Qmail

Qmail is a in the latest version of the software.

Qmail encourages the use of several innovations in mail (some originated by Bernstein, others not), including Maildir format mailboxes for storing messages ( Mbox files are also supported, and encouragement to migrate is given along with a tool to convert Mbox mailboxes to Maildir mailboxes) and the QMTP and QMQP protocols.

Qmail's major competitors are Exim and Postfix . Unlike qmail's competitors, qmail has not been updated by the author for several years and users have instead come to rely on third party patches to support new functionality.

COPYRIGHT STATUS

Qmail is 's qmail-src package ) from being published.

CONTROVERSY

There is some controversy among mail system operators over whether qmail is as standards-compliant as its author claims. Critics allege a number of variations from the SMTP standards, some of which they claim make qmail more vulnerable to certain kinds of abuse than other MTAs. {Link without Title} Others counter many of these claims by pointing out that the standards are ambiguous, and in some cases are at variance with subsequent established best practice and thus unreasonable to be adopted by ''any'' mail software.

For example, critics comment on qmail's adoption of a different standard for bounce messages, QSBMF, to the one in RFC 1894. Others counter by pointing out that RFC 1894 has only been adopted by some mail systems, with other systems (just as qmail) employing different bounce message standards; and by asserting that the problem of widespread forgery of envelope senders and the trend in recent years towards single-hop transport have actually undermined the foundations of RFC 1894 and rendered many of its convolutions moot.

Another example of this controversy is that of the behaviour of the SMTP Relay server in qmail when it comes to mail addressed to non-existent mailboxes. Because of qmail's strong security partitioning between its SMTP Relay server and its local delivery agent (One consequence of this is that a Spammer cannot enumerate user accounts by a Dictionary Attack , but this is not the sole reason for the strong security partitioning that runs the SMTP Relay server as a user without any special privileges and without the means to affect other user files and processes.), and because its local delivery agent allows users and administrators to employ "catch-all" wildcards and thus extend the range of valid mailbox name arbitrarily, qmail's SMTP Relay server has no direct knowledge of what local mailbox names are actually valid, and moreover not necessarily enough permissions to find out. As such, mail to non-existent mailboxes (whose domain parts are correct, of course) is accepted by qmail's SMTP Relay server, and qmail generates and sends Bounce Message s when the non-existent mailbox name is later detected, at the point of actual mailbox delivery.

Critics point out that qmail thus sends far more Bounce Message s than some other MTAs, which in contrast give their SMTP Relay servers direct access to and knowledge of local mailbox names and thus allow them to refuse mail addressed to non-existent mailboxes; and that Spam or Worm mail messages often employ the technique of sending messages to non-existent mailboxes on intermediary systems placing the actual target mailbox in envelope sender addresses, relying upon the ensuing Bounce Message from the intermediary to deliver the payload to the real target.

Others counter this criticism by pointing out

that as long they support a user-specifiable "address extension" mechanism with wildcarding of some kind, even those other MTAs ''still have the same problem'' of mail that cannot be discovered to be undeliverable until after the SMTP Relay server has accepted it, and that thus this merely papers over the problem;

that there is a fundamental conflict between preventing this sort of Spam and a secure flexible design, that one has no choice but to trade the one for the other, and that the range of six different patches available for modifying qmail's SMTP Relay server and their concomitant effects upon flexibility and security exemplify very well the different tradeoffs;

that critics don't support the abandonment of other advances in the state of the art where the same problem occurs (Just as running the SMTP Relay server without privileges was an advance in the state of the art driven by s sent by intermediaries.).

REFERENCES

# ¹
# ²

SEE ALSO

Qpsmtpd

Djbdns

EXTERNAL LINKS

Official qmail website , maintained by the author

Unofficial qmail website , maintained by Russ Nelson

Life with qmail - a popular qmail manual

QmailToaster - a popular rpm based qmail distribution

''qmail'' rocks , a qmail guide with additional addons

pkgsrc qmail and qmail-run , a pair of easy-to-install cross-platform qmail source packages included in pkgsrc

The qmail section of FAQTS , an extensive knowledgebase built by qmail users

QmailWiki is a relatively new Wiki about qmail, hosted by Inter7

qmail-ldap patch build a high volume mailserver with qmail based on ldap-directories - and addresses serveral of the "problems" stated above ...

Unofficial Qmail Bug and Wishlist

Jonathan de Boyne Pollard's debunking of several myths relating to qmail

Jonathan de Boyne Pollard's list of the several known problems in qmail

	APPAREL
	BABY
	BEAUTY
	BOOKS
	CAR TOYS
	CELL PHONES
	DVD'S
	ELECTRONICS
	GOURMET FOOD
	GROCERIES
	HEALTH & PERSONAL
	HOME & GARDEN
	JEWELRY
	MUSIC
	MUSIC INSTRUMENTS
	OFFICE PRODUCTS
	SOFTWARE
	SPORTING GOODS
	TOOLS & HARDWARE
	TOYS
	VIDEO GAMES
	SHOPPING HOME

	MORE SHOPPING...

	CATEGORIES ABOUT QMAIL

	mail transport agents

	free email server software

Information About

Qmail