[SATLUG] Setting up email server

[Brad Knowles]

On 9/1/07, Patrick P wrote:

>  I missed the question, but I have the following input to add. Qmail is
>  the most secure smt server.

I think many people would disagree on the security side. 
Unfortunately, qmail is difficult to install and depends on many 
other "dan-ware" components in order to run, and you have to get all 
those other components working correctly in order to have a 
functioning mail server -- never mind secure.  In addition, qmail is 
extremely obtuse and difficult to understand and manage, although I 
imagine that once you've drunk the "dan-aide", everything "dan-like" 
becomes trivially easy for you to do.  More over, qmail has not been 
updated in years, many patches from third-parties have to be 
integrated in order to make a reasonably modern mail server, and 
comes with a software license that is known to be fundamentally 
incompatible with both Free Software and Open Source.

I wouldn't call that "secure", nor would I consider that to be 
desirable in an environment where you are likely to actually care 
about things like the license you have to agree to for the software 
you're going to use.


If you want something that is secure and is free from pretty much all 
of these problems, you want to look at postfix instead.  The security 
model for postfix is mutually distrustful programs that all operate 
at the least possible privilege, a basic security concept that even 
qmail violates.

Not only is it a pretty much complete drop-in replacement for 
sendmail, the configuration file reads more like English than 
anything else I've ever seen for any other software I've ever 
encountered, and you can have a truly useful and complete mail server 
installation with a configuration file that is just two lines long -- 
everything else is taken from reasonable built-in defaults that are 
defined at compile time.

Generally speaking, the build-from-source process for postfix will 
detect and automatically configure for use all the various supported 
database types that you've already got installed on your system, and 
whatever other components you have that postfix might be able to make 
use of, through the gnu autoconf facility.

>  Qpopper is very easy to install and setup for pop3 -
>  http://www.eudora.com/products/unsupported/qpopper/index.html

Unfortunately, Qualcomm seems to be killing off all their various 
software packages they've supported over the years, and QPopper has 
been dormant for a long time before they made that decision.

These days, I wouldn't install a POP3-only mail server.  Instead, I'd 
go for one that could do both IMAP and POP3, and Dovecot seems to be 
reasonably well regarded in the field.

>  Horde is great for webmail if you want your users to have all of the bells
>  and whistles. Squirrelmail is great if you want something lightweight.

When we looked at IMP/Horde, we decided that it depended far too much 
on Javascript to do anything useful for us.  In contrast, TWIG could 
make use of Javascript if it was available, but the functionality was 
still mostly there for clients that didn't have Javascript or where 
Javascript was turned off.

I can't speak for Squirrelmail, although I've heard good things about it.

-- 
Brad Knowles <brad at shub-internet.org>
LinkedIn Profile: <http://tinyurl.com/y8kpxu>