What mail server is better for linux?

Source: Internet
Author: User
Tags qmail
What mail server is better for linux-Linux Enterprise Application-Linux server application information, the following is a detailed description. Recently I want to learn about the mail server in LINUX, but I don't know what to use? Check on the Internet and check whether there are many problems such as postfix, Qmail, openwebmail, Sendmail, U-Mail, exim, and Zmailer ~ I am looking for an article to share with you. I hope you can give more suggestions and see what types of products are easy for cainiao to learn and have great development prospects.

A few years ago, only Sendmail was available for free mail servers in Linux. However, due to the Sendmail defect, some developers developed several other mail server software.

Currently, the free email server running in Linux, or the MTA (Mail Transfer Agent), has several options: Sendmail, Qmail, Postfix, exim, and Zmailer. This article will describe the characteristics of MTA in mainstream Linux environments with relatively large impact, and analyze and compare the advantages and disadvantages of MTA by Venus, this gives you a basis for choosing free MTA in Linux.

Postfix

Postfix is a product of a self-built software project developed by Wietse Venema, funded by IBM, to provide users with choice of email servers other than sendmail. Postfix is designed to be fast, easy to manage, and provide as much security as possible. It also tries its best to maintain compatibility with the sendmail mail server to meet users' usage habits. At first, the Postfix was published by the VMailer name, and later changed to Postfix for trademark reasons.

Main design objectives

The goal of the Postfix project is to implement an email server and provide users with options other than sendmail. Its design goals include:

Performance: Postfix is three times faster than similar Server products. A desktop with Postfix installed can send and receive millions of emails a day. The Postfix design uses web server design techniques to reduce Process Creation overhead, and uses other file access optimization techniques to improve efficiency, while ensuring software reliability.

Compatibility. The compatibility of Sendmail is considered during the design of Postfix to make the migration easier. Postfix supports/var [/spool]/mail,/etc/aliases, NIS, and ~ /. Forward and other files. However, to ensure the simplicity of management, Postfix does not support the configuration file sendmail. cf.

Security and robustness. Postfix is designed to ensure the reliability of the program in excess of load. When the local file system has no available space or no available memory, the Postfix will automatically give up, instead of making the situation worse by retrying.

Flexibility. The Postfix structure consists of more than 10 small sub-modules. Each sub-module completes a specific task, such as receiving a message through SMTP protocol, sending a message, and passing a message locally, rewrite an address. When a specific requirement occurs, you can use a new version of the module to replace the old one without updating the entire program. In addition, it is easy to disable a function.

Security. Postfix uses multi-layer protection to prevent attackers from protecting the local system. Almost every Postfix daemon can run under a fixed chroot with low permissions, there is no direct path between the network and the security-sensitive local shipping program-an attacker must first break through several other steps to access the local system. Postfix does not even trust the content in its own queue file or IPC message to prevent spoofing. Postfix filters messages before outputting messages provided by the sender. In addition, the Postfix program does not have set-uid.

Postfix features

Supports multiple transmission domains: sendmai supports message forwarding between the Internet, DECnet, X.400, and UUCP. Postfix is flexibly designed to implement such forwarding without virtual domain (vistual domai) or Alias. However, in the early release, only STMP was supported and UUCP was supported to a limited extent. However, for Chinese users, multi-transmission domain support was meaningless.

Virtual domain: In most general cases, adding support for a virtual domain only requires changing the Postfix query information table. Other mail servers usually require multiple levels of aliases or redirection to achieve this effect.

UCE control (UCE, unsolicited commercial email): Postfix can limit which host can forward mails by itself and which mails can be received. Postfix provides the following control functions: Blacklist list, RBL lookup, and HELO/sender DNS verification. Content-based filtering is not implemented currently.

Table view: Postfix does not implement the address rewriting language, but uses an extended table view to implement the address rewriting function. The table can be in local dbm or db file format.

Postfix architecture and comparison with Sendmail

Postfix is based on the architecture of semi-resident and interoperable processes. Each process completes a specific task without any specific process derivative relationship (parent-child relationship ). In addition, independent processes to complete different functions have better isolation than "single block" programs. In addition, this implementation method has the following advantages: each service, such as address rewriting, can be used by any Postfix component without overhead such as process creation, but only needs to override one address, of course, this method is not used only by postfix.

Postfix is implemented in this way: a resident master server runs the Postfix daemon Based on commands, and the daemon process can send or receive online mail messages, and submit emails locally. The number of daemon is determined by the configuration parameters, and re-used times are determined based on the configuration. When the idle time reaches the limit specified by the configuration parameters, automatically disappears. This method significantly reduces the overhead of Process Creation, but maintains good isolation between individual processes.

Postfix is designed to be a replacement for Sendmail. For this reason, many parts of the Postfix system, such as local shipping programs, can be easily replaced by editing and modifying configuration files similar to inetd.

The core of Postfix is implemented by more than 10 semi-resident programs. To ensure confidentiality, these Postfix processes communicate with each other through a Unix socket or a FIFO under a protected directory. Even if this method is used to ensure confidentiality, the Postfix process does not blindly trust the data it receives in this way.

The amount of data transmitted between Postfix processes is limited. In many cases, the data information exchanged between Postfix processes is only the queue file name and receiver list, or some status information. Once an email message is saved into a file, it will be saved in it and read by a mail delivery program.

Postfix uses some common measures to avoid loss of information: Before receiving confirmation, call flush and fsync () to save all the data to the disk. Check the returned results of all system calls to avoid errors.

Most people who build email servers will choose sendmail. In fairness, sendmail is a good MTA (Mail Transfer Agent ), at the beginning, Eric Allman was designed to focus on the success of Email Delivery. Unfortunately, Sendmai development does not have much consideration for security issues that may occur in the Internet environment. Sendmail can only run as the root user on most systems, which means that any holes may cause very serious consequences. In addition to these problems, the Sendmail operation is not very good at high loads.

Security

Postfix is required to run as root, but only one master program is required to run as root. The generated process is used to process access, sending, and local mail delivery. By using a series of module components, each task is run by a single program (which makes audit easier ). For example, if the sent mail is uninstalled to a queue directory, the "pcikup" program obtains the mail and then delivers the mail to the "cleanup" program, it then delivers the mail to "trivial-rewrite", which is responsible for processing the mail header. Finally, if the mail is for another system, the mail is delivered to the "smtp" program. In addition, Postfix is easier to set up the chroot' ed environment than Sendmail. Simply edit the master. the cf (usually in the/etc/postfix) file can be implemented, and the Postfix will run chroot 'ed, to limit it to the queue directory defined by it (usually located in/var/spool/postfix), it can also be in the master. set process restrictions for a single module of Postfix in cf. Users can restrict the identity of the user to which the Postfix runs. Generally, the postfix user (similar to Apache's nobody) is used to run the Postfix. the user can access a specific queue directory. The other major advantage of Postfix is that the configuration file is clear and easy to understand.

Comparison with Sendmail

For example, a mail system such as sendmail is designed and implemented according to a "single block" structure. This "single block" program implements all the functions. Of course, this structure facilitates data sharing between different parts of the system. However, this structure is prone to some fatal errors. For example, a hierarchical structure is used in the qmail mail system to run sub-module processes of different functions in a fixed order. After the sub-module processes are executed, they are released. This method has good "insulation", but increases the overhead of Process Creation and inter-process communication. However, the overhead can be kept within the acceptable range by reasonably planning the running sequence of sub-module processes.

Using other MTA instead of Sendmail is a very troublesome task. Users often have to spend a lot of time getting familiar with the configuration and use of the new MTA. With Postfix, you can use many configuration files. For example (access, aliases, external usertable, etc.), you only need to define it in master. cf. In addition, Postfix also acts like Sendmail. You can use the "sendmail" command to start Postfix.

Of course, using one software to replace another must solve specific problems. This is partly because of the security features of Postfix, which may cause some problems when configuring Postfix. The most typical problem is to send an email to the root user. Postfix generally does not improve its own permissions (required to send emails to the root user) to deliver emails. You need to define an alias for root in the alias file, for example, "root: someuser ". This also affects several email list modules, especially SmartList. Generally, Majordomo is recommended for implementing the mail list, which is easy to configure.

One of the most prominent problems with Sendmail is scalability and performance. For example, if you want to restart Sendmail every day to automatically update the configuration file (for example, to redirect emails to a VM), the problem may occur. Sendmail generates new processes to send and receive mails. These processes will exist until the transmission is completed, and Sendmail can exit. This script cannot correctly restart Sendmail. For

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.