You make some good points, so I'll give you the courtesy of a reply...
Geffy said:
true the license is slightly restrictive, but the lack of development activity is mainly because there havent been any security holes found in it since then.
There are lots of reasons to offer new versions of a product besides security. For example, to add features, such as the ability to add multiple blocklists, and to allow each domain to use it's own blocklists. Exim does that simply; qmail not at all.
And that's just one example.
A few patches are required such as ones to enable SMTP-AUTH, but there are two very good ones at present both based on the same piece of code.
And both of them unsupported by anyone except their authors, who don't even have permission to compile them into the main tree and distribute the package directly.
The only installation of qmail I've ever seen go smoothly is the one Plesk does, because they ignore the rules and create their own RPM with their own modified qmail. I don't ignore rules because I believe in license rights.
Any other install, doing it right, requires you to decide the options you want, then find the patches that will install them, then install those packages to the source code, hoping they're not incompatible, and then recompile the software.
Qmail's license says very simply that the author (Dan Bernstein) owns the package, and that he can change the license at any time to take away your right to use it. Certainly I won't invest any time in a package with that kind of license, though I can understand you might.
qmail doesnt have a single config file, instead it has the qmail/control directory which contains a number of text files which change how qmail operates.
And which are very limited. For example, show me the config file that allows me to list multiple blocklists.
There is no need to recompile for a single config change.
Why are you adding
FUD (Fear, uncertainty and doubt) to the discussion.
Exim certainly doesn't require a recompile for any config change; in fact I completely rewrote how exim handles email (for example, changing it so it won't accept email until it verifies the user exists) and even built in a complete spam handling system based on blocklists, without changing or patching one line of source code.
Others have done more, including adding ClamAV (either to work through a scanner, or before the mail is accepted), all without changing or patching one line of source code.
I dont use SpamBlocker, but SpamAssassin works fine with qmail.
SpamBlocker blocks (on our server) over one hundred times as much mail as SpamAssassin marks as spam when SpamBlocker is turned off.
And SpamAssassin doesn't solve the spam problem at all; the suspect email is still on your server and you still have to look at it to see if SpamAssassin guessed right.
Sure SpamBlocker can also guess wrong (though it's not as likely to do so) but it tells the sender, so if it does, the sender has a specific method of still getting the email through. And the recipient doesn't have to waste time browsing through perhaps hundreds or thousands of suspect emails.
Disclosure: I wrote SpamBlocker; I'm prejudiced.
qmail is simply the MTA which I choose to run on systems which I dont have dominated with a control panel of any kind.
That's your choice
.
finally the main thing which I dont like about exim is its single binary method of doing things, its bloated and increases the complexity of the code which therefore can introduce bugs and security holes. I think the qmail method of having a few small binaries which each do their single job and just that is a much more streamlined and secure method of operation.
That's a great point but it's a religious argument. No one has proved that a monolithic program is any more dangerous than a distributed set of programs. Except of course Dan Bernstein.
This is a problem which exim shares with sendmail. To my knowledge postfix uses the multiple binary method of operation in common with qmail.
Shouldn't that be
This is an attribute shared with sendmail? It's not a problem for me. How much of a problem has it been for you since you've used DA? And how much of a problem has it been for anyone else here? How many people here have had even one problem on their server because of a hole in Exim?
The answer is most likely none.
But after all is said, after buying and reading the qmail book and the exim book, and after writing questions on both user mailing lists as well, I can honestly say (from my point of view) that I like the exim community and the exim product a lot more than I like the qmail community and the qmail product.
So if JBMC (the company that writes DirectAdmin) decides to switch to qmail, they'll not only lose a lot of their built in functionality, they'll lose my business as well.
Which may very well be fine with them
.
Jeff
