I wanted to try a little bit different, so I want to give in this post a little roundup on Mail Transport Agents (MTA). In case you don't know yet what a MTA is: it's a piece of software, which is responsible to deliver your emails throughout the internet until its final destination. It's accepting therefore connections from Mail User Agents (MUA), so programs like Mutt, Alpine, Thunderbird, Kmail, Claws - you got the idea.
Personally I've been managing different MTA installations in terms of software and size since around 1998. My biggest was back then 1998 one which ran Exim and Cyrus IMAPD with ~3000 mail adresses, this has though changed throughout the years.
Let's begin with what I call legacy MTAs, you should avoid using for new installations if you can:
Sendmail
Sendmail is the granddaddy of MTAs, with its initial release back in 1983 by Eric S. Allman. In its hayday of glory and when there were not much alternatives, it was known to be a security nightmare because of its monolithic design (one binary does it all), as well to be a configuration nightmare in its sendmail.cf file.
The latest documentation book of sendmail.cf at O'Reilly has around 1292 pages. One idiom back then in the days was "You are not a real administrator if you have not edited a sendmail.cf file at least once. You are insane if you did twice."
My advise: avoid it at all costs. It's not much in use nowadays, configuration is a nightmare and aside today there are better alternatives around.
Qmail
Qmail by Daniel J. Bernstein was a breath of fresh air back in the old days in 1995. It was the first real MTA which has been designed with security as fundamental principle from the beginning, and therefore it has been very secure compared Sendmail.
Aside that it was also fast and easier to configure. It was also a strongly opinionated piece of software, and configuration was mostly done in dot files throughout a cascade of directories. It also introduced some innovations to the scene, like e.g. Maildir.
The development on the official source has stopped long time ago, but there are some forks around which introduced features like IPv6 support to it. It's been quite popular back then, also Hotmail used it in the beginning, but nowadays it's a niche MTA for some hardcore fans because of its long pause in development.
My advise: if you don't have some legacy installation running just skip it and use Postfix instead.
Let's move on the more recent stuff:
Exim
Exim by Philip Hazel is a successor to S-Mail 3. It's been around since also 1995, but uses only one binary to do all stuff. Exim is best known for the reason that it is the default MTA of the GNU/Linux Debian distribution. It's somewhat now a slow burn project, but still sees continous development.
Exim's configuration is quite human readable, and flexible to a point that many consider Exim to be more kind of a MTA framework because you can really much define many things in a flexible type of manner other MTA's don't. It's got a big community, so getting documentation and support of all types is also no problem.
It's main disadvantage is its monolithic design, similar to Sendmail. So every 2-3 years you can expect that this will bite you in the hand, and you will have to update your MTA probably quite fast to have the fix.
Furthermore Exim offers no dedicated queue manager, which might be a problem for some use cases. If you really do need big throughput it's also not the fastest MTA on the block around. It's still though one of the most used open source MTAs today on the internet due to the fact that Debian ships with it.
My advise: if you don't really need its flexibility take a closer look, but you should still skip it due to its monolithic design and the security implications coming from it.
Postfix
Postfix is the brainchild of Wietse Venema, a well known security reseacher back then working at IBM Research, and around since 1998. As you might consider when looking at the author, security has been a fundamental part of its design right from the beginning. In fact Postfix has an excellent track record in terms of security due to this, because if something breaks the damage area is normally quite narrow and mitigated.
It's configuration is powerful and simple enough to be humanly understandable, compared to Exim though it's not always so flexible. Then again use cases which cannot be done with Postfix are probably quite narrow anyways for normal installations.
Postfix also speaks Milter, which means that you can use your own Milters of choice. It's also one of the most used open source MTAs, has a big community and documentation is plentiful. Due to its design it has also a dedicated queue manager, which is tunable.
Furthermore it's under continous development still today, and quite capable of handling large mail loads.
This makes Postfix my personal recommendation if you really want to run a MTA, because it's well documented, under continous development, easily enough configurable and been designed with security on mind.
Worth mentionings:
Haraka
Haraka is the only MTA which has not been created in the last millenium. It's initial release was in May 2011 by Matt Sergeant, it's written in Javascript (really!) and runs on Node.JS. Sergeant took the basic design of Qpsmtpd (which runs on Perl), on which he worked before , and ported it over to Node.JS because he wanted something more speedy, asyncronous and event driven.
Haraka is mainly about one thing, and this is raw speed. It's been created to replace installations, where even Postfix is not nearly speedy enough to handle the existing mail load. So when you got always a few thousand SMTP connections open any time, and sending out millions emails per day this is probably the MTA which can do the job for you.
True to this niche Haraka is the MTA being used by Craigslist. After they rolled out Haraka on their servers, they claimed to have de-commissioned 50% of their hardware which ran Postfix before because they were no longer needed.
So probably not a thing most of use will ever have a real need to use anyway due to lack of mail load; but it might be interesting to have a look at it regardless.
Personally I've been managing different MTA installations in terms of software and size since around 1998. My biggest was back then 1998 one which ran Exim and Cyrus IMAPD with ~3000 mail adresses, this has though changed throughout the years.
Let's begin with what I call legacy MTAs, you should avoid using for new installations if you can:
Sendmail
Sendmail is the granddaddy of MTAs, with its initial release back in 1983 by Eric S. Allman. In its hayday of glory and when there were not much alternatives, it was known to be a security nightmare because of its monolithic design (one binary does it all), as well to be a configuration nightmare in its sendmail.cf file.
The latest documentation book of sendmail.cf at O'Reilly has around 1292 pages. One idiom back then in the days was "You are not a real administrator if you have not edited a sendmail.cf file at least once. You are insane if you did twice."
My advise: avoid it at all costs. It's not much in use nowadays, configuration is a nightmare and aside today there are better alternatives around.
Qmail
Qmail by Daniel J. Bernstein was a breath of fresh air back in the old days in 1995. It was the first real MTA which has been designed with security as fundamental principle from the beginning, and therefore it has been very secure compared Sendmail.
Aside that it was also fast and easier to configure. It was also a strongly opinionated piece of software, and configuration was mostly done in dot files throughout a cascade of directories. It also introduced some innovations to the scene, like e.g. Maildir.
The development on the official source has stopped long time ago, but there are some forks around which introduced features like IPv6 support to it. It's been quite popular back then, also Hotmail used it in the beginning, but nowadays it's a niche MTA for some hardcore fans because of its long pause in development.
My advise: if you don't have some legacy installation running just skip it and use Postfix instead.
Let's move on the more recent stuff:
Exim
Exim by Philip Hazel is a successor to S-Mail 3. It's been around since also 1995, but uses only one binary to do all stuff. Exim is best known for the reason that it is the default MTA of the GNU/Linux Debian distribution. It's somewhat now a slow burn project, but still sees continous development.
Exim's configuration is quite human readable, and flexible to a point that many consider Exim to be more kind of a MTA framework because you can really much define many things in a flexible type of manner other MTA's don't. It's got a big community, so getting documentation and support of all types is also no problem.
It's main disadvantage is its monolithic design, similar to Sendmail. So every 2-3 years you can expect that this will bite you in the hand, and you will have to update your MTA probably quite fast to have the fix.
Furthermore Exim offers no dedicated queue manager, which might be a problem for some use cases. If you really do need big throughput it's also not the fastest MTA on the block around. It's still though one of the most used open source MTAs today on the internet due to the fact that Debian ships with it.
My advise: if you don't really need its flexibility take a closer look, but you should still skip it due to its monolithic design and the security implications coming from it.
Postfix
Postfix is the brainchild of Wietse Venema, a well known security reseacher back then working at IBM Research, and around since 1998. As you might consider when looking at the author, security has been a fundamental part of its design right from the beginning. In fact Postfix has an excellent track record in terms of security due to this, because if something breaks the damage area is normally quite narrow and mitigated.
It's configuration is powerful and simple enough to be humanly understandable, compared to Exim though it's not always so flexible. Then again use cases which cannot be done with Postfix are probably quite narrow anyways for normal installations.
Postfix also speaks Milter, which means that you can use your own Milters of choice. It's also one of the most used open source MTAs, has a big community and documentation is plentiful. Due to its design it has also a dedicated queue manager, which is tunable.
Furthermore it's under continous development still today, and quite capable of handling large mail loads.
This makes Postfix my personal recommendation if you really want to run a MTA, because it's well documented, under continous development, easily enough configurable and been designed with security on mind.
Worth mentionings:
Haraka
Haraka is the only MTA which has not been created in the last millenium. It's initial release was in May 2011 by Matt Sergeant, it's written in Javascript (really!) and runs on Node.JS. Sergeant took the basic design of Qpsmtpd (which runs on Perl), on which he worked before , and ported it over to Node.JS because he wanted something more speedy, asyncronous and event driven.
Haraka is mainly about one thing, and this is raw speed. It's been created to replace installations, where even Postfix is not nearly speedy enough to handle the existing mail load. So when you got always a few thousand SMTP connections open any time, and sending out millions emails per day this is probably the MTA which can do the job for you.
True to this niche Haraka is the MTA being used by Craigslist. After they rolled out Haraka on their servers, they claimed to have de-commissioned 50% of their hardware which ran Postfix before because they were no longer needed.
So probably not a thing most of use will ever have a real need to use anyway due to lack of mail load; but it might be interesting to have a look at it regardless.
.
