Slashdot Mirror
The Exim SMTP Mail Server
A bit of history, first. Exim is currently in its fourth version, and is developed by Philip Hazel at the University of Cambridge Computing Service. The third release was accompanied by an O'Reilly book, also written by Philip, but there were enough fundamental differences that this release warranted its own volume. And what a book: more than 600 pages straight from the horse's mouth (as it were); you can't go wrong.
The structure is flat, being twenty-two chapters and two appendices long, but I'd say there were three main acts if you take it cover to cover. Philip begins with five chapters that introduce the reader to Internet mail, Exim, and some rudimentary runtime configurations. There's nothing to fear here, as the text is beautifully self-contained, covering topics from the DNS to routing lookups. As Exim's runtime configuration is both flexible and easy to read, the quite technical examples given early on can be understood without flicking to and from other chapters in the book.
The next four chapters cover in a rather succinct manner the parts of Exim that route and transport your messages. By this point you should have a grasp of the philosophy and design of Exim, which allows Philip just to give you the details. This section does feel most like a reference manual but I'm not sure there's another way he could present the information without confusing the reader. The remainder of the book covers each of the Big Features of Exim, one per chapter. I'm guessing that Philip just kept on writing until he ran out of features, rather than time or space! These chapters feel far more like the heart of the book, and the author treads a fine line between thorough process description and distracting technicalities. The two appendices cover regular expression syntax and special variables (both being available to Exim's configuration).
The book would be ideal if, for example, you manage a mail system on your own and don't have a great deal more admin experience close at hand. Its great strength is the vast number of scenarios that Philip has thought up; it seems that if you can think of something that you want the application to do, it'll be in there somewhere. At my site however we do have a good number of people who are familiar with Exim, so armed with a copy of the (equally well written) reference manual we can usually get along just fine.
Those expecting the chatty, irreverent style of an O'Reilly text may be in for a disappointment. Philip writes in a clear, precise manner, and obviously knows the subject matter (literally) inside-out; but there's no messing around and you have to be committed to learning about the subject in question. Having said that, I don't want these last two paragraphs to put you off. If there's even a whiff of a chance of you having to come into contact with Exim or its runtime configuration, then I can do nothing else but strongly recommend this book. The detail's there in spades, it reads very well, and is a fine complement to the reference manual.
For more information, see also the Exim home page, as well as this book's website. You can't yet purchase the book from American retailers, though if you're in a hurry, bn.com stocks the previous version. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
Exim has the same bad monolithic setuid-root style design as sendmail and even more useless (for the majority of people) features. It is a big messy pile of bloat code.
I don't understand why anyone would want to use a piece of software where the author apparently does not have even a small bar of quality or usefulness that a patch must fulfill to be accepted in the main code base. Someone asks for it on the mailing list? It gets added to Exim.
Server software has to be simple, understandable, small yet modular and powerful enough to make it possible to extend it if need be. Exim does not want to be extended, it wants to assimilate everything, making the result too big to be understandable by anyone (I wonder if even the author claims to understand every single line of code in there).
Postfix and qmail have vastly better design, can be extended easily and are minimal for what they strive to offer (in particular qmail).
qmail is used by more people than exim, yet fewer bugs (and in particular security problems) have been found in it. If you have a choice, go for qmail instead.
I've just spent enough time to learn how sendmail works that I don't see learning yet another MTA as being especially necessary. Besides, you can do some neat stuff with sendmail.
------------
Sorry, I have to post this as an AC..
My employer has ~5000 employees across Canada. We have 8 or 10 MS-Exchange racks around the country (one per location and a big one in Ontario).
Two dual Xeons for primary and backup and another for the domain controller. I *know* how much traffic we have and this is gross overkill. Mind you, Exchange needs a lot of horsepower for the bloat. Anyhow, some rough numbers showed that we could eliminate all the Exchange servers with a *single* dual CPU FreeBSD 5.x box running Postfix.
Would the bureaucrats listen? No, in fact one fellow gave an ultimatum that if we didn't run Exchange, he'd quit.
So around the country we have little Unix systems popping up that act more reliably and without the spam (we use blackhole lists)
I use Exim on my home network. It runs on my firewall machine (yeah, I know... probably not the safest thing to do, but port 25 is blocked from coming in... it's local only) so that my wife, kids and I can use it as our SMTP server, to quickly send stuff out. I also use Fetchmail, SpamAssassin, and Procmail to filter spam and nasty attachments. We use IMAP, so everything gets backed up from one place.
I use Exim, because when I installed it with Debian, it asked about 5 reasonable questions, and then it just ran. That's it. There's no point in trying to learn Sendmail's complex file format, when we only need to serve 4 users. It's a great way to get an e-mail server up and running quickly for a small network. I was quite surprised, though, about the post above that said they use it for 1/2 million messages a day! I didn't know it could handle such a big load!
dochood
We used to use sendmail at work. The justification being that's what we always used, and that's what the support contracts listed.
Then the mail admin was on vacation for a week, and nobody noticed the security alert for the remote relay exploit. A spammer found us, and we had to shut down all mail for 6 hours until we could figure out what happened. And are still trying to get our IP off some spam lists.
Since then, we've gone to exim, and it justs works.
If anybody needs half a dozen sendmail books, let me know :)
Do you even lift?
These aren't the 'roids you're looking for.
I seen EXIM handle over 750,000/hr on a little old 450mhz desktop with 265Mb ram. It is very easy to install and configure. We had it handling over 120 domains (5000+ users), with spamfiltering (spamassassin).
I like it. No it's not as configurable as sendmail, but nice and easy to deal with.
Why worry? Each of us is wearing an unlicensed "nucular" accelerator on his back.
Sig changed for readability by G.W.
What's wrong with good old postfix, its been rockin the casbah for me for years now. I've used it in a few production environments and find it to be fastER than hell and fairly flexible. If you're looking for an extremely flexible mail solution, exim is it tho. I don't think there's a single thing you can't change.
" To steal ideas from one person is plagiarism; to steal from many is research. "
What a steaming pant-load! I work for what you might interpret as a "spammer", we send out millions of messages today. There's no chance in hell that you're getting 750,000 per hour out of a 450mhz desktop PC.
/dev/nulling the inbound bounces -- you're still going to be using disk time since you've gotten your box into swap with all those outbound messages. Has it reached your ankle yet? Oui oui!
I've built big mail systems in the past four years around qmail and postfix both.
1. You need a sustained ~9 megabits per second link to handle a 5K message at that delivery rate. On top of that, there are tarpits, connection limits per MX host, and all manner of obstacles thrown up by ISPs (both national and local). qmail and postfix do not have the capacity to intelligently handle these sorts of things. Exim is no different. You've tried to pinch it off, but you've failed.
2. Regarding mail IO (gotta store the message somewhere in order to deliver it). And don't give me that "transient" shit - you're not going to queue that much mail in memory since you've only got 256mb. So, you're obviously going to either THINK you're queueing into memory and it's going into swap or you're queueing directly to disk. Your little IDE spindle drive is not fast enough. You'll need, at minimum, a dual-drive SCSI array. Also, remember that each process, thread, and network connection takes RAM! You've got everything in swap at this point! Can you feel it sliming its way down the back of your leg yet?
3. CPU time. So your little 450 is handling bounces and delivery. Yes, there's inbound non-conversational bounces to process. Holy god! Now we have double the disk I/O load on the poor box! Writing to the queue or simply
4. What's your load average? Even if you dicked with the kernel enough to allow that many inbound connections, I promise you, the source ISP is going to give up since it's going to take 10 minutes for the SMTP connection to respond. You've tarpitted yourself. Your load average is probably well over 200 at this point. Your Linux 450mhz super box is now choking on cocks and you're leaving a nice little shit footprints behind you while you walk into HR to collect your pink slip.
And I do realize you're talking about INCOMING messages. Local delivery or remote delivery, my points above are still valid. Sorry scat head, you lose.
The 4 most popular MTAs out there seem to be sendmail, qmail, postfix and exim. We all know the problems that sendmail has, and qmail is shunned by most distributions because it is non-free.
Can anyone list the respective pros/cons of postfix and exim? There doesn't seem to be much to choose between them, so I'm wondering if anyone here can shed some light.
I've never understood the *nix reaction (although it has spread to windows/regular PC users) that escalates any difference in opinion to a religious war...
That being said, I have experience on three of the "big four" MTA's out there (sendmail, qmail, and exim) and currently use exim on my personal site (which also hosts a number of mailman lists for OpenSource project and friends of mine) and it handle's about 20k messages in/out on a linux box.
I also use qmail on my work servers (cluster of quad-procesor ultrasparcs) and although I can't say I would have chosen qmail if I'd been in charge of building the servers (I inherited them from "the architect") it handles millions of emails a day just fine.
I can't say i miss m4 (although I know real sendmail admins don't bother with wimpy scripting languages), sendmail also served it's purpose back in the day.
Could exim handle the load on the ultasparcs? possibly, I haven't checked. Could I put qmail on my personal box? sure, but if Exim works, why not.
To comment further on one thing, Philip has a good explination of monolithic vs modular on the exim website, which explains why he does things the way he does. At least read it before blindly attacking the system.
Please send all UCE to scally@devolution.com so I can f
works just fine. Unlike Sendmail and other nix flavors, one does not need to read 600 pages of mind numbing data simply to get it to work.
If I have a problem, I can use the TechNet online database which has a wealth of information.
Should I run into a major booboo, I can call M$ and for a few US $, solve the problem for cheaper then the price of one of those "unix consultants"
I ordered the book on Exim version 3 from Amazone, and by the time it turned up (2 months later) Exim 4 was released :o(
If only they upgraded books in a similar fashion to programs - some kind of discount from the previous version would probably encourage more people to keep their library up to date. (Although in this instance the migration from 3 to 4 was pretty painless.)
Beep beep.
Exim finally getting a guide for the masses is a good thing. It is true that postfix has a leg up in some areas, but I really like the configuration style and the ability for me to process 100,000 messages per hour vs. 50,000 messages per hour just isn't that big of a deal, just as it isn't for most people, since we don't come anywhere near that volume.
Also, when you're connecting it to a database backend to pull all the delivery info as I and many others do, it's going to be orders of magnitude slower on both platforms anyway.
Hopefully in the future exim can polish off some more of the rough edges, but in the mean time, it's still a damn nice tool.
we are running a 6000 user operation and decided to deploy exchange only with OWA with HiPerExchange .
so we saved the need to deploy and support outlook , users get exchange as web service with offline and caching capabilities too.
and our CFO saved 1mm$ in ongoing support costs ,bandwidth and VPN avoidance.
(running SSL mode)
In the town I grew up in, we had a fireman, a local hero, who insisted on smoking his cigarette at gas stations. Darwin eventually fixed him... he died of lung cancer, but he proved his point that he wasn't going to set the place on fire by smoking his cigarette there.
Please tell me the alternatives were taking your current job or living under a bridge.
.NET certification there was no work for me outside of the email field.
The job market is almost that bad!
I originally wrote email systems for large scale webmail sites. All of which, ironically, went with the rest of the dot.gones. The largest install I had was around 150,000 users. While it's not the largest, by far, it was great stuff in '99.
After that, I was hired by a CRM company. I was specifically involved in building their email delivery system. Unforunately, it turns out that their sales people weren't good enough so they bit the big one.
So, where is somebody like myself to go then? My resume was essentially "I built huge distributed mail systems", regardless of how much programming and architecture prowess I have, because I am not a Microsoft fan and don't have a
Oh, and to answer some others who replied... we have technology to get unstuck from and to avoid tarpits. OpenBSD's spamd thing doesn't slow us down at all nor does anything similar to it. Believe it or not, I also have cvs commit privs to at least three different widely used open source anti-spam tools (under assumed names, of course). Of course, this is just to help insure that the mail that we deploy gets through but not the competition. Knowing how the filters work and having legitimate access to commit to their source tree really helps us deliver to the smaller ISPs. Again, I must stress that although I use assumed names to gain access, I am not cracking -- my created persona was given commit access by the project leaders specifically for my contributions to their projects. Although some may view this as particularly devious, remember that everything committed is available for peer review. Thus far, none of my contributions have raised any eyebrows by their respective leadership -- nor should they, as my participation is otherwise completely legitimate. I view it more as a "steering role" in terms of where the tech should go next. I foster it along in a direction that is beneficial to my employer so that we have an easier time creating circumvention tools.
I do scour Monster.com and Dice for resumes of people who may have worked for some smaller or regional ISPs which have demonstrated an extremist view on commercial email. We pay them for insight on how their previous employer's mail systems work and what filtering is done and, of course, at what stage. This type of data has been quite valuable when dealing with stubborn regionals. With the big ISPs, this is naturally not needed as they have legal departments and technical operations groups that understand our business and appreciate its neccessity.
Anyway, I love the job! I get to travel, make great contacts, and I get to dig heavily into technology that directly impacts people's lives. That's a great thing to say about one's career.