svlug-postfix_vs_exim_comparison

This is part of The Pile, a partial archive of some open source mailing lists and newsgroups.



Date: Thu, 19 Sep 2002 20:48:31 -0700
From: Marc MERLIN <marc_news@merlins.org>
To: svlug@lists.svlug.org
Subject: [svlug] Postfix vs Exim (JC ?)

Ok,  this isn't  meant as  an Exim  rules Postfix  sucks (or  the other  way
around), I think both MTAs are very good and I'm trying to see which one is
better for each case.

I know exim fairly well, but I don't know postfix well enough to make a fair
comparison, so this is targetted at the few who may know both fairly well
(JC is one, but there may be others).

So:

- I know about the security model difference between exim and postfix.

- I do not  care much about which  one is faster at what,  they're both fast
  enough as far as I'm concerned

- I know  that because postfix isn't  monolithic like exim, and  that one of
  the prices to pay is that it doesn't do deduping (i.e. if a message is
  sent to you and an email alias, you get two copies). If postfix's secure
  module approach has other drawbacks, I'm interested to hear them

- I have been told that postfix can  do content filtering and bounce at SMTP
  time (like exim4's ACLs) and after data (like exim's system_filter).
  Confirmation would be appreciated

- I don't know  if postfix can do  fined grained ACLs like exim4  and do RBL
  rejects but only if the from  domain matches a string, the connecting host
  is in a  certain IP range, and  none of the receipients  is postmaster for
  instance. Is postfix that configurable?

- I don't think postfix can do SMTP callbacks or callouts like exim.
  Confirmation appreciated.

- I'm not sure that postfix can do the equivalent of exim's local scan or
  sendmail's milters. Confirmation appreciated

- postfix has an extensive lookup cache, which is a huge advantage over exim
  if you are doing  ldap lookups (ldap is slow, and exim  will not cache the
  lookup longer than the process runs)

- exim can  lookup users to  deliver for in ldap  or nis by  using getpwnam,
  using the C library and nscd, but if it does so, it cannot distiguish a
  non existant users from a connection refused.
  As a  result, you should  not use getpwnam and  libnss_* for any  MTA, but
  instead you should have the MTA behave as  a NIS or ldap client and do the
  query yourself.
  This is possible,  but a bit kludgy in  exim, and if you do  so, exim will
  not be able to cache the result.
  I've been told that postfix supports this better and will cache the result
  of the nis/ldap queries as if you were using nscd
  Confirmation appreciated.

 - Both MTAs support TLS

 - Exim is the only MTA I know that can create virtual aliases on the fly
  (i.e. mailman aliases)

 - Can postfix,  like exim,  do mail  routing depending on  a file  (i.e. run
  procmail if  there is a  ~user/.procmailrc or run  vacation if there  is a
  ~/.vacation.msg, etc...)
  
 - Does postfix  support complete header  rewriting (on all the  headers, per
  header and with regular expressions), like exim does?

 - What other cool things can postfix do that exim can't?

===

To: svlug@lists.svlug.org
Subject: [svlug] Re: Postfix vs Exim (JC ?)

Quoting Marc MERLIN, from the post of Thu, 19 Sep:
> Ok,  this isn't  meant as  an Exim  rules Postfix  sucks (or  the other  way
> around), I think both MTAs are very good and I'm trying to see which one is
> better for each case.

the way I see it, Postfix (ex. Vmailer) is Venema's answer to Qmail
(Venema and DJB are long time rivals), and I see Exim is a feeble
attempt to create a GPL MTA that will immitate Qmail features, while
keeping sendmail compatibility but not attempting any robustness or
efficiancy or for that matter security like Qmail.

I have little experiance with Exim, I only maintain two hosts running it
and they were both set up by others, and from a few basic problems I
have seen, I can't trust it for serious business use.

The Good - fast to set up, readable config files, excellent for home use
and as the default mailer in Debian. Does userland aliases with
extensions, does "alias on the fly" otherwise known as VERP (coined by
DJB, AFAIK, a modern feature now supported also by postfix and
sendmail), easy to incorporate spamassasin and other third parties.

The Bad - not so easy to make a pop toaster with true virtual users
(a-la qmail's vpopmail), virtusertable's handling of namespace
seperation is a bit lacking. monolithic design affects security, memory
usage and speed.

The Ugly - default configuration writes it's own logs (is that even
configurable?), if a log is unwritable exim will crash without an
explanation, I had to strace it to discover it didn't work because it
didn't have permissions to write the error log.
Queue directoy is one flat dir. scanning each file in that directory,
unless you have Reiser, is at O(n^2).  I once had a host with 13K stuck
messages, and that meant 26K files in one directory, most of them
frozen. starting up the exim daemon took 7-8 minutes.

so for me, although there's a license issue, Qmail is the only choice.

and a word in General:

What I wish I could offer my clients and employers is a Free alternative
to Exchange. the designs of all Unix MTAs I know is so far from it that
it can hardly be bent to act like Exchange from the administration point
of view. does anyone know of an effort to build such a system that will
support message tracking, central database storage (avoiding dupes of
CC: messages), message routing, mailbox delegation and such other
features? I'm aware it may mean ditching pop/imap or at least adding
quite a few Email headers for extra features, but the result should be
worth it.

===

Date: Thu, 19 Sep 2002 22:54:51 -0700
From: Marc MERLIN <marc_news@merlins.org>
To: svlug@lists.svlug.org
Subject: Re: [svlug] Re: Postfix vs Exim (JC ?)

On Fri, Sep 20, 2002 at 08:06:09AM +0300, Ira Abramov wrote:
> the way I see it, Postfix (ex. Vmailer) is Venema's answer to Qmail
> (Venema and DJB are long time rivals), and I see Exim is a feeble
> attempt to create a GPL MTA that will immitate Qmail features, while
> keeping sendmail compatibility but not attempting any robustness or
> efficiancy or for that matter security like Qmail.
 
Well, you  are very mistaken. Exim  is very  sendmail-like in its  model.  I
wasn't designed  to immitate qmail, it  was derived from smail,  for install
use where Philip works and teaches
Exim is  very robust, and  you get  to pick whether  you want to  deliver to
mbox, maildir or mbx  (for that matter, I think it's the  only MTA that does
MBX). If you want robustness, use maildir or MBX if you aren't over NFS

> I have little experiance with Exim, I only maintain two hosts running it
> and they were both set up by others, and from a few basic problems I
> have seen, I can't trust it for serious business use.

I hope  you do  know that the  exim 3.31 I  setup on  sourceforge.net routes
about one million Emails a day  and handles traffic for about 25,000 mailing
lists :-)
(it has never failed)

> The Good - fast to set up, readable config files, excellent for home use
> and as the default mailer in Debian. Does userland aliases with
> extensions, does "alias on the fly" otherwise known as VERP (coined by
> DJB, AFAIK, a modern feature now supported also by postfix and
> sendmail), easy to incorporate spamassasin and other third parties.

I was more asking about postfix, I know exim very well :-)

> The Bad - not so easy to make a pop toaster with true virtual users
> (a-la qmail's vpopmail), 

Exim does that  very well, but you  have to get the config  for that. If you
don't really know the exim syntax, there are example config files available.

> virtusertable's  handling  of  namespace  seperation  is  a  bit  lacking.
> monolithic design affects security, memory usage and speed.
 
Actually,  it does  affect  security, but  exim  can be  faster  due to  its
monolithic  model (less  shuffling around  of data:  you got  the mail,  you
deliver it right away, it's actually faster)
 
> The Ugly - default configuration writes it's own logs (is that even
> configurable?), if a log is unwritable exim will crash without an

There  is not  default config  AFAIK. You just  got a  bad config  with your
distro/package.

> explanation, I had to strace it to discover it didn't work because it
> didn't have permissions to write the error log.

That would probably true of other MTAs too :-)

> Queue directoy is one flat dir. scanning each file in that directory,

# This creates 62 subdirs in /var/spool/exim/input to allow for better disk
# performance
split_spool_directory = true

> unless you have Reiser, is at O(n^2).  I once had a host with 13K stuck
> messages, and that meant 26K files in one directory, most of them
> frozen. starting up the exim daemon took 7-8 minutes.

That's because your config wasn't done right.

# This will thaw (i.e. unfreeze) frozen messages every 4 days -- Marc           
auto_thaw = 4d                                                                  
                                                                                
# This will throw away bounces of bounces every 3 days -- Marc                  
ignore_bounce_errors_after = 3d                                                 
                                                                                
# This throws away any frozen message that's been in the queue for more than 10d
timeout_frozen_after = 10d 

> so for me, although there's a license issue, Qmail is the only choice.

Uh?

1) You clearly don't know how to admin exim
2) Postfix can be used as a replacement for qmail any day.

Anyway, this was mostly an "exim sucks" message. Not really what I asked for
:-)

===

Date: Fri, 20 Sep 2002 10:05:45 +0300
From: Ira Abramov <lists-svlug@ira.abramov.org>
To: svlug@lists.svlug.org
Subject: [svlug] Exim Rules :)

Quoting Marc MERLIN, from the post of Thu, 19 Sep:

> Anyway, this was mostly an "exim sucks" message. Not really what I asked for
> :-)

well, true. I humbly admit, the two exims I run were set up on Debian
potatos back in 1999, and in an amaturish way at that. Now that I read
your post I'm wiser, and realize I'm pissed at the earlier maintainer
rather than at the program itself.

> mbox, maildir or mbx  (for that matter, I think it's the  only MTA that does
> MBX). If you want robustness, use maildir or MBX if you aren't over NFS

I have no idea about MBX, but if it's robust but not over NFS, I'd still
go for Maildir.

> > have seen, I can't trust it for serious business use.
> 
> I hope  you do  know that the  exim 3.31 I  setup on  sourceforge.net routes
> about one million Emails a day  and handles traffic for about 25,000 mailing
> lists :-)
> (it has never failed)

ok. got me interested. I need to start studying it.

> > The Bad - not so easy to make a pop toaster with true virtual users
> > (a-la qmail's vpopmail), 
> 
> Exim does that  very well, but you  have to get the config  for that. If you
> don't really know the exim syntax, there are example config files available.

well, now that I see that Exim is enterprise matterial, I'll go study
that.

my favorite is the qmail+vpopmail+qmailadmin combo, that way I get
separate namespaces for domains, and delegation of domain management via
web, including autorepliers and mailing lists. If I could set myself up
with such a toaster on Exim, Qmail may be saying goodbye.

> Actually,  it does  affect  security, but  exim  can be  faster  due to  its
> monolithic  model (less  shuffling around  of data:  you got  the mail,  you
> deliver it right away, it's actually faster)

well, Qmail delivers right away too, but it doesn't do almost anything
as root, which I feel is more important.

> > The Ugly - default configuration writes it's own logs (is that even
> > configurable?), if a log is unwritable exim will crash without an
> 
> There  is not  default config  AFAIK. You just  got a  bad config  with your
> distro/package.

Potato. time to move that machine to Woody, but the amounts of cruft are
frightening.

> > explanation, I had to strace it to discover it didn't work because it
> > didn't have permissions to write the error log.
> 
> That would probably true of other MTAs too :-)

all other MTAs I have used either send their logs to the log daemon (and
don't crash if it's not listening) or pipe their output to a logger that
is also less fatal about such problems, or at least drops an error out
on the console for the user.

> > Queue directoy is one flat dir. scanning each file in that directory,
> 
> # This creates 62 subdirs in /var/spool/exim/input to allow for better disk
> # performance
> split_spool_directory = true

how nice... why is it a special switch and not a standard feature?
what's the benefit of NOT splitting the spool? what if I already have a
spool and want to switch methods to the hashed one?

> 1) You clearly don't know how to admin exim

well, that specific client just wants me to fix disasters, doesn't want
me to waste time redoing configurations. I don't argue since I'm doing
this part-time till I find a non-sysadmin job.

> 2) Postfix can be used as a replacement for qmail any day.

not with my setups. sadly it won't be a drop-in replacement anymore.

===
Date: Fri, 20 Sep 2002 00:20:35 -0700
From: Aaron T Porter <atporter@primate.net>
To: Ira Abramov <lists-svlug@ira.abramov.org>
Cc: svlug@lists.svlug.org
Subject: Re: [svlug] Re: Postfix vs Exim (JC ?)

On Fri, Sep 20, 2002 at 08:06:09AM +0300, Ira Abramov wrote:
> I have little experiance with Exim, I only maintain two hosts running it
> and they were both set up by others, and from a few basic problems I
> have seen, I can't trust it for serious business use.

	If you want to talk about serious business use... I've yet to find
a way to get Qmail to log a unique identifier for a message. There's no
reliable way to track a message, especially if it gets differed. You get
unusable logs with recycled identifiers. I'll take sendmail over qmail any
day. You might also have fun trying to setup an account (via assign) named
joe@domain and then use a .qmail file in aliases to forward joeseph@domain
somewhere else.

===
Date: Fri, 20 Sep 2002 00:23:41 -0700
From: Marc MERLIN <marc_news@merlins.org>
To: svlug@lists.svlug.org
Subject: Re: [svlug] Exim

On Fri, Sep 20, 2002 at 10:05:45AM +0300, Ira Abramov wrote:
> well, true. I humbly admit, the two exims I run were set up on Debian
> potatos back in 1999, and in an amaturish way at that. Now that I read
> your post I'm wiser, and realize I'm pissed at the earlier maintainer
> rather than at the program itself.
 
To be honest, to really be happy about an MTA, you have to read its docs and
configure it yourself.
 
> > mbox, maildir or mbx  (for that matter, I think it's the  only MTA that does
> > MBX). If you want robustness, use maildir or MBX if you aren't over NFS
> 
> I have no idea about MBX, but if it's robust but not over NFS, I'd still
> go for Maildir.

MBX is indexed mailbox. It's fast, supports multiple locks, but it's not
safe over NFS.

> my favorite is the qmail+vpopmail+qmailadmin combo, that way I get
> separate namespaces for domains, and delegation of domain management via
> web, including autorepliers and mailing lists. If I could set myself up
> with such a toaster on Exim, Qmail may be saying goodbye.
 
I'm not sure about the web interface, but I know the rest exists.
 
> > Actually,  it does  affect  security, but  exim  can be  faster  due to  its
> > monolithic  model (less  shuffling around  of data:  you got  the mail,  you
> > deliver it right away, it's actually faster)
> 
> well, Qmail delivers right away too, but it doesn't do almost anything
> as root, which I feel is more important.

Unless I'm very mistaken, qmail has a portion that runs as root and listens
on port 25.
That portion then passes on the mail to another portion that actually
worries about the actual delivery if the mail is local.

> > That would probably true of other MTAs too :-)
> 
> all other MTAs I have used either send their logs to the log daemon (and
> don't crash if it's not listening) or pipe their output to a logger that
> is also less fatal about such problems, or at least drops an error out
> on the console for the user.
 
Ok.
I guess it's a small shortcoming of exim. I've never been in a position
where it couldn't write to its logs though.
 
> > > Queue directoy is one flat dir. scanning each file in that directory,
> > 
> > # This creates 62 subdirs in /var/spool/exim/input to allow for better disk
> > # performance
> > split_spool_directory = true
> 
> how nice... why is it a special switch and not a standard feature?

Because some people want a single queue. Also most mail servers do not need
a hashed queue.
For that matter sf.net, back when I was still admining it, was hovering
around 6k messages in the queue. Even with a single queue dir and ext2, it's
not that slow to parse 6k files.

> what's the benefit of NOT splitting the spool? what if I already have a
> spool and want to switch methods to the hashed one?

You can switch any time, exim will use the current queue and put new
messages in the split queue.

> > 1) You clearly don't know how to admin exim
> 
> well, that specific client just wants me to fix disasters, doesn't want
> me to waste time redoing configurations. I don't argue since I'm doing
> this part-time till I find a non-sysadmin job.

That's a very  valid point. Admin an MTA, and especially  learning about the
MTA in the first place, can be time consuming.

===
Date: Fri, 20 Sep 2002 00:35:53 -0700
From: J C Lawrence <claw@kanga.nu>
To: svlug@lists.svlug.org
Subject: Re: [svlug] Re: Postfix vs Exim (JC ?) 


Sadly this turned into an Exim defence post, which was not my intent.  I
like and run both Exim and Postfix.  I like them both for rather
different reasons.  

Four years ago I ran Exim everywhere.  A couple years back I moved all
my large mail systems to Postfix; not due to any particular technical
reason, but in the course of debugging a system panic bug on one of my
larger mail systems (turned out to be a bad kernel) I swapped out MTAs
to Postfix and then after the panic bug was fixed brought all the other
mail boxes along behind to maintain parity (it was working fine under
Postfix and I wasn't about to change a working production system).

More recently I moved all my larger mail systems back to Exim.  This
time the reason was technical: I wanted to front Mailman mailing lists
with TMDA, as well as offering integrated TMDA support to individual
users of those mail systems.  Long story short: Integrating TMDA in the
way I wanted under Postfix is not and was not possible without running
the then CVS version of Postfix.  Conversely doing what I wanted under
Exim v3 or v4 exercised only well known/tested aspects of the MTA, and
was fairly trivial to implement.  Following that I then moved all the
other main mail systems to Exim to maintain parity again.

MTAs I try and avoid: Sendmail, QMail.

Reasons: 

  Sendmail: Poor history, opaque configuration, poor performance.

  QMail: Nearly impossible to make comply with the FHS.  Licensing.
  DJB.  Bizarrely non-standard configuration (dot files etc).

On Fri, 20 Sep 2002 08:06:09 +0300 
Ira Abramov <lists-svlug@ira.abramov.org> wrote:

> Quoting Marc MERLIN, from the post of Thu, 19 Sep:

>> Ok, this isn't meant as an Exim rules Postfix sucks (or the other way
>> around), I think both MTAs are very good and I'm trying to see which
>> one is better for each case.

> the way I see it, Postfix (ex. Vmailer) is Venema's answer to Qmail
> (Venema and DJB are long time rivals), and I see Exim is a feeble
> attempt to create a GPL MTA that will immitate Qmail features, while
> keeping sendmail compatibility but not attempting any robustness or
> efficiancy or for that matter security like Qmail.

Ahem.  Exim predates both QMail and Postfix.  It also exceeds both QMail
and Postfix' feature sets.  Finally, Exim is remarkably robust (even in
the broadest and most general terms), has an admirable security history,
and is quite efficient in its process behaviour.  Among the set of MTA's
in fact, in the general case Exim will process more mail for less
resource consumption than the other two.

This is not to say that Postfix doesn't have advantages.  Asides from
the cacheing issues Marc mentioned, Postfix has a much faster attack
on its delivery curve.

  ObNote: Oddly, for me this leads to Postfix performing less well than
  Exim for my loads.  My main MTA use is delivery outbound list mail.
  As list mail is delivered to the MTA in broadcast bunches, one bunch
  per list message, and my lists are moderated with, typically, batches
  on 10 - 30 messages released at a time, in the typical case Postfix
  had already drained enough of any given batch by the time the next
  batch had arrived that there were no gains from parallel delivery to
  the target MX.  Conversely Exim (which I now run due to ease of
  integration of TMDA in front of my lists), with its slower attack
  graph and fall-off on mass receipt would delay just enough that it is
  able to do bulk parallel deliveries and thus finish the total job
  faster than Postfix.

> I have little experiance with Exim, I only maintain two hosts running
> it and they were both set up by others, and from a few basic problems
> I have seen, I can't trust it for serious business use.

I've run both Exim and Postfix for some years now.  I've had no problems
of note, and certainly none that weren't of my own causing, with either.
I wager your problems were due to errors on your SysAdm's part, not
Exim's.

> The Bad - not so easy to make a pop toaster with true virtual users
> (a-la qmail's vpopmail), virtusertable's handling of namespace
> seperation is a bit lacking. monolithic design affects security,
> memory usage and speed.

Exim's attack rate is lower than either Postfix' or QMail.  Once ramped
however its saturation rate is comparable to Postfix or QMail.  This
follows the general pattern of Exim: it works hard to be friendly to the
local host, often excessively so.

Vtable supports I can't comment on: I've not messed with that area.

> The Ugly - default configuration writes it's own logs (is that even
> configurable?), if a log is unwritable exim will crash without an
> explanation, I had to strace it to discover it didn't work because it
> didn't have permissions to write the error log.

This hasn't been true for any of the versions I've built or run.  I
don't know what you had, but it was something decidedly weird.

> Queue directoy is one flat dir. scanning each file in that directory,
> unless you have Reiser, is at O(n^2).

False.  This is the default, but hashed queues have been an option for
more than a year.

> I once had a host with 13K stuck messages, and that meant 26K files in
> one directory, most of them frozen. starting up the exim daemon took
> 7-8 minutes.

That was a misconfigured MTA.  If you configure Exim to keep frozen
messages and then don't do anything to handle or remove them, then yes,
you will run into trouble.  You also run into trouble if you never
rotate your logs.  Equally surprising.

> What I wish I could offer my clients and employers is a Free
> alternative to Exchange. the designs of all Unix MTAs I know is so far
> from it that it can hardly be bent to act like Exchange from the
> administration point of view. does anyone know of an effort to build
> such a system that will support message tracking, central database
> storage (avoiding dupes of CC: messages), message routing, mailbox
> delegation and such other features?

Nope.  I aggressively work in opposite directions to almost all of
those.

===
Date: Fri, 20 Sep 2002 11:30:15 +0300
From: Ira Abramov <lists-svlug@ira.abramov.org>
To: svlug@lists.svlug.org
Subject: [svlug] Re: Re: Postfix vs Exim (JC ?)
Message-ID: <20020920083015.GM27193@ira.abramov.org>

Quoting Aaron T Porter, from the post of Fri, 20 Sep:
> On Fri, Sep 20, 2002 at 08:06:09AM +0300, Ira Abramov wrote:
> > I have little experiance with Exim, I only maintain two hosts running it
> > and they were both set up by others, and from a few basic problems I
> > have seen, I can't trust it for serious business use.
> 
> 	If you want to talk about serious business use... I've yet to find
> a way to get Qmail to log a unique identifier for a message. There's no
> reliable way to track a message, especially if it gets differed. You get
> unusable logs with recycled identifiers.

I find it quite trackable. recycling an identifier after the message
obviously marked as having finishing its path is not a problem, and
there are tools that use that for stats quite well.

http://www.cyberdesk.com/qmail/analog.html

based on this you can get lovely MRTG graphs or detailed reports. seek
out qmailanalog and its various syblings.

> I'll take sendmail over qmail any day. You might also have fun trying
> to setup an account (via assign) named joe@domain and then use a
> .qmail file in aliases to forward joeseph@domain somewhere else.

qmail extentions use "-" unless you are very specificly misconfiguring
it. joeseph should not be a problem, however joe-seph would be a
headache (though not unresolvable)

===

Date: Fri, 20 Sep 2002 12:01:43 +0300
From: Ira Abramov <lists-svlug@ira.abramov.org>
To: svlug@lists.svlug.org
Subject: [svlug] Re: Exim

Quoting Marc MERLIN, from the post of Fri, 20 Sep:

> > well, true. I humbly admit, the two exims I run were set up on
> > Debian potatos back in 1999, and in an amaturish way at that. Now
> > that I read your post I'm wiser, and realize I'm pissed at the
> > earlier maintainer rather than at the program itself.
>  
> To be honest, to really be happy about an MTA, you have to read its
> docs and configure it yourself.

mea culpa. I detest those two clunky old servers to the point of
neglect. they are full of ugly old cruft, and fixing one side of the
house-of-cards means I must upgrade and change a whole other bunch of
stuff, and since my boss doesn't care, I lost all drive to be bothered
myself. Hate this.

Luckily I found a new job I like starting in 10 days. interesting job
and friendly environment make all the difference.

> > well, Qmail delivers right away too, but it doesn't do almost
> > anything as root, which I feel is more important.
> 
> Unless I'm very mistaken, qmail has a portion that runs as root and
> listens on port 25.  That portion then passes on the mail to another
> portion that actually worries about the actual delivery if the mail is
> local.

I said _almost_ anything. the two bits of code that run as root do
extremely little, read only files in specific locations (not /etc and
sensitive areas), do not have any code that writes to files, and
fork/pipe to a non-root process as soon as possible. according to ps aux
on my machine, tcpserver listens to ports 25 and 110 on my machine but
runs as qmaild and vpopmail. the only bit that has to keep root status
is qmail-lspawn whose only duty is to spawn local delivery agents like
procmail as non-root, and it's only several hundred lines of C, so it's
easy to check how fool-proof it is.

> Ok.  I guess it's a small shortcoming of exim. I've never been in a
> position where it couldn't write to its logs though.

I discovered that after a log file was chowned to root by an unknown
script on the system. it never happend again, so I have never closed
that X-file, but still it bothers me.

> > how nice... why is it a special switch and not a standard feature?
> 
> Because some people want a single queue.

it IS a single queue, only hashed.

> Also most mail servers do not need a hashed queue.  For that matter
> sf.net, back when I was still admining it, was hovering around 6k
> messages in the queue. Even with a single queue dir and ext2, it's not
> that slow to parse 6k files.

well, the machine this particular example was running on, I had a poor
Pmmx/200.

> > > 1) You clearly don't know how to admin exim
> > 
> > well, that specific client just wants me to fix disasters, doesn't
> > want me to waste time redoing configurations. I don't argue since
> > I'm doing this part-time till I find a non-sysadmin job.
> 
> That's a very  valid point. Admin an MTA, and especially  learning
> about the MTA in the first place, can be time consuming.

it's not a valid point. I don't like the way I'm handling that server,
it is very unprofessional, but that client and my boss care more about
saving money than doing the right thing, no one will pay me for the time
needed to fix it, and at the moment, I prefer to pay the rent than learn
a new MTA with all its fine tunes and tweaks. I hereby swear I'll start
looking into it one day though :)


===
Date: Fri, 20 Sep 2002 12:32:27 +0300
From: Ira Abramov <lists-svlug@ira.abramov.org>
To: svlug@lists.svlug.org
Subject: [svlug] Re: Re: Postfix vs Exim (JC ?)

Quoting J C Lawrence, from the post of Fri, 20 Sep:

>   QMail: Nearly impossible to make comply with the FHS.
works for me via Debian's qmail-src.

>   Licensing.

yup. that IS a painful point, I agree.

>   DJB.  

yeah, well. The world has to have its briliant-yet-stubborn asses. as
Shaw observed, it's the unreasonable people that push humanity forward.

>   Bizarrely non-standard configuration (dot files etc).

non standard but highly efficiant and easy to parse by surrounding
scriptologies. when I took my first steps in the DJB world I was also
put off by them, but I see today the beuty behind it, and some of his
designs concepts have led my own software designs to be better.

> Ahem.  Exim predates both QMail and Postfix.  

well, I stand corrected once again.

> It also exceeds both QMail and Postfix' feature sets.  Finally, Exim
> is remarkably robust (even in the broadest and most general terms),

which I have yet to tweak and see. Marc says it's flawless on sf.net,
and I bow to that.

> has an admirable security history, and is quite efficient in its
> process behaviour.  Among the set of MTA's in fact, in the general
> case Exim will process more mail for less resource consumption than
> the other two.

I have never seen Qmail, even with very rare Email loops, bring down a
machine. Exim+mailman (Now I guess badly configured) drove a server to
load averages of 10 and 20 in front of my eyes.

> Vtable supports I can't comment on: I've not messed with that area.

on heavy servers there is always the problem of updating that table.
with Qmail such updates are point updates that don't disrupt the system,
and updates to lists (rather than single-user file) are done correctly
with flags. I had a situation at an ISP where the 2 seconds it took
sendmail to compile a new virtusertable, in the meantime lookups were
not locked and so for two seconds there was no virtual domain mapping,
and all the business users with the virtual domains had their mail
delivered to regular users or bounced. BAAAAD idea. I trust postfix and
exim are more careful about such updates.

> > What I wish I could offer my clients and employers is a Free
> > alternative to Exchange.
> 
> Nope.  I aggressively work in opposite directions to almost all of
> those.

well, I do both directions. minimum-features pop toasters with virtual
domains, virtual users. qmail+vpopmail+qmailadmin+courier-imap+IMP
installs and configures in 2 hours tops to an almost zero-maintenance
toaster. Almost to the point that I thought I should design an appliance
around it and sell it. However the other directions are offices that
need the common addressbooks, message routing and tracking, iCalendar
integration and other bits, and for now it's unavailable in parts and
hard to coordinate in others. Here's another idea for a startup :)

Happy Sukkot to all the Jews on the List :)
Off for the weekend,
Ira.

===
Date: Fri, 20 Sep 2002 08:53:15 -0700
From: J C Lawrence <claw@kanga.nu>
To: svlug@lists.svlug.org
Subject: Re: [svlug] Re: Re: Postfix vs Exim (JC ?) 

On Fri, 20 Sep 2002 12:32:27 +0300 
Ira Abramov <lists-svlug@ira.abramov.org> wrote:
> Quoting J C Lawrence, from the post of Fri, 20 Sep:

>> QMail: Nearly impossible to make comply with the FHS.

> works for me via Debian's qmail-src.

There's a difference between "works" and "fits FHS expectations".

>> DJB.

> yeah, well. The world has to have its briliant-yet-stubborn asses. as
> Shaw observed, it's the unreasonable people that push humanity
> forward.

Fairly simply: DJB is skilled, but annoying.  I have insufficient
justification to use any of his tools as there are other tools for
everything he has written that either do as well or better for me, and
are written by people whom I don't find annoying.

>> It also exceeds both QMail and Postfix' feature sets.  Finally, Exim
>> is remarkably robust (even in the broadest and most general terms),

> which I have yet to tweak and see. Marc says it's flawless on sf.net,
> and I bow to that.

Yup.  I'm afraid I bear some culpability there.  I introduced Exim to VA
when I moved their in-house mail servers to Exim, and things kinda moved
forward from there.

>> has an admirable security history, and is quite efficient in its
>> process behaviour.  Among the set of MTA's in fact, in the general
>> case Exim will process more mail for less resource consumption than
>> the other two.

> I have never seen Qmail, even with very rare Email loops, bring down a
> machine. Exim+mailman (Now I guess badly configured) drove a server to
> load averages of 10 and 20 in front of my eyes.

Exim has a config value which states the system load when it should
start backing off.  My recollection (without checking) is that the
default value is rather low.

===

Date: Sat, 21 Sep 2002 22:51:08 -0700
From: Marc MERLIN <marc_news@merlins.org>
To: Florin Andrei <florin@sgi.com>
Cc: svlug@lists.svlug.org
Subject: Re: [svlug] SpamAssassin + Postfix [was: Free SPAM/Virus Filter?]

On Thu, Sep 19, 2002 at 01:36:06PM -0700, Florin Andrei wrote:
> The S.A. documentation is not very generous with interfacing it with
> different MTAs.

You can always run it from procmail

With sendmail, there is a milter.
With Exim, you can run it inside exim.conf for exim 3:
http://dman.ddts.net/~dman/config_docs/exim4_spamassassin.html
or at SMTP time with sa-exim
http://marc.merlins.org/linux/exim/sa.html


===

Date: Mon, 23 Sep 2002 19:08:25 +0300
From: Ira Abramov <lists-svlug@ira.abramov.org>
To: svlug@lists.svlug.org
Subject: [svlug] Exim configuration and tuning

well, I'm taking the dive. the server desperately needed an upgrade from
potato to Woody, and I'm moving it from its weird config that ran over
3.12 to 3.25. I am also redoing the config file, basing it on the
default one given by the eximconf tool supplied in Debian.

Quoting Marc MERLIN, from the post of Thu, 19 Sep:
> 
> # This creates 62 subdirs in /var/spool/exim/input to allow for better disk
> # performance
> split_spool_directory = true

this was not even mentioned as commented. added, thanks!

lots of the syntax seems to be very different. I see in the old files
sections for ROUTERS and in the new file it's called DIRECTORS, only the
stanzas between them seem to have intermixed, and the syntax, again, is
quite different...

old:
 ----
begin routers  (all sections have "begin

the rest of The Pile (a partial mailing list archive)

doom@kzsu.stanford.edu