Sendmail vs. Qmail: A Rational Comparison

By: William Wong
Friday, March 24, 2000 01:01:48 AM EST
URL: http://www.linuxplanet.com/linuxplanet/reviews/1640/1/

Delivering the Mail

Eric Allman's sendmail moves the bulk of email through the Internet. As the premier mail transport agent (MTA) using SMTP (Simple Mail Transfer Protocol), sendmail can be found in every major Linux distribution. However, sendmail is not without competitors, and perhaps the most prominent is qmail, developed by Dan Bernstein. Of the many alternative MTAs for Linux, we take a look at sendmail and qmail to see why you might choose one over the other. Both are available as Open Source software at no cost, making the initial price a non-issue, but other costs, discussed later, may come into play.

In general, sendmail has some significant advantages. It is very mature, being one the of oldest MTAs around. Its wide use and availability has given rise to a vast pool of experienced sendmail administrators and consultants. It is also one of the better documented applications, with books like O'Reilly's sendmail book written by Bryan Costales with Eric Allman. There are also extensive online tutorials, FAQ files and other resources. This documentation is important for handling the vast array of features in sendmail.

Of course, it has some disadvantages. Its feature list is only rivaled by the complexity of its configuration file. The use of the m4 macro processor makes generation of the sendmail.cf configuration file significantly easier, but grasping all the options can be daunting. Sendmail has also had some security problems in the past, making it imperative that the latest updates are applied. Sendmail's popularity has made it the target of attacks, which is both an advantage and disadvantage: it means security issues are exploited quickly, but also leads to a more secure product in the long run. The other issue is that sendmail is often configured with minimal security by default, making it easy to set up but open to attack. If using sendmail then make sure you know what options you have turned on.

Qmail is less complex, but typically has more than enough features for most users. Sendmail is like office applications where 80 percent of the features are rarely or never touched by most users. This allows qmail to easily fit where sendmail might be considered, because qmail includes the more popular and useful features. In fact, qmail comes with more built-in modules than sendmail, including POP3 support. Qmail also includes features found in sendmail, such as masquerading of hosts and users, virtual domains, downed host backoffs and much more. Qmail's simpler environment also makes configuration easier.

Qmail is considered to be more secure and more efficient that sendmail. While I have not made an empirical study, sites that have switched from sendmail to qmail have reported better throughput and reliability. A regular Pentium can handle 200,000 message per day.

Qmail's source code is significantly easier to understand for those interested in checking out the innards. Qmail has also been very resistant to security attacks. It has not been unassailable, but it has fewer security related updates than sendmail. There is even an outstanding offer of $1,000 for the person who breaks into qmail through qmail. (No luck or bucks if you come in through another Linux security hole.) One example of qmail's approach to security is that only two qmail applications run as root.

Qmail's disadvantages may not be significant to some. Qmail has good support but does not have sendmail's broad usage or pool of experienced administrators. Installation requires a number of manual steps that some sendmail installations automate. The job is not extensive and the instructions are only a couple of pages, but new administrators may shy away from this. Qmail's documentation is also less sophisticated than sendmail's. There is no one authoritative source for all its various combinations, though one is in the works.

Qmail's list of add-ons is shorter than sendmail's, though many add-ons work with any MTA including qmail. Still, experience and documentation available for add-ons is often tilted towards sendmail.

While both are excellent choices for an MTA, from my perspective, each has a place. Sites where sendmail is working well will most likely stay with it, though it's worthwhile to look at qmail if some of the features or add-ons discussed later are of interest.

Administrators setting up a new mail server should definitely consider qmail although its use should be considered with respect to other installation options. For example, some Linux distributions include automatic configuration of sendmail for basic environments. I have found that qmail is best when setting up a mail server on an existing system. I would definitely consider qmail for systems to be managed by less experienced administrators.

Many ISPs use qmail because of security and performance considerations. While sendmail still handles the bulk of the traffic, qmail has made some inroads.

Support, Add-Ons

Sendmail has the commercial support of sendmail.com (the company founded by sendmail developer Allman), which also makes the free version available at www.sendmail.org. The commercial version includes better documentation and additional configuration tools that streamline setup and management. Sendmail.com also has a number of other products, such as secure mail switches and versions for non-UNIX platforms. Fee-based tech support is also available.

There are also several consulting groups that provide sendmail support for a fee. Sendmail has an extensive informal support structure throughout the Internet, with web sites and mailing lists being maintained by individuals and groups using it. The answer to almost any sendmail question is out on the Net if you can find it.

Qmail has a more limited support infrastructure, starting with the author, but support seems to be less of an issue given qmail's easier configuration and management. There are a few companies supporting qmail, such as inter7.com, which also provides free qmail add-ons, including a web-based management tool called QmailAdmin and virtual domains support through vpopmail. There is even a web-based client interface called SqWebMail.

Add-ons
Sendmail is only an MTA. It will accept incoming mail via SMTP and it can send outgoing mail using the same protocol. Sendmail requires third-party mail-delivery agents (MDA) like procmail to deliver local mail to local mail directories. Mail user agents (MUA) like the mail application are needed by a user to send and receive mail. These applications are normally used to create and view mail as well. The basic sendmail model applications access mail queues directly from disk.

Sendmail requires other components to provide remote mail pickup using POP3 or IMAP protocols. In this case, it must be complemented with additional applications like imapd. It works with a variety of other applications as well. Qpopper can pick up mail using POP3 and deliver it to sendmail, and is useful where incoming mail will be picked up via Qpopper instead of being sent via SMTP. Qpopper is often used, e.g., on dial-up mail servers. Fetchmail is another popular mail delivery tool.

Sendmail also works with tools like majordomo, the quintessential mailing list manager. There are even management and monitoring tools like the web-based SWAT (Sendmail web administration tool) by Michael Hasenstein. SWAT, similar to the SWAT used with Samba, could use some security improvements but can make an administrator's job easier when setting up sendmail.

This plethora of options is one of the reasons for sendmail's popularity. It can also be rather confusing, as getting the right versions for all the components can get daunting for complex environments.

Qmail, on the other hand, incorporates more into the core system so administrators will not have to go looking for so many components. For example, the qmail-pop3d daemon that comes with qmail provides POP3 client access. Local mail delivery is handled by qmail-local. Qmail can be used with many applications normally designed for sendmail like qpopper, but often their configuration information is tilted towards sendmail.