented based on a single block structure. This "single block" program implements all the functions. Of course, this structure facilitates data sharing between different parts of the system. However, this structure is prone to some fatal errors. For example, a hierarchical structure is used in the qmail mail system to run sub-module processes of different functions in a fixed order. After the sub-module processes are executed, they are released. This method has good "insulation", but increases the overhead of Process Creation and inter-process communication. However, by reasonably planning the running sequence of sub-module processes, the overhead can be kept within the acceptable range.
Using other MTA instead of Sendmail is a very troublesome task. Users often have to spend a lot of time getting familiar with the configuration and use of the new MTA. With Postfix, you can use many configuration files. For example (access, aliases, external usertable, etc.), you only need to define it in master. cf. In addition, Postfix also acts like Sendmail. You can use the sendmail command to start Postfix.
Of course, using one software to replace another must solve specific problems. This is partly because of the security features of Postfix, which may cause some problems when configuring Postfix. The most typical problem is to send an email to the root user. Postfix generally does not improve its own permissions (required to send emails to the root user) to deliver emails. You need to define an alias for root in the alias file, for example, root: someuser. This also affects several email list modules, especially SmartList. Generally, Majordomo is recommended for implementing the mail list, which is easy to configure.
One of the most prominent problems with Sendmail is scalability and performance. For example, if you want to restart Sendmail every day to automatically update the configuration file (for example, to redirect emails to a VM), the problem may occur. Sendmail generates a new process to process the sent and received mails. These processes will exist until the transmission is complete and Sendmail can exit. In this way, your script cannot correctly restart Sendmail. For Postfix, you only need to issue the postfix reload command, and the Postfix will reload its configuration file.
In addition, for mail servers with tens of thousands of users, files are used to store messages such as matching users' e-mail addresses (for example, bob's mail sender is changed to sales@example.org ). For a large number of users, the file will become very huge, thus affecting the system operation efficiency. Postfix can be integrated with a database background (currently only MySQL is supported) to store its configuration information. The database mode is much more powerful than the file mode in terms of scalability.
With IBM's open-source copyright license, users can freely distribute the software for secondary development. The only restriction is that changes made to the Postfix must be returned to IBM. Because IBM funded Wietse development.
Comparison with Qmail
The disadvantage of Qmail is that the configuration method is inconsistent with Sendmail and is not easy to maintain. And Qmail's copyright license