Slashdot Mirror

Disclaimer: I admin a qmail box, so unless you have qmail as your mail server, this probably won't work. (But you really should get it, because it rocks big time, even if you can't stand DJB)

You will need to have DJB's mess822 package installed as well. That said, I put these lines in my .qmail file (which directs how mail is delivered):

|condredirect username-safe@mydomain.com /usr/local/bin/iftocc
|condredirect username-safe@mydomain.net sh -c 'echo $SENDER | grep -f bccexempt > /dev/null'
|/var/qmail/bin/preline -df /bin/sed "s/^S[Uu][Bb][Jj][Ee][Cc][Tt]:/Subject: THISISSPAM ($SENDER) /" | qmail-inject -a username-safe@mydomain.com

Line 1: Delivers any email where my address is in the To: or Cc: lines, and exits. Otherwise, it falls through to...
Line 2: Delivers any email where my address is in the Bcc: line, PROVIDED that the FROM address is listed in a special file in my home directory, called bccexempt. This way, it denies ANY bcc delivery to my address, unless I explicitly list the from address in my bccexempt file. It will then exit if it passes this test. Otherwise, it falls through to...
Line 3: Injects the phrase "THISISSPAM" into the subject line. This way, I can filter on the subject line in virtually ANY email reader on the planet. Another option would be to simply throw it into /dev/null, but this way I can adjust my bccexempt filter if I need to, because it also lists the FROM address in the subject if it's marked as spam. I just have my email reader filter for THISISSPAM in the subject line, and if it finds it, it marks it as read and dumps it into a separate folder away from my Inbox where I don't have to look at it, or even know it's there. Once every 2 or 3 weeks, I quickly browse through the list of spam addresses, and if I find any legitimate emails, I add the sender to my bccexempt list so the mail will be delivered into my Inbox.

Then I created a .qmail-safe file to handle the forwards where the legit email really gets sent to, and I have that dump into ./Maildir/ to deliver normally.

The first month I had this in place, I received nearly 200 spams, and approximately 12 of those actually made it into my Inbox. This works so well because most spammers use BCC to send out their spam. This filter gives you control over who can BCC you. I know this doesn't stop spam at the source. I know it doesn't cut down on bandwidth usage. I know they can bypass it by mailing me directly. But I also know that there were 200 spams the first month that never entered my inbox.

-D

No, no, no.
If you want to go the "Sendmail is buggy" way, well, at least, try to be informative where the alternatives are concerned.

For those who wish to try another MTA, the three big ones, not counting Sendmail, are Exim (small and easy, good for your home net), Qmail, and Postfix (fast and powerful, my personal fav). All four have their good points, and all four are certainly worth checking before you decide on one.

See? I mean, if Sendmail is still so widely used, there is a reason, you know... :)

There are a lot of another security problems than buffer overflows and format-string bugs:

• Calling shells with untested user-provided parameters (e.g. 'filename; rm -rf /').
• Constructing filenames out of untested user-provided parameters (e.g. ' ../etc/passwd' - there should be more of '../' but Slashdot does not like that).
• Providing access to other users' data (e.g. relying on users not doing URL hacking).
• Not limiting ressources (=> DoS Attacks); note that 'secure' languages are much more prone to that error because programmers usually don't care sbout size...
• Trigger bugs in the environment (interpreter, compiler's RTL).
• Scripting languages: Constructing programme code including user-provided data (e.g. with perl's eval statement).

Now if these programmes even run as root because 'they are secure anyway'...

The real solutions have to be different:

• Divide everything into small programmes that do simple tasks.
• Run every task in a sandbox (chroot environment, user account,...) that gives no more access than absolutely necessary.
• Don't trust input be it from the user or another part of the system.
• ...
  And finally:
• Be paranoid!

For example, look at qmail's secutiry scheme.

My ISP (012.net) does that for a while now.. It's really annoying, but we solved after enabling pop on smtp on the remote mail server.

We're using QMail+VPOPMail for that, and it works very nice.

A few years ago, I went to work for a small company as a "jack of all trades" network admin. Closing the open relay on one of the mail servers was pretty low on my priority list - I had a lot of other things to look at (like the web servers) and wasn't even aware that we had an open relay.

Well, once we started getting blocked I had to track down the problem when some of our clients couldn't receive email from us. The end result was that I migrated us to a qmail based system (great mail server) and learned a bit about controlling SPAM. Admittedly, at the time it was a royal pain, but looking back I see the utility of their system. It took a couple of days to resolve, but the whole process had the desired effect - we closed our open relay.

I understand the reasons its going commercial, but I think that they will marginalize themselves as a result. All in all, I think that's a shame.

I wasn't aware (read: didn't care) that RedHat was involved in any hullabaloo regarding qmail & djbdns. However:

Qmail and djbdns are each distributed under licenses which basically prohibit you from distributing modified binaries. You can redistribute the source, you can write patches for (and redistribute) it, you can distribute binaries. You may not redistribute patched binaries or directly modified source. The full text is here

This makes GPL die-hards pretty upset. If I'm reading this correctly, some folks petitioned RedHat to include both qmail and djbdns in their distribution, and RedHat balked because of license issues. The thing is, they already were distributing Netscape, so the license argument sounded kind of lame.

Even with ReiserFS, there is some overhead of space and time involved in managing files. Each file has a directory entry and an inode or two; while ReiserFS may unambiguously improve the time efficiency, that does not result in the space overhead falling to zero.

This is very true, although I was more concerned with time than space at the current price of a few hundred GB of disk space.

If he tried to find some places for agreement, his software would probably get used more.

This, and providing "--help" options to his programs I suggested as being helpful ... right before the deluge of hate-mail ...

He thinks about the notion of proving correct behaviour

He never did reply to my philosophical statement that his famous statement, "profile, don't speculate" was incorrect since speculation is scientifically required for eventual proofs to happen.

Qmail and Dnscache are still personal favorite pieces of software for servers, although there are many things they could do much better than they do. Luckily, Dan seems to attract a large number of patch-writers and individuals who kindly host useful websites like qmail.org and djbdns.org.

If you are worried about null-terminated strings, perhaps in light of Theo de Raadt's estimate that half of all calls to stncpy() and strncat() were botched, there are alternative representations available that are easy to use correctly and have withstood extensive real-world testing.

You can already do this yourself if your ISP uses qmail and allows you to edit your own .qmail files. (Pay attention to Section 4.1.5 on extension addresses)

If you're in this situation, you're in big trouble no matter what MTA you're using.

Sendmail's code isn't as bad as you paint it, though. Thousands of pairs of experienced eyes have pored over it -- certainly more than for any other MTA.

If you really are concerned about Sendmail, wrap it with smtpd or use qmail. Warning: you'll still need to understand the underlying principles to control relaying and block spam and malware. And don't assume that it will necessarily be that much easier. as this FAQ explains, using spam prevention tools such as DNS blacklists with qmail is more complex than doing it with Sendmail (which requires only one line per blacklist in your .mc file).

--Brett

*sigh*... You and other system administrators wouldn't have to worry about getting vengence on spammers in the first place if you use an MTA like PostFix or qmail. They're a lot easier to configure to filter out all the crap. They're pretty secure, too.

I've used tarpitting to reduce the flow of spam through my mailserver, and it seems to work pretty well. There are patches out there for QMail (awesome) that seem to do the trick. There are other various recipes and such for procmail that work well. If you're looking to poison their spamlists, take a look at sugarplum, a spamlist poisoner for webservers. On a totally unrelated note, but on the same vein (poisonbots), take a look at peachpit, a censorware spider trap.

• qmail My favorite MTA. Altough the license can't officially be called 'free', you are free to modify the sources.
• Apache-SSL The most extensible webserver with good security features.
• PHP A very popular domain language for the web, with lots of extra modules.
• Horde I recently 'discovered' this ASP platform for PHP code, and began to like PHP because of it.
• IMP I've just hooked up an Apache-ssl/IMP webmail setup to my qmail/IMAP system (residing on another host), and it was very easy to do (thanks to the great Debian maintainers!). The functionality of the webmail client is pretty good compared to some others, altough the calender system is not integrated yet (help out if you can ;). And it even has a multi-language spellings checker.
• IMAP Used with qmails Maildir format makes a very scalable, robust and maintainable email system.
• PostgreSQL My favorite RDBMS, and getting better all the time.
• LDAP IMP has a nice lookup interface for multiple LDAP servers, it allows for easy point-and-click "to" and "bcc" selections.
• Kronolith The calendar component used in Horde, It uses the MCAL and supports multiple users accessing the same calendar.
• MCAL This is a flexible C library for accessing calendars. Altough I've not used it (yet).

• qmail My favorite MTA. Altough the license can't officially be called 'free', you are free to modify the sources.
• Apache-SSL The most extensible webserver with good security features.
• PHP A very popular domain language for the web, with lots of extra modules.
• Horde I recently 'discovered' this ASP platform for PHP code, and began to like PHP because of it.
• IMP I've just hooked up an Apache-ssl/IMP webmail setup to my qmail/IMAP system (residing on another host), and it was very easy to do (thanks to the great Debian maintainers!). The functionality of the webmail client is pretty good compared to some others, altough the calender system is not integrated yet (help out if you can ;). And it even has a multi-language spellings checker.
• IMAP Used with qmails Maildir format makes a very scalable, robust and maintainable email system.
• PostgreSQL My favorite RDBMS, and getting better all the time.
• LDAP IMP has a nice lookup interface for multiple LDAP servers, it allows for easy point-and-click "to" and "bcc" selections.
• Kronolith The calendar component used in Horde, It uses the MCAL and supports multiple users accessing the same calendar.
• MCAL This is a flexible C library for accessing calendars. Altough I've not used it (yet).

• qmail My favorite MTA. Altough the license can't officially be called 'free', you are free to modify the sources.
• Apache-SSL The most extensible webserver with good security features.
• PHP A very popular domain language for the web, with lots of extra modules.
• Horde I recently 'discovered' this ASP platform for PHP code, and began to like PHP because of it.
• IMP I've just hooked up an Apache-ssl/IMP webmail setup to my qmail/IMAP system (residing on another host), and it was very easy to do (thanks to the great Debian maintainers!). The functionality of the webmail client is pretty good compared to some others, altough the calender system is not integrated yet (help out if you can ;). And it even has a multi-language spellings checker.
• IMAP Used with qmails Maildir format makes a very scalable, robust and maintainable email system.
• PostgreSQL My favorite RDBMS, and getting better all the time.
• LDAP IMP has a nice lookup interface for multiple LDAP servers, it allows for easy point-and-click "to" and "bcc" selections.
• Kronolith The calendar component used in Horde, It uses the MCAL and supports multiple users accessing the same calendar.
• MCAL This is a flexible C library for accessing calendars. Altough I've not used it (yet).

• qmail My favorite MTA. Altough the license can't officially be called 'free', you are free to modify the sources.
• Apache-SSL The most extensible webserver with good security features.
• PHP A very popular domain language for the web, with lots of extra modules.
• Horde I recently 'discovered' this ASP platform for PHP code, and began to like PHP because of it.
• IMP I've just hooked up an Apache-ssl/IMP webmail setup to my qmail/IMAP system (residing on another host), and it was very easy to do (thanks to the great Debian maintainers!). The functionality of the webmail client is pretty good compared to some others, altough the calender system is not integrated yet (help out if you can ;). And it even has a multi-language spellings checker.
• IMAP Used with qmails Maildir format makes a very scalable, robust and maintainable email system.
• PostgreSQL My favorite RDBMS, and getting better all the time.
• LDAP IMP has a nice lookup interface for multiple LDAP servers, it allows for easy point-and-click "to" and "bcc" selections.
• Kronolith The calendar component used in Horde, It uses the MCAL and supports multiple users accessing the same calendar.
• MCAL This is a flexible C library for accessing calendars. Altough I've not used it (yet).

• qmail My favorite MTA. Altough the license can't officially be called 'free', you are free to modify the sources.
• Apache-SSL The most extensible webserver with good security features.
• PHP A very popular domain language for the web, with lots of extra modules.
• Horde I recently 'discovered' this ASP platform for PHP code, and began to like PHP because of it.
• IMP I've just hooked up an Apache-ssl/IMP webmail setup to my qmail/IMAP system (residing on another host), and it was very easy to do (thanks to the great Debian maintainers!). The functionality of the webmail client is pretty good compared to some others, altough the calender system is not integrated yet (help out if you can ;). And it even has a multi-language spellings checker.
• IMAP Used with qmails Maildir format makes a very scalable, robust and maintainable email system.
• PostgreSQL My favorite RDBMS, and getting better all the time.
• LDAP IMP has a nice lookup interface for multiple LDAP servers, it allows for easy point-and-click "to" and "bcc" selections.
• Kronolith The calendar component used in Horde, It uses the MCAL and supports multiple users accessing the same calendar.
• MCAL This is a flexible C library for accessing calendars. Altough I've not used it (yet).

• qmail My favorite MTA. Altough the license can't officially be called 'free', you are free to modify the sources.
• Apache-SSL The most extensible webserver with good security features.
• PHP A very popular domain language for the web, with lots of extra modules.
• Horde I recently 'discovered' this ASP platform for PHP code, and began to like PHP because of it.
• IMP I've just hooked up an Apache-ssl/IMP webmail setup to my qmail/IMAP system (residing on another host), and it was very easy to do (thanks to the great Debian maintainers!). The functionality of the webmail client is pretty good compared to some others, altough the calender system is not integrated yet (help out if you can ;). And it even has a multi-language spellings checker.
• IMAP Used with qmails Maildir format makes a very scalable, robust and maintainable email system.
• PostgreSQL My favorite RDBMS, and getting better all the time.
• LDAP IMP has a nice lookup interface for multiple LDAP servers, it allows for easy point-and-click "to" and "bcc" selections.
• Kronolith The calendar component used in Horde, It uses the MCAL and supports multiple users accessing the same calendar.
• MCAL This is a flexible C library for accessing calendars. Altough I've not used it (yet).

Don't forget Qmail.

Third-party qmail support is available from many vendors, not just inter7.
-russ

I've set up at least a dozen qmail servers: small ones, big ones, red ones, blue ones...

Sendmail's a whore, and that's really the only other Linux MTA I've used. I've heard good things about Postfix but seriously I haven't found a single thing wrong with qmail:

• It's small and fast
• infinitely configurable
• handles aliases and virtual domains easily
• antispam features
  • RBL and ORBS patches
  • tarpitting patches
• Works with AOL DNS hacks
• bigserver patches
• simple to add "defang" and virus scans
• POP3 and IMAP capable
  • With optional APOP and selective relaying
• Maildir mailbox format better than anything else
• web-adminnable
• Plugin for mailing lists
  • automatic archiving and web indexing
• Third party support available

Jesus I have a lot more respect to the link crazy posts out there. :-)

At any rate -- I've run it for years now and never had a problem. The servers just work. We've used an alias system and serialmail to allow branch offices to pick up mail for their local users without requiring a permanent net connection. The ability to run any program on receipt of a message or delivery to a specific address is very handy, as is the ability for individual users to tailor their own mail deliveries and create their own mailing lists and aliases. Very powerful and very cool.

And, despite what some others have said about the brain damage involved in adding features to the source code: it's not that bad. I do wish, however, that there were at least some comments... The total lack of comments and useful variable names are a hindrance.

Go get it. Install it. Love it.

Or use just use qmail, and let the world know you are using a secure MTA :-)

I recently switched by home mail server from sendmail to qmail. If you know sendmail, it's a bit of a learning curve, since it works *very* differently. On the other hand, if you're starting from scratch and don't have sendmail-based preconceptions of how the world should work, it shouldn't be any harder to pick up.

QMail's major benefits are security and scalability. It was designed specifically to avoid the kind of security issues that have plagued sendmail over the years, and the author has offered a bounty to anyone who finds a hole. As far as I know, it's still unclaimed, and qmail is used by many of the big e-mail shops (yahoo, hotmail until the win2k switch, etc...).

I run it with OpenBSD, the primary reason being that I don't have much time to maintain it, ie, make lots of security patches. Not that OpenBSD is perfect by any means, but it does let me sleep a little more soundly at night. Not that I've stopped reading CERT advisories...

Have you tried look at qmail.org or postfix...? I know there is couple other more secure DNS daemons for *nix.

Open source also has more choice.

The problem is, that's not the only plausible comparison to make. It's more or less like saying, Because Windows Crashes If You Look At It Funny, and Linux doesn't, therefore Linux must be SuperRobust Software.

Which may be a legitimate comparison at one level, but still doesn't mean that closer comparisons aren't more relevant. I'd think we'd learn more from comparing Linux to VMS, or Tandem, or *BSD.

And heading back to relevance, perhaps qmail hasn't gotten "hacked," but it seems to me that we could ask if Postfix has gotten hacked, and find that quite meaningful.

"Did linuxconf just change that BACK?" - Ever have Windows change your custom resources setting back on your SoundBlaster? Its like windows didn't think I was smart enough to look at the jumpers. and enter the correct settings myself.

Solution: don't use linuxconf. It's eeee-vil

"What the hell does this crap in sendmail.cf *mean*?" - If local mail is too complicated, just employ the Windows solution (don't install it).

Solution: Get Nullmailer. Or if you really need a full blown MTA, qmail. Sendmail is a relic.

"Oh, there it is. What the %#*@! does this %#$# *mean*?" - Fatal Execption at OE 8231:xxxxx in NDIS.vxd, 'nuff said. Even MS tech support will give youa big "ummmmm.....yeah....".

Solution: Regexps are a bitch in an OS. :-p

I'm not really sure what the point of this post was. I've been doing software testing since Monday and that'll continue through the end of the week, so perhaps that's it.

I meant to include they will assign for IP-based on exceptions (which I would assume would include SSL). You can do FTP, POP, IMAP, etc... on a virtual host bases (even telnet) but it starts getting tricker (and more limiting).

We run a single IP / multiple host type scenario here... about a dozen and a half websites with individual FTP and email.

• qmail and vpopmail work wonderfully supporting tons of domains under one IP
• Naturally, Apache is what the web server is
• (check freshmeat) ProFTPd seems to use the same interface that Apache uses to give you multiple domains under one IP which remain seperate from each other

I'm not saying all problems can be solved, but the biggest ones (aside from SSL) are gone with some software.

vpopmail in particular is nice... combined with qmailadmin (also on inter7's site) you can give each domain owner the ability to control their email system from a web interface without any hassle on your end. Courier IMAP knows how to handle vpopmail authentication so POP3 and IMAP are done. The only change on the client end is that they must authenticate as "user@domain" instead of just "user". I usually inform people to use user%domain since Netscape tries to be smart and strip off everything after the @.

qmail is an excellent choice for securely replacing sendmail.

DJBDNS may be of some help.

ipchains is your friend...

*cough*qmail*cough*
:)

nerdfarm.org

Investigate the latest version of Courier-IMAP which has built in support for IMAP-SSL/TLS, as opposed to using stunnel.

stunnel is great for a small number of connections, but the overhead of launching a new process every time is fairly significant as you scale up, so Courier does a great job of a lightweight, secure IMAP server.

You have to use maildir - but both Exim and qmail support it natively now, and it's far superior to the traditional mbox format anyway.

However, Debian does provide packages for much of those things, specifically, there is a QMail package. (Though it's slightly different from most others because of QMail distribution requirements).

qmail is technically non-free (it fails to meet the Debian Free Software Guidelines) because its license prevents redistribution of modified versions. Instead, one must distribute a patch which can be applied to the pristine upstream source.

Debian can't package a pristine qmail binary, because qmail's design conflicts with the Debian policy. (qmail uses ~/Mailbox for message storage instead of /var/spool/mail/$USER; and Debian requires that all mail programs use the Debian locking library, which qmail naturally does not use.)

Thus, Debian cannot provide qmail binaries. Instead, they provide "Debianized qmail sources" -- which is basically a collection of the pristine qmail source tarball along with Debian patches and build scripts.

I've used the Debianized qmail before, but honestly, I just don't like it. (It's also caused grief for a lot of people, since at some point during potato it stopped working. I don't have details beyond that, because I stopped attempting to use it, and stopped caring about it.)

Personally, I recommend building qmail yourself from the source code (download it from qmail.org). Debian already gave you the user-IDs and group-IDs in /etc/passwd and /etc/group, so that much of the installation is already done before you even download the source.

Of course, building something as fundamental as a mail transfer agent tends to raise issues with the Debian packaging system. But there's an easy solution: equivs. The Debian "equivs" package allows you to tell the packaging system that you already have a mail-transfer-agent package installed, thankyouverymuch, and please don't delete all the packages that depend on mail-transfer-agent. :)

Oh, and in answer to a previous question in this thread: the default Debian MTA is exim, not sendmail.

(Some of you may know me as greycat on #debian.)

There is nothing at all wrong with an Open Relay in fact if we had less spammers there would probably be many more available for legitimate use.

What, praytell, is a legitimate use for an open relay? If you have internet access you have a server or two you should be sending your mail through. MTA software like qmail have "relay-after-pop check" methods which allow roaming users to send email from anywhere after a valid POP3 mail check.

I've spent a few minutes trying to find a single reason to have an open relay. I can't think of one. Your turn.

All my internal boxes (including a roommates win98 machine) are masqueraded through my LRP router. I forward ssh, http/https, and smtp to an internal box, so my web server is publicly accessible, and I can receive my own mail (I use Qmail).

I also used the Public DNS service to provide forward DNS for 0xd6.org, which goes to my network at home. One bad thing about Telocity is that because they're swamped with tech support, etc., they won't delagate reverse DNS. For my simple home setup, I don't care.

This setup has been up and running for the last few months, I have also assisted a friend and my mother in getting this going. All you need is Telocity and a cheap 486 with two NICs and you're ready to go.

About telocity:
It took about a month from ordering Telocity to having our service installed. My friend and mother's installation went fine but I had a few minor quirks which were easily solved by Telocity (i.e. they knew what the problem was and fixed it themselves). As I mentioned before, Telocity's one true failing is technical support. Be prepared to spend hours waiting to get a human, this is due to the fact that Telocity has many users in many cities. But as for running your own network, Telocity doesn't care what you do as long as you don't do anything commercial. In fact, we were told that our service was limited to 768k down/384k up, but in actuality Telocity doesn't limit up (I've gotten 768k consistently) and they're rate-limiting software doesn't work as well as they thought, because I've gotten over 900k downloading before my speeds started dropping. The moral of this story is: get telocity and go nuts with your setup. Make sure that you protect your network.

Marcus

And yes, sendmail sucks. run qmail or postfix instead.

(I can't belive that I actually reply to such a blunt flamebait ... )

Well, to be honest, its your fault for using BIND!

BIND is notoriously insecure, so you should always run it in a chrooted environment if you are going to use it.

Also, investigate alternative, and far superior servers for services you want to run.

Instead of BIND, look at Dan Bernstein's DNSCache package, which is lightweight, stable and uncrackable. In fact, he offers a monetary reward to the first person who can find a security hole in it.

Similarly, replace sendmail with either qmail, exim, or postfix and get a superior, more intuitive feature set, and better peace of mind security wise.

Also, look at a more secure OS than Linux, for example OpenBSD which has not had a remote security hole in its default installation for over two years now.

What, the ones that prominently display "Microsoft Telnet copyright Microsoft corp." when run? The point is that if you have to search the file for a string that is not prominently displaying the actual source (as in origin) of the program.

The funny thing is that Microsoft continues to say that free software cannot be trusted, whereas they have had to use it for anything mission-critical, like the TCP stack in general. Also the wonders of Hotmail not working with Exchange, only with qmail, and of course freebsd.

That BSD software gets around, too. It forms the heart of the Sun Solaris networking stack, and I would imagine is used by Netware and MacOS. It is of course used by Mac OS X Server and its open source cousin, Darwin.

Another interesting point... if you try to use Microsoft for your main DNS servers, your isp will laugh at you. Everyone knows some form of *nix or *bsd is required for anything so critical. Besides, they are free. ;).

• Use qmail or postfix instead of Sendamil.
• Make sure you have all security patches for your system installed. Redhat users, for example, can find those patches here.
• Linux users can read Linux weekly news for security updates.
• Manage your SUIDs. Make sure you keep a close eye on all your suids. For example, I use this script to put all my suid in the directory /suid/bin:

  #!/bin/sh
  
  find / -type f -perm +6000 > /root/suids
  
  for a in `cat /root/suids` ; do
  

  mv $a /suid/bin
  ln -s /suid/bin/`echo $a | awk -F/ '{print $NF}'` $a
  

  
  done
  
• Obviously, turn off all unneeded network services in /etc/inetd.conf and (usually) /etc/rc.d/rc3.d. You can see what services are running on your machine with netstat -na.
• For a UNIX that is free and (hopefully) secure out of the box, check out OpenBSD or Trustix.

- Sam

For and IMAP server I use the Courier IMAP package. It is a small, featurefull server which support Maildir. It would probably be fine for your needs as it has a very well designed authentication model which supports LDAP (among other things). Courier is faster and smaller than UW-IMAP and Cyrus.

Finally I use TWIG for Webmail. It supports IMAP mail, calendars, contact lists, newsgroups, etc. It is also based on PHP (yay!).

It is a very nice setup, and wasen't too hard to setup. Oh, I forgot to mention that the server is FreeBSD 3.4.

I definitely second the choice of qmail + ezmlm[-idx]. (-idx for the moderation features) ;)

But for a list of any size you probably want the software to handle subscriptions and bounces automatically and securely, and ezmlm does just that by sending cryptographically secure confirmation requests and handling bounces by encoding the subscribers address in the Return-Path.

See http://cr.yp.to/qmail.html and http://www.qmail.org for more advertising.

This is what's happening with ILOVEYOU: users are manually running an executable

No, they aren't. Just ask them what they think they're about to do before they do what you say they're doing. They're highly unlikely to say "I'm going to manually run this executable".

More likely, they'll say "I want to see what's in this file!". And that's what double-clicking an icon is for. (Except in certain contexts, when a sizable percentage presumably knows double-clicking runs a program. Reading email is clearly not one of those contexts.)

The fact that they aren't shown what's in the file, but instead have arbitrary code with the equivalent of Unix `root' privileges executed on their system, in an environment where tight integration among applications basically guarantees easy access to all sorts of personal data, makes this a highly preventable, as well as insidious, bug in the design of Microsoft software.

IMO, the biggest enabler of this bug was the decision by Microsoft, at the highest levels, to deploy Windows 9x as an "easy-to-use" OS for people wanting access to the Internet.

Even at the time that decision was made, Microsoft certainly had more than enough expertise to know it was a technically unsupportable one, from a security standpoint. I.e. they knew the Internet was hostile, that Win 9x was unsecure, that their highly integrated software made even security-by-obscurity basically irrelevant, and that their targeted user base had no expertise in securing themselves against the inevitable problems.

(At least, I really doubt I understood these issues better as a 16-year-old in the mid-'70s than the geniuses at Microsoft did circa 1995. Actually, even in the late '70s, I couldn't understand how these newfangled personal computers could fit a whole OS in 64K, until I was stunned to find out they'd ignored the whole timesharing security model. The viruses that swept the PC- and Mac-using world were never a surprise to me, of course, nor to most anyone else hacking timesharing systems before the PC generation.)

The estimates I've heard of losses are in the $Billions, but I agree Microsoft won't have to pay a dime (i.e. they won't recall Win 9x for all Internet users).

And bear in mind I'm not saying MS should have taken steps to prevent people using Win 9x for Internet use. They should have made it clear it wasn't suitable, and left it up to end users to decide whether to install 3rd-party software that let them ride the 'net. Of course, that wouldn't have earned MS the huge extra $Billions in income, or the huge additional stock valuations, which is why they didn't do the obviously "right" thing.

BTW, my wife, whose responsibilities include an IT department at the world headquarters of a well-known institution, was, needless to say, not happy about the ~36 hours of organization-wide downtime suffered due to this bug. Especially when I said "gee, don't y'all have your SMTP servers reject any incoming email that have unrecognized, or code-bearing, attachments?", she said "no, we can't make our [MS-based] software do that", and I pointed out that it was a topic often covered as being fairly easy to do on the qmail mailing list. I had assumed, obviously erroneously, that last year's Melissa had convinced everyone to get their act together, disable certain kinds of attachments, etc. Not that I pay much attention to viruses: I run GNU/Linux, and use a dialup (no static IP), among many other things. The only time I see virus-protection software being run is when it's being run on someone else's computer!

Why businesses willingly pay $Millions to Microsoft so they can get "flashy" software that causes them random downtime of days per year, with "nobody to sue" as the anti-Open-Source FUD goes, is something I have yet to be able to explain using logic. (Using psychology or anthropology, however....)

More likely, it was a problem with using mail files in /var/spool/mail (VSM). Even using dot locks and other tricks, it's still quite easy to corrupt the mail folder if there's potentially more than one process writing to the same file.

That's the big win with Maildirs (originally exclusive to qmail). Since each mail message is a separate file, and there is a strict protocol for creating/renaming/deleting those files, the possibility of mail folder corruption is zero. No lost messages.

I should be easy for almost any organization to switch from VSM to Maildirs, unless that org has a bunch of old-time Unix-heads that are totally in love with their existing mail tools and scripts.

For my company, it was trivially easy, because all the users access their mail through the web or IMAP.

There are plenty of tools for Maildirs (including maildirdeliver, which can be used with sendmail) at qmail.org.

James

qmail with ezmlm is your solution. Use it instead of sendmail. To create a mailing list, you put a file in your home directory called .qmail-listname, and use the address yourlogin-listname, and qmail does the right thing (instant listserver! No admin needed!). There is even a couple of web-based interfaces (EZmlm-Web 1.02 and another one here) for adding and deleting users from a list.

qmail is pretty sweet anyway, you should be using it.

darren

No matter what license code comes under, as long as all of the source code is available (even if it's look but don't touch), problems like this will be prevented by simple code auditing and peer review.

And that's why I'd never trust a piece of Microsoft server software over Apache or Qmail for example. A lot of Microsoft software is relatively stable now (my win2k install hasnt needed rebooting in a month), but so closed and opaque that there's no way whatsoever to audit or confirm that a million backdoors aren't present. One has been found, how many others?!

I had been running it under TCP wrappers (in paranoid mode) so I rejected mail from all sites who have their reverse DNS messed up

The way I have my mail server set up is so that

• When I started to use TCP Server (as a part of my qmail setup) I block mail for most .jp servers. I have NEVER received any valid messages from those domains.
• Block most .kr domains
• Block most co.cn
• Deny all known spam sites (like mastermarketer.com, etc.)

I'm sure you can block others. I could prolly rig up something to block/filter based on orbs.

If I was a sendmail fan, I would tell you that "you're not supposed to edit the .cf file!" ... but I'm not; I prefer qmail.

qmail rocks!

Security is rock solid

Migrating a sendmail config is not trivial (postfix might be better if that's your sole aim), however, the native configuration is far more intuitive once you get there. If you've been having problems configuring sendmail, you definately ought to check out qmail. Get it here

I've been running qmail on a pair of servers (in a very low volume site) and have had no problems at all, once I got it set up OK. Sendmail was a different matter...

Sendmail is a piece of crap.

Okay, now that that is out of the way, here are the links to modern mail servers-

Postfix
Qmail

- A sysadmin stuck with sendmail

Yes. Easily. qmail with the vpopmail addon from Inter7 will make you wonder why you ever bothered to try and configure Sendmail.

You might also be interested in their qmailadmin addon which allows web-based management of domains, and sqwebmail which adds a hotmail-esque web interface for checking & sending email.

qmail is different than Sendmail, considerably so. But once you understand how it works, I think it's design is far superior to that of Sendmail. It's much more unixy, IMNSHO. There is ample evidence that qmail is considerably faster and less resource intensive than Sendmail, but what really made the difference for me was the security focus of qmail.

As I said, qmail is different from Sendmail, but there is a lot of contributed documentation available as well as commercial support. The qmail community is large, capable and very motivated. They do have one problem though, they don't have a 4-inch-thick O'Reilly book dedicated to their MTA...
...hmmm, maybe there's a reason for that!

Yes. Easily. qmail with the vpopmail addon from Inter7 will make you wonder why you ever bothered to try and configure Sendmail.

You might also be interested in their qmailadmin addon which allows web-based management of domains, and sqwebmail which adds a hotmail-esque web interface for checking & sending email.

qmail is different than Sendmail, considerably so. But once you understand how it works, I think it's design is far superior to that of Sendmail. It's much more unixy, IMNSHO. There is ample evidence that qmail is considerably faster and less resource intensive than Sendmail, but what really made the difference for me was the security focus of qmail.

As I said, qmail is different from Sendmail, but there is a lot of contributed documentation available as well as commercial support. The qmail community is large, capable and very motivated. They do have one problem though, they don't have a 4-inch-thick O'Reilly book dedicated to their MTA...
...hmmm, maybe there's a reason for that!

Yes. Easily. qmail with the vpopmail addon from Inter7 will make you wonder why you ever bothered to try and configure Sendmail.

You might also be interested in their qmailadmin addon which allows web-based management of domains, and sqwebmail which adds a hotmail-esque web interface for checking & sending email.

qmail is different than Sendmail, considerably so. But once you understand how it works, I think it's design is far superior to that of Sendmail. It's much more unixy, IMNSHO. There is ample evidence that qmail is considerably faster and less resource intensive than Sendmail, but what really made the difference for me was the security focus of qmail.

As I said, qmail is different from Sendmail, but there is a lot of contributed documentation available as well as commercial support. The qmail community is large, capable and very motivated. They do have one problem though, they don't have a 4-inch-thick O'Reilly book dedicated to their MTA...
...hmmm, maybe there's a reason for that!