GuidesQmail -- Secure, high-performance MTA for Linux, UNIX and BSD systems.

Qmail — Secure, high-performance MTA for Linux, UNIX and BSD systems.

ServerWatch content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.




Qmail is an Internet Mail Transfer Agent (MTA) written by Dan
Bernstein
for Unix, Linux, and BSD operating systems. As a replacement for
the sendmail system provided with virtually every UNIX server, qmail functions
uses the Simple Mail Transfer Protocol (SMTP) to exchange messages with MTAs on
other systems.

Qmail is an Internet Mail Transfer Agent (MTA) written by Dan
Bernstein
for Unix, Linux, and BSD operating systems. As a replacement for
the sendmail system provided with virtually every UNIX server, qmail functions
uses the Simple Mail Transfer Protocol (SMTP) to exchange messages with MTAs on
other systems.

Qmail promises four things over sendmail and other MTAs: security,
performance, reliability and simplicity.  Being
more secure than sendmail is not a major issue. 
Sendmail is many years old, and is known to be very insecure. Performance
is enhanced through the use of a system that allows 20 messages to be sent
simultaneously, while reliability is boosted by the use of small, yet strictly
performing modules that guarantee that once a message is received, it will get
to its designation. Bernstein also claims that qmail is simpler than any other
similarly performing competitor because it is small.

Qmail is in fact much more secure than Sendmail. Qmail is made up of separate
modules that each perform a specific task.  Each of the separate modules are paranoid of each other; they
each run at different security levels and do not trust one another to ensure
that they perform correctly.  This
prevents a malicious user from taking over the whole qmail system by taking over
just one potion of it.  Because each
module runs at a different security level, a malicious user would have to take
over each module independently, which would require access to each level (names
and passwords).

Thanks to the use of the ucspi-tcp module, qmail can outright refuse
connections from known abusers.  To
prevent the use of the SMTP server for use in the multinational SPAM network,
qmail provides advanced relay controls that help stop unauthorized relaying by
outsiders.

Qmail makes use of what it calls a split queue directory. 
This ensures that there is no performance slow down when the queue gets
very large.  If a message failed to
be delivered, qmail uses a quadratic back-off scheme (similar to broadcast
networks such as Ethernet) so that older messages (that have been known to fail)
do not take up so much time in the queue.

Because each separate module doesnt naturally assume that the data it
receives from another module is correct, its error handling is much more robust
than most other MTAs on the market.  By
doing a small amount of specific work, and then handing messages off to other
modules qmail can work like an efficient assembly line churning out email like
Ford Model Ts.

Although qmail claims to be simple, that is not entirely correct. 
Because qmail has so many different modules (six in the core itself) it
can get confusing to anyone that is not a *nix expert. 
Although each module itself is simple, their interaction can be like that
of a major ballet, neural network, or anything highly coordinated and complex. 
Qmail is the perfect replacement for sendmail if an administrator is
looking for something more robust and secure, but is willing to spend some time
researching its function.

Pros: 7 Fast, 7 Free, 7 Secure

Cons: 7 Slightly complicated

 

Version Reviewed: 1.03

Reviewed by: M.A. Dockter
Last Updated: 12/10/01

Operating Systems / Latest Versions:

Linux, UNIX, BSD

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends & analysis

Latest Posts

Related Stories