This is part of The Pile, a partial archive of some open source mailing lists and newsgroups.
Date: Thu, 19 Sep 2002 20:48:31 -0700
From: Marc MERLIN <marc_news@merlins.org>
To: svlug@lists.svlug.org
Subject: [svlug] Postfix vs Exim (JC ?)
Ok, this isn't meant as an Exim rules Postfix sucks (or the other way
around), I think both MTAs are very good and I'm trying to see which one is
better for each case.
I know exim fairly well, but I don't know postfix well enough to make a fair
comparison, so this is targetted at the few who may know both fairly well
(JC is one, but there may be others).
So:
- I know about the security model difference between exim and postfix.
- I do not care much about which one is faster at what, they're both fast
enough as far as I'm concerned
- I know that because postfix isn't monolithic like exim, and that one of
the prices to pay is that it doesn't do deduping (i.e. if a message is
sent to you and an email alias, you get two copies). If postfix's secure
module approach has other drawbacks, I'm interested to hear them
- I have been told that postfix can do content filtering and bounce at SMTP
time (like exim4's ACLs) and after data (like exim's system_filter).
Confirmation would be appreciated
- I don't know if postfix can do fined grained ACLs like exim4 and do RBL
rejects but only if the from domain matches a string, the connecting host
is in a certain IP range, and none of the receipients is postmaster for
instance. Is postfix that configurable?
- I don't think postfix can do SMTP callbacks or callouts like exim.
Confirmation appreciated.
- I'm not sure that postfix can do the equivalent of exim's local scan or
sendmail's milters. Confirmation appreciated
- postfix has an extensive lookup cache, which is a huge advantage over exim
if you are doing ldap lookups (ldap is slow, and exim will not cache the
lookup longer than the process runs)
- exim can lookup users to deliver for in ldap or nis by using getpwnam,
using the C library and nscd, but if it does so, it cannot distiguish a
non existant users from a connection refused.
As a result, you should not use getpwnam and libnss_* for any MTA, but
instead you should have the MTA behave as a NIS or ldap client and do the
query yourself.
This is possible, but a bit kludgy in exim, and if you do so, exim will
not be able to cache the result.
I've been told that postfix supports this better and will cache the result
of the nis/ldap queries as if you were using nscd
Confirmation appreciated.
- Both MTAs support TLS
- Exim is the only MTA I know that can create virtual aliases on the fly
(i.e. mailman aliases)
- Can postfix, like exim, do mail routing depending on a file (i.e. run
procmail if there is a ~user/.procmailrc or run vacation if there is a
~/.vacation.msg, etc...)
- Does postfix support complete header rewriting (on all the headers, per
header and with regular expressions), like exim does?
- What other cool things can postfix do that exim can't?
===
To: svlug@lists.svlug.org
Subject: [svlug] Re: Postfix vs Exim (JC ?)
Quoting Marc MERLIN, from the post of Thu, 19 Sep:
> Ok, this isn't meant as an Exim rules Postfix sucks (or the other way
> around), I think both MTAs are very good and I'm trying to see which one is
> better for each case.
the way I see it, Postfix (ex. Vmailer) is Venema's answer to Qmail
(Venema and DJB are long time rivals), and I see Exim is a feeble
attempt to create a GPL MTA that will immitate Qmail features, while
keeping sendmail compatibility but not attempting any robustness or
efficiancy or for that matter security like Qmail.
I have little experiance with Exim, I only maintain two hosts running it
and they were both set up by others, and from a few basic problems I
have seen, I can't trust it for serious business use.
The Good - fast to set up, readable config files, excellent for home use
and as the default mailer in Debian. Does userland aliases with
extensions, does "alias on the fly" otherwise known as VERP (coined by
DJB, AFAIK, a modern feature now supported also by postfix and
sendmail), easy to incorporate spamassasin and other third parties.
The Bad - not so easy to make a pop toaster with true virtual users
(a-la qmail's vpopmail), virtusertable's handling of namespace
seperation is a bit lacking. monolithic design affects security, memory
usage and speed.
The Ugly - default configuration writes it's own logs (is that even
configurable?), if a log is unwritable exim will crash without an
explanation, I had to strace it to discover it didn't work because it
didn't have permissions to write the error log.
Queue directoy is one flat dir. scanning each file in that directory,
unless you have Reiser, is at O(n^2). I once had a host with 13K stuck
messages, and that meant 26K files in one directory, most of them
frozen. starting up the exim daemon took 7-8 minutes.
so for me, although there's a license issue, Qmail is the only choice.
and a word in General:
What I wish I could offer my clients and employers is a Free alternative
to Exchange. the designs of all Unix MTAs I know is so far from it that
it can hardly be bent to act like Exchange from the administration point
of view. does anyone know of an effort to build such a system that will
support message tracking, central database storage (avoiding dupes of
CC: messages), message routing, mailbox delegation and such other
features? I'm aware it may mean ditching pop/imap or at least adding
quite a few Email headers for extra features, but the result should be
worth it.
===
Date: Thu, 19 Sep 2002 22:54:51 -0700
From: Marc MERLIN <marc_news@merlins.org>
To: svlug@lists.svlug.org
Subject: Re: [svlug] Re: Postfix vs Exim (JC ?)
On Fri, Sep 20, 2002 at 08:06:09AM +0300, Ira Abramov wrote:
> the way I see it, Postfix (ex. Vmailer) is Venema's answer to Qmail
> (Venema and DJB are long time rivals), and I see Exim is a feeble
> attempt to create a GPL MTA that will immitate Qmail features, while
> keeping sendmail compatibility but not attempting any robustness or
> efficiancy or for that matter security like Qmail.
Well, you are very mistaken. Exim is very sendmail-like in its model. I
wasn't designed to immitate qmail, it was derived from smail, for install
use where Philip works and teaches
Exim is very robust, and you get to pick whether you want to deliver to
mbox, maildir or mbx (for that matter, I think it's the only MTA that does
MBX). If you want robustness, use maildir or MBX if you aren't over NFS
> I have little experiance with Exim, I only maintain two hosts running it
> and they were both set up by others, and from a few basic problems I
> have seen, I can't trust it for serious business use.
I hope you do know that the exim 3.31 I setup on sourceforge.net routes
about one million Emails a day and handles traffic for about 25,000 mailing
lists :-)
(it has never failed)
> The Good - fast to set up, readable config files, excellent for home use
> and as the default mailer in Debian. Does userland aliases with
> extensions, does "alias on the fly" otherwise known as VERP (coined by
> DJB, AFAIK, a modern feature now supported also by postfix and
> sendmail), easy to incorporate spamassasin and other third parties.
I was more asking about postfix, I know exim very well :-)
> The Bad - not so easy to make a pop toaster with true virtual users
> (a-la qmail's vpopmail),
Exim does that very well, but you have to get the config for that. If you
don't really know the exim syntax, there are example config files available.
> virtusertable's handling of namespace seperation is a bit lacking.
> monolithic design affects security, memory usage and speed.
Actually, it does affect security, but exim can be faster due to its
monolithic model (less shuffling around of data: you got the mail, you
deliver it right away, it's actually faster)
> The Ugly - default configuration writes it's own logs (is that even
> configurable?), if a log is unwritable exim will crash without an
There is not default config AFAIK. You just got a bad config with your
distro/package.
> explanation, I had to strace it to discover it didn't work because it
> didn't have permissions to write the error log.
That would probably true of other MTAs too :-)
> Queue directoy is one flat dir. scanning each file in that directory,
# This creates 62 subdirs in /var/spool/exim/input to allow for better disk
# performance
split_spool_directory = true
> unless you have Reiser, is at O(n^2). I once had a host with 13K stuck
> messages, and that meant 26K files in one directory, most of them
> frozen. starting up the exim daemon took 7-8 minutes.
That's because your config wasn't done right.
# This will thaw (i.e. unfreeze) frozen messages every 4 days -- Marc
auto_thaw = 4d
# This will throw away bounces of bounces every 3 days -- Marc
ignore_bounce_errors_after = 3d
# This throws away any frozen message that's been in the queue for more than 10d
timeout_frozen_after = 10d
> so for me, although there's a license issue, Qmail is the only choice.
Uh?
1) You clearly don't know how to admin exim
2) Postfix can be used as a replacement for qmail any day.
Anyway, this was mostly an "exim sucks" message. Not really what I asked for
:-)
===
Date: Fri, 20 Sep 2002 10:05:45 +0300
From: Ira Abramov <lists-svlug@ira.abramov.org>
To: svlug@lists.svlug.org
Subject: [svlug] Exim Rules :)
Quoting Marc MERLIN, from the post of Thu, 19 Sep:
> Anyway, this was mostly an "exim sucks" message. Not really what I asked for
> :-)
well, true. I humbly admit, the two exims I run were set up on Debian
potatos back in 1999, and in an amaturish way at that. Now that I read
your post I'm wiser, and realize I'm pissed at the earlier maintainer
rather than at the program itself.
> mbox, maildir or mbx (for that matter, I think it's the only MTA that does
> MBX). If you want robustness, use maildir or MBX if you aren't over NFS
I have no idea about MBX, but if it's robust but not over NFS, I'd still
go for Maildir.
> > have seen, I can't trust it for serious business use.
>
> I hope you do know that the exim 3.31 I setup on sourceforge.net routes
> about one million Emails a day and handles traffic for about 25,000 mailing
> lists :-)
> (it has never failed)
ok. got me interested. I need to start studying it.
> > The Bad - not so easy to make a pop toaster with true virtual users
> > (a-la qmail's vpopmail),
>
> Exim does that very well, but you have to get the config for that. If you
> don't really know the exim syntax, there are example config files available.
well, now that I see that Exim is enterprise matterial, I'll go study
that.
my favorite is the qmail+vpopmail+qmailadmin combo, that way I get
separate namespaces for domains, and delegation of domain management via
web, including autorepliers and mailing lists. If I could set myself up
with such a toaster on Exim, Qmail may be saying goodbye.
> Actually, it does affect security, but exim can be faster due to its
> monolithic model (less shuffling around of data: you got the mail, you
> deliver it right away, it's actually faster)
well, Qmail delivers right away too, but it doesn't do almost anything
as root, which I feel is more important.
> > The Ugly - default configuration writes it's own logs (is that even
> > configurable?), if a log is unwritable exim will crash without an
>
> There is not default config AFAIK. You just got a bad config with your
> distro/package.
Potato. time to move that machine to Woody, but the amounts of cruft are
frightening.
> > explanation, I had to strace it to discover it didn't work because it
> > didn't have permissions to write the error log.
>
> That would probably true of other MTAs too :-)
all other MTAs I have used either send their logs to the log daemon (and
don't crash if it's not listening) or pipe their output to a logger that
is also less fatal about such problems, or at least drops an error out
on the console for the user.
> > Queue directoy is one flat dir. scanning each file in that directory,
>
> # This creates 62 subdirs in /var/spool/exim/input to allow for better disk
> # performance
> split_spool_directory = true
how nice... why is it a special switch and not a standard feature?
what's the benefit of NOT splitting the spool? what if I already have a
spool and want to switch methods to the hashed one?
> 1) You clearly don't know how to admin exim
well, that specific client just wants me to fix disasters, doesn't want
me to waste time redoing configurations. I don't argue since I'm doing
this part-time till I find a non-sysadmin job.
> 2) Postfix can be used as a replacement for qmail any day.
not with my setups. sadly it won't be a drop-in replacement anymore.
===
Date: Fri, 20 Sep 2002 00:20:35 -0700
From: Aaron T Porter <atporter@primate.net>
To: Ira Abramov <lists-svlug@ira.abramov.org>
Cc: svlug@lists.svlug.org
Subject: Re: [svlug] Re: Postfix vs Exim (JC ?)
On Fri, Sep 20, 2002 at 08:06:09AM +0300, Ira Abramov wrote:
> I have little experiance with Exim, I only maintain two hosts running it
> and they were both set up by others, and from a few basic problems I
> have seen, I can't trust it for serious business use.
If you want to talk about serious business use... I've yet to find
a way to get Qmail to log a unique identifier for a message. There's no
reliable way to track a message, especially if it gets differed. You get
unusable logs with recycled identifiers. I'll take sendmail over qmail any
day. You might also have fun trying to setup an account (via assign) named
joe@domain and then use a .qmail file in aliases to forward joeseph@domain
somewhere else.
===
Date: Fri, 20 Sep 2002 00:23:41 -0700
From: Marc MERLIN <marc_news@merlins.org>
To: svlug@lists.svlug.org
Subject: Re: [svlug] Exim
On Fri, Sep 20, 2002 at 10:05:45AM +0300, Ira Abramov wrote:
> well, true. I humbly admit, the two exims I run were set up on Debian
> potatos back in 1999, and in an amaturish way at that. Now that I read
> your post I'm wiser, and realize I'm pissed at the earlier maintainer
> rather than at the program itself.
To be honest, to really be happy about an MTA, you have to read its docs and
configure it yourself.
> > mbox, maildir or mbx (for that matter, I think it's the only MTA that does
> > MBX). If you want robustness, use maildir or MBX if you aren't over NFS
>
> I have no idea about MBX, but if it's robust but not over NFS, I'd still
> go for Maildir.
MBX is indexed mailbox. It's fast, supports multiple locks, but it's not
safe over NFS.
> my favorite is the qmail+vpopmail+qmailadmin combo, that way I get
> separate namespaces for domains, and delegation of domain management via
> web, including autorepliers and mailing lists. If I could set myself up
> with such a toaster on Exim, Qmail may be saying goodbye.
I'm not sure about the web interface, but I know the rest exists.
> > Actually, it does affect security, but exim can be faster due to its
> > monolithic model (less shuffling around of data: you got the mail, you
> > deliver it right away, it's actually faster)
>
> well, Qmail delivers right away too, but it doesn't do almost anything
> as root, which I feel is more important.
Unless I'm very mistaken, qmail has a portion that runs as root and listens
on port 25.
That portion then passes on the mail to another portion that actually
worries about the actual delivery if the mail is local.
> > That would probably true of other MTAs too :-)
>
> all other MTAs I have used either send their logs to the log daemon (and
> don't crash if it's not listening) or pipe their output to a logger that
> is also less fatal about such problems, or at least drops an error out
> on the console for the user.
Ok.
I guess it's a small shortcoming of exim. I've never been in a position
where it couldn't write to its logs though.
> > > Queue directoy is one flat dir. scanning each file in that directory,
> >
> > # This creates 62 subdirs in /var/spool/exim/input to allow for better disk
> > # performance
> > split_spool_directory = true
>
> how nice... why is it a special switch and not a standard feature?
Because some people want a single queue. Also most mail servers do not need
a hashed queue.
For that matter sf.net, back when I was still admining it, was hovering
around 6k messages in the queue. Even with a single queue dir and ext2, it's
not that slow to parse 6k files.
> what's the benefit of NOT splitting the spool? what if I already have a
> spool and want to switch methods to the hashed one?
You can switch any time, exim will use the current queue and put new
messages in the split queue.
> > 1) You clearly don't know how to admin exim
>
> well, that specific client just wants me to fix disasters, doesn't want
> me to waste time redoing configurations. I don't argue since I'm doing
> this part-time till I find a non-sysadmin job.
That's a very valid point. Admin an MTA, and especially learning about the
MTA in the first place, can be time consuming.
===
Date: Fri, 20 Sep 2002 00:35:53 -0700
From: J C Lawrence <claw@kanga.nu>
To: svlug@lists.svlug.org
Subject: Re: [svlug] Re: Postfix vs Exim (JC ?)
Sadly this turned into an Exim defence post, which was not my intent. I
like and run both Exim and Postfix. I like them both for rather
different reasons.
Four years ago I ran Exim everywhere. A couple years back I moved all
my large mail systems to Postfix; not due to any particular technical
reason, but in the course of debugging a system panic bug on one of my
larger mail systems (turned out to be a bad kernel) I swapped out MTAs
to Postfix and then after the panic bug was fixed brought all the other
mail boxes along behind to maintain parity (it was working fine under
Postfix and I wasn't about to change a working production system).
More recently I moved all my larger mail systems back to Exim. This
time the reason was technical: I wanted to front Mailman mailing lists
with TMDA, as well as offering integrated TMDA support to individual
users of those mail systems. Long story short: Integrating TMDA in the
way I wanted under Postfix is not and was not possible without running
the then CVS version of Postfix. Conversely doing what I wanted under
Exim v3 or v4 exercised only well known/tested aspects of the MTA, and
was fairly trivial to implement. Following that I then moved all the
other main mail systems to Exim to maintain parity again.
MTAs I try and avoid: Sendmail, QMail.
Reasons:
Sendmail: Poor history, opaque configuration, poor performance.
QMail: Nearly impossible to make comply with the FHS. Licensing.
DJB. Bizarrely non-standard configuration (dot files etc).
On Fri, 20 Sep 2002 08:06:09 +0300
Ira Abramov <lists-svlug@ira.abramov.org> wrote:
> Quoting Marc MERLIN, from the post of Thu, 19 Sep:
>> Ok, this isn't meant as an Exim rules Postfix sucks (or the other way
>> around), I think both MTAs are very good and I'm trying to see which
>> one is better for each case.
> the way I see it, Postfix (ex. Vmailer) is Venema's answer to Qmail
> (Venema and DJB are long time rivals), and I see Exim is a feeble
> attempt to create a GPL MTA that will immitate Qmail features, while
> keeping sendmail compatibility but not attempting any robustness or
> efficiancy or for that matter security like Qmail.
Ahem. Exim predates both QMail and Postfix. It also exceeds both QMail
and Postfix' feature sets. Finally, Exim is remarkably robust (even in
the broadest and most general terms), has an admirable security history,
and is quite efficient in its process behaviour. Among the set of MTA's
in fact, in the general case Exim will process more mail for less
resource consumption than the other two.
This is not to say that Postfix doesn't have advantages. Asides from
the cacheing issues Marc mentioned, Postfix has a much faster attack
on its delivery curve.
ObNote: Oddly, for me this leads to Postfix performing less well than
Exim for my loads. My main MTA use is delivery outbound list mail.
As list mail is delivered to the MTA in broadcast bunches, one bunch
per list message, and my lists are moderated with, typically, batches
on 10 - 30 messages released at a time, in the typical case Postfix
had already drained enough of any given batch by the time the next
batch had arrived that there were no gains from parallel delivery to
the target MX. Conversely Exim (which I now run due to ease of
integration of TMDA in front of my lists), with its slower attack
graph and fall-off on mass receipt would delay just enough that it is
able to do bulk parallel deliveries and thus finish the total job
faster than Postfix.
> I have little experiance with Exim, I only maintain two hosts running
> it and they were both set up by others, and from a few basic problems
> I have seen, I can't trust it for serious business use.
I've run both Exim and Postfix for some years now. I've had no problems
of note, and certainly none that weren't of my own causing, with either.
I wager your problems were due to errors on your SysAdm's part, not
Exim's.
> The Bad - not so easy to make a pop toaster with true virtual users
> (a-la qmail's vpopmail), virtusertable's handling of namespace
> seperation is a bit lacking. monolithic design affects security,
> memory usage and speed.
Exim's attack rate is lower than either Postfix' or QMail. Once ramped
however its saturation rate is comparable to Postfix or QMail. This
follows the general pattern of Exim: it works hard to be friendly to the
local host, often excessively so.
Vtable supports I can't comment on: I've not messed with that area.
> The Ugly - default configuration writes it's own logs (is that even
> configurable?), if a log is unwritable exim will crash without an
> explanation, I had to strace it to discover it didn't work because it
> didn't have permissions to write the error log.
This hasn't been true for any of the versions I've built or run. I
don't know what you had, but it was something decidedly weird.
> Queue directoy is one flat dir. scanning each file in that directory,
> unless you have Reiser, is at O(n^2).
False. This is the default, but hashed queues have been an option for
more than a year.
> I once had a host with 13K stuck messages, and that meant 26K files in
> one directory, most of them frozen. starting up the exim daemon took
> 7-8 minutes.
That was a misconfigured MTA. If you configure Exim to keep frozen
messages and then don't do anything to handle or remove them, then yes,
you will run into trouble. You also run into trouble if you never
rotate your logs. Equally surprising.
> What I wish I could offer my clients and employers is a Free
> alternative to Exchange. the designs of all Unix MTAs I know is so far
> from it that it can hardly be bent to act like Exchange from the
> administration point of view. does anyone know of an effort to build
> such a system that will support message tracking, central database
> storage (avoiding dupes of CC: messages), message routing, mailbox
> delegation and such other features?
Nope. I aggressively work in opposite directions to almost all of
those.
===
Date: Fri, 20 Sep 2002 11:30:15 +0300
From: Ira Abramov <lists-svlug@ira.abramov.org>
To: svlug@lists.svlug.org
Subject: [svlug] Re: Re: Postfix vs Exim (JC ?)
Message-ID: <20020920083015.GM27193@ira.abramov.org>
Quoting Aaron T Porter, from the post of Fri, 20 Sep:
> On Fri, Sep 20, 2002 at 08:06:09AM +0300, Ira Abramov wrote:
> > I have little experiance with Exim, I only maintain two hosts running it
> > and they were both set up by others, and from a few basic problems I
> > have seen, I can't trust it for serious business use.
>
> If you want to talk about serious business use... I've yet to find
> a way to get Qmail to log a unique identifier for a message. There's no
> reliable way to track a message, especially if it gets differed. You get
> unusable logs with recycled identifiers.
I find it quite trackable. recycling an identifier after the message
obviously marked as having finishing its path is not a problem, and
there are tools that use that for stats quite well.
http://www.cyberdesk.com/qmail/analog.html
based on this you can get lovely MRTG graphs or detailed reports. seek
out qmailanalog and its various syblings.
> I'll take sendmail over qmail any day. You might also have fun trying
> to setup an account (via assign) named joe@domain and then use a
> .qmail file in aliases to forward joeseph@domain somewhere else.
qmail extentions use "-" unless you are very specificly misconfiguring
it. joeseph should not be a problem, however joe-seph would be a
headache (though not unresolvable)
===
Date: Fri, 20 Sep 2002 12:01:43 +0300
From: Ira Abramov <lists-svlug@ira.abramov.org>
To: svlug@lists.svlug.org
Subject: [svlug] Re: Exim
Quoting Marc MERLIN, from the post of Fri, 20 Sep:
> > well, true. I humbly admit, the two exims I run were set up on
> > Debian potatos back in 1999, and in an amaturish way at that. Now
> > that I read your post I'm wiser, and realize I'm pissed at the
> > earlier maintainer rather than at the program itself.
>
> To be honest, to really be happy about an MTA, you have to read its
> docs and configure it yourself.
mea culpa. I detest those two clunky old servers to the point of
neglect. they are full of ugly old cruft, and fixing one side of the
house-of-cards means I must upgrade and change a whole other bunch of
stuff, and since my boss doesn't care, I lost all drive to be bothered
myself. Hate this.
Luckily I found a new job I like starting in 10 days. interesting job
and friendly environment make all the difference.
> > well, Qmail delivers right away too, but it doesn't do almost
> > anything as root, which I feel is more important.
>
> Unless I'm very mistaken, qmail has a portion that runs as root and
> listens on port 25. That portion then passes on the mail to another
> portion that actually worries about the actual delivery if the mail is
> local.
I said _almost_ anything. the two bits of code that run as root do
extremely little, read only files in specific locations (not /etc and
sensitive areas), do not have any code that writes to files, and
fork/pipe to a non-root process as soon as possible. according to ps aux
on my machine, tcpserver listens to ports 25 and 110 on my machine but
runs as qmaild and vpopmail. the only bit that has to keep root status
is qmail-lspawn whose only duty is to spawn local delivery agents like
procmail as non-root, and it's only several hundred lines of C, so it's
easy to check how fool-proof it is.
> Ok. I guess it's a small shortcoming of exim. I've never been in a
> position where it couldn't write to its logs though.
I discovered that after a log file was chowned to root by an unknown
script on the system. it never happend again, so I have never closed
that X-file, but still it bothers me.
> > how nice... why is it a special switch and not a standard feature?
>
> Because some people want a single queue.
it IS a single queue, only hashed.
> Also most mail servers do not need a hashed queue. For that matter
> sf.net, back when I was still admining it, was hovering around 6k
> messages in the queue. Even with a single queue dir and ext2, it's not
> that slow to parse 6k files.
well, the machine this particular example was running on, I had a poor
Pmmx/200.
> > > 1) You clearly don't know how to admin exim
> >
> > well, that specific client just wants me to fix disasters, doesn't
> > want me to waste time redoing configurations. I don't argue since
> > I'm doing this part-time till I find a non-sysadmin job.
>
> That's a very valid point. Admin an MTA, and especially learning
> about the MTA in the first place, can be time consuming.
it's not a valid point. I don't like the way I'm handling that server,
it is very unprofessional, but that client and my boss care more about
saving money than doing the right thing, no one will pay me for the time
needed to fix it, and at the moment, I prefer to pay the rent than learn
a new MTA with all its fine tunes and tweaks. I hereby swear I'll start
looking into it one day though :)
===
Date: Fri, 20 Sep 2002 12:32:27 +0300
From: Ira Abramov <lists-svlug@ira.abramov.org>
To: svlug@lists.svlug.org
Subject: [svlug] Re: Re: Postfix vs Exim (JC ?)
Quoting J C Lawrence, from the post of Fri, 20 Sep:
> QMail: Nearly impossible to make comply with the FHS.
works for me via Debian's qmail-src.
> Licensing.
yup. that IS a painful point, I agree.
> DJB.
yeah, well. The world has to have its briliant-yet-stubborn asses. as
Shaw observed, it's the unreasonable people that push humanity forward.
> Bizarrely non-standard configuration (dot files etc).
non standard but highly efficiant and easy to parse by surrounding
scriptologies. when I took my first steps in the DJB world I was also
put off by them, but I see today the beuty behind it, and some of his
designs concepts have led my own software designs to be better.
> Ahem. Exim predates both QMail and Postfix.
well, I stand corrected once again.
> It also exceeds both QMail and Postfix' feature sets. Finally, Exim
> is remarkably robust (even in the broadest and most general terms),
which I have yet to tweak and see. Marc says it's flawless on sf.net,
and I bow to that.
> has an admirable security history, and is quite efficient in its
> process behaviour. Among the set of MTA's in fact, in the general
> case Exim will process more mail for less resource consumption than
> the other two.
I have never seen Qmail, even with very rare Email loops, bring down a
machine. Exim+mailman (Now I guess badly configured) drove a server to
load averages of 10 and 20 in front of my eyes.
> Vtable supports I can't comment on: I've not messed with that area.
on heavy servers there is always the problem of updating that table.
with Qmail such updates are point updates that don't disrupt the system,
and updates to lists (rather than single-user file) are done correctly
with flags. I had a situation at an ISP where the 2 seconds it took
sendmail to compile a new virtusertable, in the meantime lookups were
not locked and so for two seconds there was no virtual domain mapping,
and all the business users with the virtual domains had their mail
delivered to regular users or bounced. BAAAAD idea. I trust postfix and
exim are more careful about such updates.
> > What I wish I could offer my clients and employers is a Free
> > alternative to Exchange.
>
> Nope. I aggressively work in opposite directions to almost all of
> those.
well, I do both directions. minimum-features pop toasters with virtual
domains, virtual users. qmail+vpopmail+qmailadmin+courier-imap+IMP
installs and configures in 2 hours tops to an almost zero-maintenance
toaster. Almost to the point that I thought I should design an appliance
around it and sell it. However the other directions are offices that
need the common addressbooks, message routing and tracking, iCalendar
integration and other bits, and for now it's unavailable in parts and
hard to coordinate in others. Here's another idea for a startup :)
Happy Sukkot to all the Jews on the List :)
Off for the weekend,
Ira.
===
Date: Fri, 20 Sep 2002 08:53:15 -0700
From: J C Lawrence <claw@kanga.nu>
To: svlug@lists.svlug.org
Subject: Re: [svlug] Re: Re: Postfix vs Exim (JC ?)
On Fri, 20 Sep 2002 12:32:27 +0300
Ira Abramov <lists-svlug@ira.abramov.org> wrote:
> Quoting J C Lawrence, from the post of Fri, 20 Sep:
>> QMail: Nearly impossible to make comply with the FHS.
> works for me via Debian's qmail-src.
There's a difference between "works" and "fits FHS expectations".
>> DJB.
> yeah, well. The world has to have its briliant-yet-stubborn asses. as
> Shaw observed, it's the unreasonable people that push humanity
> forward.
Fairly simply: DJB is skilled, but annoying. I have insufficient
justification to use any of his tools as there are other tools for
everything he has written that either do as well or better for me, and
are written by people whom I don't find annoying.
>> It also exceeds both QMail and Postfix' feature sets. Finally, Exim
>> is remarkably robust (even in the broadest and most general terms),
> which I have yet to tweak and see. Marc says it's flawless on sf.net,
> and I bow to that.
Yup. I'm afraid I bear some culpability there. I introduced Exim to VA
when I moved their in-house mail servers to Exim, and things kinda moved
forward from there.
>> has an admirable security history, and is quite efficient in its
>> process behaviour. Among the set of MTA's in fact, in the general
>> case Exim will process more mail for less resource consumption than
>> the other two.
> I have never seen Qmail, even with very rare Email loops, bring down a
> machine. Exim+mailman (Now I guess badly configured) drove a server to
> load averages of 10 and 20 in front of my eyes.
Exim has a config value which states the system load when it should
start backing off. My recollection (without checking) is that the
default value is rather low.
===
Date: Sat, 21 Sep 2002 22:51:08 -0700
From: Marc MERLIN <marc_news@merlins.org>
To: Florin Andrei <florin@sgi.com>
Cc: svlug@lists.svlug.org
Subject: Re: [svlug] SpamAssassin + Postfix [was: Free SPAM/Virus Filter?]
On Thu, Sep 19, 2002 at 01:36:06PM -0700, Florin Andrei wrote:
> The S.A. documentation is not very generous with interfacing it with
> different MTAs.
You can always run it from procmail
With sendmail, there is a milter.
With Exim, you can run it inside exim.conf for exim 3:
http://dman.ddts.net/~dman/config_docs/exim4_spamassassin.html
or at SMTP time with sa-exim
http://marc.merlins.org/linux/exim/sa.html
===
Date: Mon, 23 Sep 2002 19:08:25 +0300
From: Ira Abramov <lists-svlug@ira.abramov.org>
To: svlug@lists.svlug.org
Subject: [svlug] Exim configuration and tuning
well, I'm taking the dive. the server desperately needed an upgrade from
potato to Woody, and I'm moving it from its weird config that ran over
3.12 to 3.25. I am also redoing the config file, basing it on the
default one given by the eximconf tool supplied in Debian.
Quoting Marc MERLIN, from the post of Thu, 19 Sep:
>
> # This creates 62 subdirs in /var/spool/exim/input to allow for better disk
> # performance
> split_spool_directory = true
this was not even mentioned as commented. added, thanks!
lots of the syntax seems to be very different. I see in the old files
sections for ROUTERS and in the new file it's called DIRECTORS, only the
stanzas between them seem to have intermixed, and the syntax, again, is
quite different...
old:
----
begin routers (all sections have "begin