Differences between revisions 21 and 22
Revision 21 as of 2011-04-05 10:13:40
Size: 22245
Editor: PaulWise
Comment: merkel
Revision 22 as of 2011-11-13 14:23:39
Size: 22131
Editor: BartMartens
Comment: removed myself
Deletions are marked like this. Additions are marked like this.
Line 262: Line 262:
|| debian-project || Bart Martens <bartm@debian.org> || Evolution 2.10.3 || ISP smtps01.kuleuven.be (Postfix) ||

Default MTA

There have been long debates on what should be the default MTA for Debian. What follows is a summary of the situation:

  • Postfix and Exim4 both are good MTAs for the distribution default.
  • Sendmail is as good if you know it well already.
  • There are other choices ...

"All things being nearly the same, do use what you know best how to operate and configure" is what really should drive one to choose between exim and postfix (and apparently, sendmail). (the old sysadmin axiom per Henrique de Moraes Holschuh)

ML discussion

Time

site

Reference

030715

d-d

default MTA for sarge: exim -> exim4 ?

060312

d-u

default MTA:default MTA in etch? exim, postfix?

070914

u-d

Postfix as the default MTA?

071024

d-d

Default mail-transport-agent

071112

d-d

MTA comparison (postfix, exim4, ...) = This page.

Since <insert date> exim4 has been the default for Debian, although many Debian services use postfix now (See the "Debian servers" section below).

Comparison

2007-03

MTA Comparison

2003-11

OPEN SOURCE MAIL SERVER COMPARISON

Please note that some of the old negative comments have already been resolved.

Exim4

All 5 options supported:

  • internet site; mail is sent and received directly using SMTP,
  • mail sent by smarthost; received via SMTP or fetchmail,
  • mail sent by smarthost; no local mail,
  • local delivery only; not on a network,
  • no configuration at this time

Default: local delivery only; not on a network

Positive points:

  • Flexible.
  • This has very small memory foot print.
  • Small footprint (VSZ=41,324 RSS=1,008)
  • the "don't fix it if it ain't broken" principle suggests keeping Exim4.

Negative points:

  • Support community limited outside of Debian
  • Although powerful and relatively readable than sendmail.cf, its configuration is too extensive and too flexible to understand at a glance.

$ grep -v -e '^ *#' -e '^ *$' exim4.conf.template |wc -l
657
  • Not yet supported by SElinux policies in Debian

  • Single binary doesn't allow for security isolation
  • From exim manual: Though Exim is 8-bit clean, it is not a protocol converter, and it takes no steps to do anything special with messages received by this route. Consequently, 8BITMIME option is turned off by default.
  • Exim4 uses gnutls for providing TLS. The maintainer finds gnutls no ready for such usage. The GNUTLS upstream disagrees and has provided active help. Upstream uses OpenSSL, which is not gpl (but exim allows linking it). Nevertheless the openssl/exim combination might prove problematic when linking other gpl stuff in.

  • Has not been certified by any 3rd party for security (has had 7 CVEs issued in the last 8 years, and 4 DSAs)
  • Doesn't have a scheduler, limiting load robustness

Postfix

All 5 options supported:

  • No configuration:
    • Should be chosen to leave the current configuration unchanged.
  • Internet site:
    • Mail is sent and received directly using SMTP.
  • Internet with smarthost:
    • Mail is received directly using SMTP or by running a utility such as fetchmail. Outgoing mail is sent using a smarthost.
  • Satellite system:
    • All mail is sent to another machine, called a 'smarthost', for delivery.
  • Local only:
    • The only delivered mail is the mail for local users. There is no network.

Notable points:

  • Core development principle: security (Recently certified alongside 11 other projects in the most secure rung by Coverity, has had 3 CVE's issued in the last 8 years, only requiring 2 DSAs)

  • Core development principle: speed and efficiency (Given SSD disk, 1Gbps network, 4x Opteron Server postfix can do over 2,000 messages per second, and over 7 million messages per hour)
  • Core development principle: modular (if 7 million messages/hr is too slow, the queue manager can be split into multiple processes that read messages from the incoming queue and a simpler scheduler can be isolated that doesn't spend time reading queue files)
  • Has an in-memory scheduler queue, enabling it to be more robust under load than exim and sendmail. Sendmail 8 does have a scheduler if you use the right "Delivery" mode, however it is very simple and not 'instantaneous', Postfix's queue manager handles parallel processing of distinct remote and local destinations in a single multi-recipient email.
  • Has advanced connection-rate, load and rate limit throttling, also per destination delivery concurrency knobs
  • Has pre-allocated in-memory queue groups instead of expensive on-disk queues
  • Has parallel delivery for multiple transports as well as by destination within each transport
  • Simple configuration
  • Wide community support outside of Debian, very popular with other distributions and is very active upstream
  • Modular binary design provides lowest privilege set needed to fulfill its task.

$ postconf |wc -l
532

Negative points:

  • Although there are many small binary daemons involved in running postfix, the memory footprint is larger than exim4
  • SMTP-AUTH server and clients require external programs and may require hassle to work with chroot.
  • (opinion) I think debconf question is easier for user with exim4.
  • (opinion) Smart hostname entry dialog (450787)

  • (opinion) Smarthost set up and myorigin (434262)

Sendmail

Positive points:

  • Someone please fill this in

Negative points:

  • Difficult configuration
  • No parallel processing of distinct remote destinations in a single multi-recipient email.
  • No parallel processing of of multiple local recipients in a single multi-recipient email.
  • Broken "QueueLA" or "RefuseLA", these always compound load issues leading to congestive collapse. And Sendmail's connection rate throttling is either not useful (see below) or overly aggressive.
  • Sendmail lacks a queue manager. If you don't use "Queue-Only" scheduling, there is no effective control over delivery concurrency and both the local and remote systems will be overloaded. Queue-Only is unacceptably slow. The load and rate limits work poorly.
  • Sendmail uses two queue files for each message, this doubles I/O cost. It also creates various "xf", "tf", and other temporary files during delivery that also increase disk I/O cost.

Ssmtp

  • No local mail. -> Not good enough.

According to the documentation:

This is sSMTP, a program that replaces sendmail on workstations that should send their mail via the departmental mailhub from which they pick up their mail (via pop, imap, rsmtp, pop_fetch, NFS... or the like). This program accepts mail and sends it to the mailhub, optionally replacing the domain in the From: line with a different one.

Nullmailer

* No local mail. -> Not good enough.

According to the documentation:

Nullmailer is a replacement MTA for hosts, which relay to a fixed set of smart relays. It is designed to be simple to configure and especially useful on slave machines and in chroots.

The sendmail interface of this package doesn't provide the -bs switch, hence it's not LSB compatible!

  • AUTH supported
  • No TLS/SSL?

Benchmark run

Since I do not care about delivery speed, I compare memory foot print etc. Basically, both of them are small in comparison to one xterm or fetchmail.

Running postfix

USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
109       3186  0.0  0.2 116756  2480 ?        S<s  09:29   0:02 /usr/bin/fetchmail -f /etc/fetchmailrc --pidfile /var/run/fetchmail/fetchmail.pid -d 300 --syslog
root      3527  0.0  0.2  36692  2280 ?        Ss   09:29   0:00 /usr/lib/postfix/master
postfix   3535  0.0  0.2  38788  2316 ?        S    09:29   0:00 qmgr -l -t fifo -u
postfix   3710  0.0  0.3  41244  3096 ?        S    09:29   0:00 tlsmgr -l -t unix -u -c
postfix  23008  0.0  0.2  38748  2180 ?        S    21:08   0:00 pickup -l -t fifo -u -c
  • RSS: resident set size, the non-swapped physical memory that a task has used (in kiloBytes).
  • VSZ: virtual memory size of the process in KiB

Switch: postfix -> exim4

--\ Packages being automatically installed to satisfy dependencies
ciA  exim4-base                                    +1675kB <none>     4.68-2    
ciA  exim4-config                                  +1004kB <none>     4.68-2    
ciA  exim4-daemon-light                            +922kB  <none>     4.68-2
--\ Packages being deleted due to unsatisfied dependencies
id   postfix                                       -2830kB 2.4.6-1    2.4.6-1   
--\ Packages to be installed
ci   exim4                                         +57.3kB <none>     4.68-2    
--\ Packages to be removed
id   postfix-doc                                   -2933kB 2.4.6-1    2.4.6-1   

Running exim4

exim4-base contains many documentation in text. So it is really, exim4-config + exim4-daemon-light.

USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
100      25758  0.0  0.1  41324  1008 ?        Ss   22:14   0:00 /usr/sbin/exim4 -bd -q30m
109      25805  0.0  0.2 116760  2452 ?        Ss   22:15   0:00 /usr/bin/fetchmail -f /etc/fetchmailrc --pidfile /var/run/fetchmail/fetchmail.pid -d 300 --syslog

Wow, exim4 is smaller.

Switch: exim4 -> postfix

--\ Packages being automatically installed to satisfy dependencies              
ciA  postfix                                       +2830kB <none>     2.4.6-1   
--\ Packages being deleted due to unsatisfied dependencies
idA  exim4-config                                  -1004kB 4.68-2     4.68-2    
idA  exim4-daemon-light                            -922kB  4.68-2     4.68-2    
--\ Packages to be installed
pi   postfix-doc                                   +2933kB <none>     2.4.6-1   
--\ Packages to be removed
ip   exim4                                         -57.3kB 4.68-2     4.68-2    
ipA  exim4-base                                    -1675kB 4.68-2     4.68-2    
ip   exim4-doc-html                                -3465kB 4.67-1     4.67-1    
id   exim4-doc-info                                -598kB  4.67-1     4.67-1    

Popularity

Popcon report and install size

List of MTA (V for vote, I for installing per cent of popcon reports):

package

popcon %

size kiB

capability

exim4-daemon-light

V:57, I:72

900

full

postfix

V:12, I:14

2764

full

exim4-daemon-heavy

V:1.8, I:2

1016

full

sendmail-bin

V:1.6, I:1.7

2032

full

nullmailer

V:0.6, I:0.7

432

light

ssmtp

V:0.7, I:0.9

8

light

nbsmtp

V:0.2, I:0.3

120

light

courier-mta

V:0.2, I:0.2

3972

full

xmail

V:0.14, I:0.18

776

light

masqmail

V:0.07, I:0.09

560

light

esmtp

V:0.07, I:0.18

156

?

esmtp-run

V:0.04, I:0.08

8

?

smail

V:0.04, I:0.04

1728

full

msmtp

V:0.2, I:0.5

324

light

msmtp-mta

V:0.06, I:0.09

80

light

Due to default nature of exim4 over postfix, exim4 runs mostly on many Debian popcon participants. The exim4-daemon-light beats postfix, almost 5:1 .

exim4-daemon-heavy is only 12% bigger than exim4-daemon-light but less than 50% of postfix size. exim4-conf is needed and this doubles these exim4 install sizes. Thus all these 3 are about the same size.

Only ssmtp has significant size advantage. Both exim4 nor postfix are not so big and they come with fat documentation.

Debian servers

service

MTA

BTS

rietz.debian.org with local (Exim 4.50)

LISTS

murphy.debian.org (Postfix)

Debian testing watch

franck.debian.org with local (Exim 4.72)

,, 2nd step (PTS?)

puccini.debian.org (Postfix)

Mailing list posters

Quick random sampling from the d-i, d-d lists etc. to check what softwares are described in the mail header for knowledgeable people. (November 11, 2007.)

list

person

MUA

MTA

debian-boot

Gürkan Sengün <gurkan@linuks.mine.nu>

Thunderbird 2.0.0.6 (X11/20070728)

wiggis.ethz.ch (Postfix)

debian-boot

Holger Levsen <holger@layer-acht.org>

KMail/1.9.5

alpha.holgerlevsen.de (Postfix)

debian-devel LSB-ize

Daniel Baumann <daniel@debian.org>

Mozilla-Thunderbird 2.0.0.6 (X11/20071009)

mail.unable-to-package.org (Postfix)

debian-boot

Josselin Mouette <joss@debian.org>

Evolution 2.12.0

diva.malsain.org with esmtpsa (SSL 3.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.63)

debian-boot

Steven Demetrius <steven.demetrius@fiwwi.com>

Icedove 1.5.0.12 (X11/20070607)

host183.canaca.com with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.68)

debian-devel LSB-ize

Marc Haber <mh+debian-devel@zugschlus.de>

Forte Agent 1.8/32.548

scyw00225.scy001.de with smtp (Exim 4.68)

debian-boot

Robert Munyer <5082149469@spambob.net>

KMail/1.7.1

smtp.afn.org (8.14.0/8.14.0) with ESMTP id lA2Cun7l001170;

debian-boot

Alexander <alex.golovin@mail.ru>

Evolution 2.6.3

external ISP

debian-boot

Andrew Reid <reidac@bellatlantic.net>

KMail/1.9.5

external ISP

debian-boot

"BRIAND, Michel M" <michel.m.briand@airbus.com>

Evolution 2.10.3

external ISP

debian-boot

Frans Pop <elendil@planet.nl>

KMail/1.9.7

external ISP

debian-devel mlocate

Josh Triplett <josh@freedesktop.org>

Mozilla-Thunderbird 2.0.0.6 (X11/20071009)

external ISP

debian-devel

Luk Claes <luk@debian.org>

Mozilla-Thunderbird 2.0.0.6 (X11/20071009)

external ISP

--

--

--

--

debian-boot

Bastian Blank <waldi@debian.org>

Mutt/1.5.13 (2006-08-11)

wavehammer.waldi.eu.org (Postfix, from userid 1000)

debian-boot

Charles Plessy <charles-debian-nospam@plessy.org>

Mutt/1.5.13 (2006-08-11)

kunpuu.plessy.org (Postfix, from userid 1000)

debian-boot

Christian Perrier <bubulle@debian.org>

Mutt/1.5.16 (2007-06-11)

mykerinos.kheops.frmug.org (Postfix, from userid 1000)

debian-boot

dann frazier <dannf@debian.org>

Mutt/1.5.16 (2007-06-11)

krebs (Postfix, from userid 20800)

debian-boot

Geert Stappers <stappers@stappers.nl>

Mutt/1.5.16 (2007-06-11)

gpm.stappers.nl (Postfix, from userid 1000)

debian-boot

Joey Hess <joeyh@debian.org>

Mutt/1.5.16 (2007-06-11)

kodama.kitenet.net (Postfix, from userid 1000)

debian-boot

Kurt Roeckx <kurt@roeckx.be>

Mutt/1.5.16 (2007-06-11)

intrepid.roeckx.be (Postfix, from userid 1000)

debian-boot

Martin Michlmayr <tbm@cyrius.com>

Mutt/1.5.16 (2007-06-11)

deprecation.cyrius.com (Postfix, from userid 1000)

debian-boot

Otavio Salvador <otavio@debian.org>

Gnus/5.11 (Gnus v5.11) Emacs/22.0.95 (gnu/linux)

nullmailer pid 32489 invoked by uid 1000 -> freedom.ind.br (Postfix)

debian-boot

Sam Couter <sam@couter.id.au>

Mutt/1.5.16 (2007-06-11)

laptop.tekno.house (Postfix, from userid 1000)

debian-devel CUPS

Steve Langasek <vorlon@debian.org>

Mutt/1.5.13 (2006-08-11)

dario.dodds.net (Postfix, from userid 1000)

debian-devel CUPS

Bernd Zeimetz <bernd@bzed.de>

Mozilla-Thunderbird 2.0.0.6 (X11/20071009)

mail.recluse.de (Postfix)

debian-devel CUPS

Russ Allbery <rra@debian.org>

Gnus/5.110006 (No Gnus v0.6) Emacs/21.4 (gnu/linux)

windlord.stanford.edu (Postfix, from userid 1000)

debian-devel CUPS

Joey Hess <joeyh@debian.org>

Mutt/1.5.17 (2007-11-01)

kodama.kitenet.net (Postfix, from userid 1000)

debian-devel

Raphael Hertzog <hertzog@debian.org>

Mutt/1.5.16 (2007-06-11)

soleymieux.ouaza.com (Postfix, from userid 1000)

debian-devel

Clint Adams <schizo@debian.org>

Mutt/1.5.16 (2007-06-11)

acolyte.scowler.net (Postfix, from userid 1000)

debian-project

Joerg Jaspert <joerg@debian.org>

Gnus/5.110007 (No Gnus v0.7) Emacs/22.1 (gnu/linux)

ganneff.de (Postfix)

debian-boot

Davide Viti <zinosat@tiscali.it>

Mutt/1.5.17 (2007-11-01)

zino by localhost with local (Exim 4.68)

debian-boot

Robert Millan <rmh@aybabtu.com>

Mutt/1.5.13 (2006-08-11)

rmh by thorin with local (Exim 4.63)

debian-devel mlocate

Adeodato Simó <dato@net.com.org.es>

Mutt/1.5.17 (2007-11-01)

from userid 1000 by plumber with local (Exim 4.68)

debian-devel LSB-ize

Hamish Moffatt <hamish@debian.org>

Mutt/1.5.17 (2007-11-01)

hamish by noddy.cloud.net.au with local (Exim 4.68)

debian-devel LSB-ize

Wouter Verhelst <wouter@debian.org>

Mutt/1.5.16 (2007-06-11)

wouter by grep.be with local (Exim 4.68)

debian-devel

Lionel Elie Mamane <lionel@mamane.lu>

Mutt/1.5.16 (2007-06-11)

master by capsaicin.mamane.lu with local (Exim 4.68)

debian-devel

"Francesco P. Lovergine" <frankie@debian.org>

Mutt/1.5.16 (2007-06-11)

frankie by localhost.localdomain with local (Exim 4.68)

debian-devel

Florian Weimer <fw@deneb.enyo.de>

???

fw by deneb.enyo.de with local (Exim 4.68)

debian-user

Dirk Eddelbuettel <edd@debian.org>

VM 7.19 under Emacs 21.4.1

ron.nulle.part with local (Exim 4.67)

debian-user

John Hasler <jhasler@debian.org>

Gnus/5.11 (Gnus v5.11) Emacs/22.1 (gnu/linux)

john by toncho.dhh.gt.org with local (Exim 3.36 #1 (Debian))

debian-user

Steve Kemp <skx@debian.org>

mutt-ng/devel-r804 (Debian)

steve by skx.xen-hosting.net with local (Exim 4.63)

debian-project

Ian Jackson <ian@davenant.greenend.org.uk>

VM 7.03 under Emacs 19.34.1

ian by davenant.greenend.org.uk with local (Exim 3.36 #1)

debian-project

Josip Rodin <joy@entuzijast.net>

Mutt/1.5.13 (2006-08-11)

joy by keid.carnet.hr with local (Exim 4.63)

debian-project

Marc 'HE' Brockschmidt <he@ftwca.de>

Gnus/5.110006 (No Gnus v0.6) XEmacs/21.4.20 (linux)

pindar.localnet with esmtp (Exim 4.68)

debian-project

Stephen Gran <sgran@debian.org>

Mutt/1.5.13 (2006-08-11)

steve by hadrian.lobefin.net with local (Exim 4.63)

debian-boot

Jim Paris <jim@jtan.com>

Mutt/1.5.13 (2006-08-11)

neurosis.jim.sh (8.13.8/8.13.8/Debian-2)

debian-devel LSB-ize

Andreas Tille <tillea@rki.de>

PINE?

m2.fw.bln.ivbb.bund.de (8.13.8/8.13.8)

debian-devel LSB-ize

Manoj Srivastava <srivasta@debian.org>

Gnus/5.110007 (No Gnus v0.7) Emacs/23.0.50 (gnu/linux) (x86_64-unknown-linux-gnu)

anzu.internal.golden-gryphon.com (8.14.2/8.14.2/Debian-1)

debian-user

Daniel Burrows <dburrows@debian.org>

Mutt/1.5.17 (2007-11-01)

leafsmtp

debian-boot

Felipe Augusto van de Wiel <faw@funlabs.org>

Mutt/1.5.13 (2006-08-11)

qmail 12732 invoked by uid 1000

--

--

--

--

debian-devel mlocate

Andreas Metzler <ametzler@downhill.at.eu.org>

tin/1.9.2-20070201 ("Dalaruan") (UNIX) (Linux/2.6.22-3-amd64 (x86_64))

local (Gmexim 0.1 (Debian))

debian-devel LSB-ize

Petter Reinholdtsen <pere@hungry.com>

Gnus/5.1008 (Gnus v5.10.8) Emacs/21.4 (usg-unix-v)

saruman.uio.no with local (Gmexim 0.1 (Debian))

--

--

--

--

debian-boot

Steve Langasek <vorlon@debian.org>

devscripts

minbar.dodds.net (Postfix, from userid 1000)

debian-boot

Wolfgang Schnitker <wolfgang.schnitker@gmx.de>

reportbug 3.31

rocket2.schnitti.de (Postfix, from userid 1000)

debian-devel

Nico Golde <nico@ngolde.de>

netcat 1.10

ngolde.de (Postfix, from userid 1000)

debian-project

MJ Ray <mjr@phonecoop.coop>

Heirloom mailx 12.2 01/07/07

nail.towers.org.uk (Postfix, from userid 1000)

debian-boot

"Dr. David Alan Gilbert" <linux@treblig.org>

reportbug 3.31

mx.treblig.org with local (Exim 4.63)

debian-boot

Kumar Appaiah <akumar@ee.iitm.ac.in>

reportbug 3.39

kumar by localhost.localdomain with local (Exim 4.67)

debian-boot

Nis Martensen <nis.martensen@eev.tu-darmstadt.de>

reportbug 3.31

nmartensen by pc23.eev.e-technik.tu-darmstadt.de with local (Exim 4.63)

--

--

--

--

debian-boot

Steve Kleene <skdeb@syrano.acb.uc.edu>

???

syrano.acb.uc.edu (8.13.8/8.13.8/Submit)

For mutt/Gnus users both exim4 and postfix are quite popular to run on local machines (smart host with internet or satellite). They are 1:1 ratio.

For GUI MUA, many do not seem to use local MTA but connect to remote ISP or their own server directly. (possibly they have some dummy MTA on workstation.)

d-i folks seems to like postfix more.