Sendmail Removed From NetBSD 248
Derkjan de Haan writes "Christos Zoulas removed sendmail from the NetBSD source tree, after a lot of discussion about its security track-record. Sendmail will remain available from pkgsrc." But without sendmail.cf foo, how will we distinguish between the best admins and the mediocre? Sendmail was more useful as a litmus test than as an MTA ;)
The Security Concerns (Score:5, Informative)
As you can see with above security concerns, Sendmail has had significant historical problems but they have been active in rectifying these problems. If you have the time to patch often, Sendmail most probably will provide you with one of the safest mail transfer agents out there.
The largest concern seems to be the possibility of being compromised via a remote connection [deer-run.com]. If you're not using it, simply turn off the Sendmail Daemon. And I think that's why they removed it from NetBSD. Some idiot like myself might install NetBSD and leave that sucker listening on port 25. Now, there are no problems immediately because I'll have the latest version but I'm lazy and I don't patch NetBSD regularly so a few security alerts come out and then
Funny thing is, I've never heard of anyone losing data or being hacked due to Sendmail. Perhaps it's because the last place I saw it used widely was college?
Re:The Security Concerns (Score:3, Interesting)
What I have witnessed a lot is people who run sendmail as an open relay because they don't know any better. Not to say you can't also configure qmail or postfix to be an open relay.
The biggest reason I switched away from sendmail was I did lose data because of mbox file corruption on two occasions. Maildir is much better at protecting against that.
Qmail/Qmail-Scanner/Qmail-SPP have been doing
Re:The Security Concerns (Score:5, Insightful)
I had. Several times back in 1996. Made me switch to qmail and after that to exim.
As far as sendmail is concerned it is a good MTA provided that:
Re:The Security Concerns (Score:3, Informative)
As for milters, the latest Postfix snapshots are adding milter support.
Re:The Security Concerns (Score:4, Insightful)
An example off the top of my head and by the way a real one:
While it is possible to handle this in exim or postfix it will be quite painfull at this scale. In cases like this sendmail still remains ahead of the game for cases like this due to the better LDAP support and the inherently more flexible rewrite support.
If you look in the Hanging Bat you will see quite a few more examples like this which everyone but a large corp admin will consider to be extremely obscure corner cases. In a large company you are likely to be asked for at least one of them quite often and this is what sendmail has been targeting for a long time. They have surrendered the ISP, SMB and small EDU market very long ago as it does not bring them enough support revenue.
Recently exim is starting to step on sendmail's toes with the built in perl interpreter, built in SQL and filters it is still not there. Dunno about postfix, but I doubt it. Anything else aside some of the uses of sendmail rewrite rules out there are outright mad. Nobody in their sane mind should do things like this.
Re:The Security Concerns (Score:5, Informative)
http://www.postfix.org/generic.5.html [postfix.org]
http://www.postfix.org/ADDRESS_REWRITING_README.h
http://www.postfix.org/transport.5.html [postfix.org]
Pretty trivial stuff.
Re:The Security Concerns (Score:2)
Ridiculous. If you can run ps2pdf you can produce a PDF document of the extensive manual included in every sendmail release. It has everything the Bat book has, and is up-to-date with each release. All I needed to know to get a spam Milter working I read in op.me.
You work for a large corp or edu
Re:The Security Concerns (Score:3, Insightful)
The manual is good, but some of the insanities in it will be hard to understand without reading the Hanging Bat at least once.
I have used the manual for many years before finally surrendering and buying the most recent Bat last year. Reading it definitely made a difference. After that quite a few of the seemingly absurd featurettes started making sense, because you can see why are they there in first place.
Overall, thanks
Re:The Security Concerns (Score:2)
Sendmail really doesn't care what format the mail is ultimately stored in; that's not sendmail's job anyway. That's the job of the delivery agent, which for most people is procmail. Procmail can deliver to either mbox or Maildir. I've been happily using sendmail and delivering to Maildir boxes for several years now. Works great.
There i
Re:The Security Concerns (Score:2)
With qmail-filter qmail supports in-line filtering of your messages through various software like virus scanners, etc. during the delivery process, but I'd like it earlier as well.
Just out of curiousity, what features do you like (specifically) best about how milter works?
Re:The Security Concerns (Score:5, Funny)
Some time ago there was a 'hacker' movie made here in Poland. And there was a rather funny scene, where two main characters were trying to break into some server. Best part below:
(from memory)
H1: Wow, this thing is a real fortress...
H2: Did you try to get through sendmail using emacs?
Re:The Security Concerns (Score:2)
Re:The Security Concerns (Score:2, Informative)
8 years after "The Worm" Snedmail is closed (Score:5, Informative)
The Internet Worm of 1988 -- Introduction by Francis Litterio
The below document tells the story of the Internet Worm of 1988 and how it effectively shut down the Internet. I didn't write it, but it's hard to find it on the net these days, so I offer it here on the theory that those who fail to learn from history are doomed to repeat it.
I remember when it happened. It was a big deal to computer people like me, but in 1988 the Internet was unknown even to the most sophisticated media reporters, and the World Wide Web had not been invented yet. I remember the NBC Evening News devoting less than 30 seconds to the topic. If an equally severe disruption of the Internet were to happen today, the President of the United States would probably hold a press conference to calm the nation.
Google Cache to the Article by Don Seeley, Univ. of Utah [64.233.187.104]
Re:8 years after "The Worm" Snedmail is closed (Score:2)
Umm, last time I checked, 1988 was more than 5 years ago.
Ummmmm ..... (Score:2)
You said Umm, last time I checked, 1988 was more than 5 years ago.
Great, but he was referring to Y2K, not 1988. His reference to 1988 was after the five years comment you quoted.
Way to go!
Re:The Security Concerns (Score:2)
Re:The Security Concerns (Score:2)
What an idiotic thing to say.
Even for Slashdot.
Re:The Security Concerns (Score:2)
WIZ backdoor (Score:3, Interesting)
Well, how many widely used MTAs are written by somebody that put in a backdoor? Sendmail wizard (WIZ) backdoor allows anonymous remote root access [iss.net]
I go for Postfix these days, but Sendmail is infinitely configurable, even (Turing complete [wikipedia.org]. Finally, Eric is All Man.
As for the "getting hacked via sendmail issue", I've never known anybody that has, personally, or even a friend of a friend. I know more people that got hacked via SSH (some issue around 2000 or so, I forget, but it was bad).
If I had c
Re:The Security Concerns (Score:2)
I'm personally a Postfix fan, but I don't see why anyone would use Sendmail these days when alternatives like Postfix, Qmail, and Exim are available.
Good riddance (Score:2)
Re:Good riddance (Score:4, Insightful)
I think it's high time we put Sendmail out to pasture.
Provide examples (Score:2)
Please provide examples, and if possible, tell us how easy or difficult it is to set them up. That way, your comment will be more useful to a n00b like me. Thanx.
Re:Provide examples (Score:3, Informative)
Qmail is a fairly secure pretty fast MTA it is very modular and very suited to sites with multiple domains to handle.
There is others such as exim, james, etc but Sendmail, Postfix and Qmail are the 3 biggest I think next would be exim (it used to be the default in debian I don't know if it still is).
Personally I would recommend postfix if you a
Re:Provide examples (Score:5, Interesting)
liliafan wrote: Postfix is based on sendmails codebase
Completely wrong. Postfix was written from scratch; it shares no code with Sendmail.
I still use Sendmail because Milter is a killer feature. It is the sweetest API for mail filtering/mangling/processing. I should note that Wietse Venema has started implementing Milter compatibility in Postfix, and I'm following that development eagerly.
Re:Provide examples (Score:2)
Postfix is based on sendmails feature set.....
once again sorry for misleading you, that is what happens when you are discussing porting code with a co-worker whilst typing a response on slashdot
Re:Provide examples (Score:5, Informative)
The biggest architectural difference between Sendmail and Postfix is that Postfix has many small executables (arguably, many not-so-small executables) while Sendmail is monolithic. From a user's perspective this is basically transparent: the biggest benefit to a sysadmin of running Postfix is the config files, which are as close to being self-explanatory as a MTA config file can be, in my opinion.
Sendmail always struck me as a bit of a challenge to set up securely/properly (i.e. "not an open relay"); Postfix is pretty simple to get going securely, and has well-chosen default parameters (at least as I've seen it installed, on Debian) that let you set up a server that won't be immediately spewing Russian penis-enlargement emails quickly. I've never tried to set up Sendmail with SSL support, but I'm going to go out on a limb and guess that it's easier to do this with Postfix as well.
I can't personally vouch for its speed, because I don't run a high-volume mailserver, nor do I have the hardware to really give the MTA that much of a workout (it just becomes disk-bound on my systems). Plus I use flat mbox files and the situation may be totally different with the more modern database-type mailstores. (Yeah, yeah, I know -- 1986 called and they want their file format back and all that. But it works for me.)
There are other choices out there for MTAs, and I'm sensitive to arguments in favor of them and I'm not trying to say that Postfix is necessarily the best possible thing out there for everyone, but at least in my experience it beats the hell out of Sendmail. If somebody wants to jump in here and discuss qmail or exim, and why they think they're great, please do.
Re:Provide examples (Score:2)
Why did I find myself hoping that link went to God?
Re:Provide examples (Score:5, Interesting)
I do, or at least one of my clients does. He runs a reasonably high-volume ecommerce site, and has many (about 50,000) opted in subscribers to his newsletter. We tried our best to get Sendmail to play nicely with that volume, but the system would inevitably slow to a crawl for long periods of time whenever he sent a batch of mail (taking the webserver on the same machine with it). By our best, I mean that we tore through the bat book, tried delayed sending, created parallel queues with their own runners - everything we could find documented or rumored on Google and Usenet.
After experimenting with Postfix on my personal servers, I convinced him to give it a shot. I installed it, ported over his Sendmail configuration, stopped one and started the other, and crossed my fingers.
It worked.
We confirmed that everything was working as expected, then he clicked the dreaded "Send now!" link. We watched as the outbound queue grew to 50,000 messages, then tailed maillog to watch them start spewing out at a record pace. Even though outbound traffic was heavy, the system never broke a sweat and the webserver kept chugging along happily.
I like Sendmail and am quite comfortable digging around in its .mc files (.cf? Therefore but by the grace of God...), but Postfix showed me what a modern MTA is capable of. I've since switched every Sendmail installation in my responsibility over to Postfix and I've never regretted it for a minute.
Re: (Score:2, Interesting)
Sendmail? Insecure? (Score:2, Informative)
Re:Sendmail? Insecure? (Score:3, Insightful)
Sendmail is a pain in the ass (Score:3, Interesting)
Re:Sendmail is a pain in the ass (Score:5, Insightful)
sendmail.cf is a compiled file. If you configure sendmail with m4, the way it's supposed to be done, it's not that hard.
ttyl,
--buddy
Re:Sendmail is a pain in the ass (Score:2)
Re:Sendmail is a pain in the ass (Score:5, Informative)
Then it's at least nine years new. The second edition of the bat-book dates to January 1997. (I don't think I've ever seen a copy of the first edition, so I don't know if the m4 config is as old as late 1993.) I've been using the m4 config since early 2000 when I first got fixed IP DSL.
Anyhow, in my experience, Sendmail also won't work right if your DNS is broken. Both the IP and MX records have to be right.
define("Improved" sendmail configuration)dnl (Score:4, Insightful)
It's still garbage [maynidea.com]. Sample "improved" sendmail config:
Sample postfix config:
I know which I'd rather edit. I mean, without looking at the manual, I've no idea what that dnl crap is about.
Re:define("Improved" sendmail configuration)dnl (Score:2)
Re:Sendmail is a pain in the ass (Score:2)
Sendmail “configuration” [okmij.org] is a Turing-complete [wikipedia.org] language. In that sense, it is unlike what most people think of in terms of configuration, which typically amounts to key-value pairs. And as another poster pointed out, you should not be editing it directly unless you have very specific needs.
Re:Sendmail is a pain in the ass (Score:2)
Why not overhaul sendmail? (Score:3, Interesting)
redesigning its config files so its a lot easier to set up
and be made secure by non-gurus. There could always be a
compat mode with the old
to change. I don't understand why the guys behind sendmail
have never done this since I've never found anyone who liked
the
converting them into
They did overhaul sendmail. (Score:5, Informative)
Re:Why not overhaul sendmail? (Score:3, Insightful)
Because it's broken from the ground up (Score:3, Informative)
they're doing it: it's called Sendmail X (Score:2)
Let the qmail flamery begin! (Score:5, Funny)
Qmail is more secure.
Yes, the qmail author is a (code wizard|douchebag|weird academic) so I (will|will not) use qmail.
Courier is cooler because it includes an IMAP server in its distribution.
Sendmail is fine these days, its just the n00bs that admin it that make it broken.
Yeah but so is Windows.
So's your mother.
I run on so I'm not affected.
I outsourced my email to gmail and (couldn't be happier|hate it|Google rules|Google is teh evil).
BSD is dying.
BSD is alive.
Re:Let the qmail flamery begin! (Score:2)
Re:Let the qmail flamery begin! (Score:2)
Bleh.... That's supposed to be easier to configure?
Re:Let the qmail flamery begin! (Score:2)
However, Exim is licenced under the GPL {which insists for you to respect other people's code}, so probably not a good choice for a BSD system. And you probably also won't want to use it if you went to Oxford
Re:Let the qmail flamery begin! (Score:2)
You can also completley override the Debian configuration mechanism by creating an
Re:Let the qmail^W flamery begin! (Score:2)
Re:Let the qmail flamery begin! (Score:2)
Well, if you really want to...
I run my two web servers on netbsd. I have an install script which sets it up the way I like. This script removes sendmail when it installs netqmail.
Its no real problem for me, just two lines of ksh. But mail software doesn't really belong in the base system. The software you want is just a pkg_add away (not qmail unfortunately).
I think this is a good move. NetBSD will be better for it. And I do
Re:Let the qmail flamery begin! (Score:2)
you're probably referring to the ACCEPTABLE_LICENSES+=djb-nonlicense your mk.conf when building from source. however, Q106 packages (even further back to Q105) include qmail binaries.
Re:Let the qmail flamery begin! (Score:3, Funny)
Eric Allman (Score:2)
Re:Eric Allman (Score:2, Funny)
<grammar-nazi>
On his development box, he used to keep the source code to unpublished exploits in his home directory that effected the current version of sendmail.
So the unpublished exploits actually brought about the current version of sendmail? That explains quite a lot actually.
Here [purdue.edu] is a description of the difference between "effect" and "affect."
</grammar-nazi>
Re:Eric Allman (Score:3, Insightful)
Exploits that are found and patched DO bring about a new version of the software. It's usually mixed in with a bunch of other patches, but it's there.
Maybe you should calm down and simply laugh at people that have no idea what they are saying, instead of pointlessly screaming at them. They don't CARE or they'd have made sure they had it right the first time.
sendmail.cf test (Score:5, Insightful)
In that the mediocre admins will bodge some hacks into sendmail.cf to make sendmail appear to perform the job they need it to, whilst the best admins will take the presence of sendmail.cf as an indication that they need to remove sendmail and replace it with something that's actually fit [qmail.org] for [exim.org] purpose [postfix.org]? :-P
Re:sendmail.cf test (Score:5, Insightful)
Exim is not a secure replacement for Sendmail. qmail and Postfix were both designed explicitly for security, and include:
Exim was designed as a modernized SMail. It's got the same monolithic architecture as Sendmail has, meaning security vulnerabilities in Exim are less survivable than they are in qmail or Postfix, where a buffer overflow (none of which have ever been found, unlike in Exim) only gets you a one-off UID.
I don't know how Exim has managed to brand itself as one of the "secure MTAs", but it's just a marketing trick.
Re:sendmail.cf test (Score:2)
Unintentional humour (Score:5, Funny)
Did a little googling for sendmail.cf - the sendmail configuration file - and found this gem [bga.org]. The unintentional humour on the last line is hilarious:
they look much worse (Score:2)
Sendmail isn't so bad. Nowadays, you can install a package, and fire off it's daemon, and it will work. In the old days, you had to edit sendmail.cf with a hex editor, and prod the bits into place using a 15-foot pole in either hand. Jeez, these kids have it easy with their M4 configs now!
Re:they look much worse (Score:2)
Sendmail useful? (Score:3, Funny)
The entity that was Sendmail, last manifestation of Chaos which would remain with this new distribution as it grew, looked down on the corpse the system administrator and smiled.
'Farewell, friend. I was a thousand times more evil than thou!'
And then it leapt from NetBSD and went spearing upwards, its wild voice laughing mockery at System Security; filling the universe with its unholy joy.
Well (Score:5, Funny)
Re:Well (Score:2)
Dangerous creation (Score:2)
Struck me as being the computational equivalent of a big table saw with the safety shields removed. It's the sort of thing you just wince to look at because you know, some day, it's going to cause somebody a lot of pain.
Re:Dangerous creation (Score:2)
What's the alternative? (Score:2)
On a default NetBSD installation where does the cron output go?
Re:What's the alternative? (Score:5, Informative)
Postfix has been in the tree for a while, and will now be the default MTA.
Re:What's the alternative? (Score:2)
Right now it goes to sendmail. I assume that there will be a 3.1 release soon so that will be the next without sendmail.
The mail transport seems to be configured in /etc/mailer.conf
Maybe I should look at that editing that file rather than using the sendmail program which comes with qmail.
Re:What's the alternative? (Score:2)
The 3.x branch is a stable release branch; sendmail was removed from HEAD. You should see the first version of NetBSD without sendmail in base along with the 4.0 release.
Re:What's the alternative? (Score:2)
What gets a lot of people, I think, is that in order for Postfix to replace Sendmail for all functions, Postfix has to overwrite
Best way to measure Bat Book size? (Score:5, Funny)
It's Like... (Score:2)
*rimshot*
Be serious (Score:2, Insightful)
I think that sendmail.cf is the worst written configuration file and a good SysAdmin has edited the SECOND part of it almost once, but never twice because the second time he removed sendmail and installed something better.
Re:Be serious (Score:2)
I used to run a stock linux configuration on my co-lo. After a while I realised that I had an open mail relay running. I bought a book called "sendmail for linux" and the (unstated but very clear) conclusion from the book was to run something other than sendmail.
Re:Be serious (Score:3, Informative)
When you look at modern programs with their fancy-pants SQL and XML configurations, they may be easier for a human being to understand; but they're also a hell of a lot of work for the computer to understand, precisely because of all the human-readable cruft. Twenty or thirty years ago, there wasn't the computing power to waste on processing suc
Re:Be serious (Score:2)
you are exactly right.
Emacs is to be used for that.
the best admins (Score:2)
Litmus test (Score:3, Insightful)
Actually, that was UUCP. Back when you couldn't just search the web for documentation, if you wanted to get UUCP running you had to figure it out yourself. If you could do a full mesh of three machines into a UUCP network then you were a guru indeed.
A Good Sign (Score:2, Insightful)
Here's hoping that this move by NetBSD is a sign that even more Unix-like operating systems and distributions will take this approach. The time has come for sendmail to be an option, not the default.
After cutting teeth on it, move on (Score:2)
Work that bandwagon, people - groupthinkgroupthink (Score:2)
Wietse Venema's Postfix [postfix.org] and Eric Allman's Sendmail X [sendmail.org] are API-compatible total rewrites of sendmail. Postfix is currently stronger, but sendmail X implements pretty much the same shite as postfix, so the advantage is code maturity - right now postfix is arguably better than sendmail 8 (which is what NetBSD ditched, incidentally) and when sendmail X gets its legs it will probably be even b
Ah, sendmail... (Score:2)
By the early 90s, the Internet itself was almost completely settled on SMTP, but internal mail hosts weren't necessarily. I remember spending a few days reworking sendmail.cf for address rewriting to deliver gatewayed SMTP mail to an internal Lotus Notes server.
The beauty of sendmail was that there was almost
Good (Score:2)
Re:Good (Score:3, Insightful)
I too love NetBSD, but shipping with both vi and ed is stupid. Personally, I don't think an editor should be included at all, since pkgsrc makes adding one trivial.
cron (Score:3, Informative)
Just an FYI, on both NetBSD and OpenBSD (and also FreeBSD, AFAIK), the out-of-the-box configur
'Best' admins? (Score:2)
There's loads more to being a "good" or even the "best" SysAdmin, NetAdmin, or whatever other kind of admin there is than configuring one overly-complex and security-hole-ridden program. No two techies are ever going to have the same strengths and weaknesses.
For my part, I never understood (or really tried to understand, after se
Do I even need an MTA? (Score:3, Interesting)
I don't even send mail directly from my machines, and I've often wondered "what if I just removed sendmail completely?" Would a whole host of system admin packages (cron, logrotate, etc...) break? Or do they write to the spool directly?
Re:Replacement? (Score:2)
There's also qmail, but I could never get past the "if you want qmail you'd better be willing to install all of djb's other tools too" thing.
Re:Replacement? (Score:2)
However that said in most cases the default installs of both, postfix is generally faster, although if it only took you 10 minutes to configure I would suggest spen
Re:Replacement? (Score:5, Informative)
Re:Replacement? (Score:2)
postfix has been included [netbsd.org] for quite some time now. i s'pose it'll default to that in the next releases.
Re:Replacement? (Score:2, Funny)
Re:Linux is too heavy as it is... (Score:3, Informative)
Re:Linux is too heavy as it is... (Score:2)
Re:Postfix? (Score:2)
Re:No sendmail? So in otherwords.... (Score:2)