Sendmail vs. Qmail: A Rational Comparison
Delivering the Mail
Eric Allman's sendmail moves the bulk of email through the Internet. As the premier mail transport agent (MTA) using SMTP (Simple Mail Transfer Protocol), sendmail can be found in every major Linux distribution. However, sendmail is not without competitors, and perhaps the most prominent is qmail, developed by Dan Bernstein. Of the many alternative MTAs for Linux, we take a look at sendmail and qmail to see why you might choose one over the other. Both are available as Open Source software at no cost, making the initial price a non-issue, but other costs, discussed later, may come into play.
In general, sendmail has some significant advantages. It is very mature, being one the of oldest MTAs around. Its wide use and availability has given rise to a vast pool of experienced sendmail administrators and consultants. It is also one of the better documented applications, with books like O'Reilly's sendmail book written by Bryan Costales with Eric Allman. There are also extensive online tutorials, FAQ files and other resources. This documentation is important for handling the vast array of features in sendmail.
Of course, it has some disadvantages. Its feature list is only rivaled by the complexity of its configuration file. The use of the m4 macro processor makes generation of the sendmail.cf configuration file significantly easier, but grasping all the options can be daunting. Sendmail has also had some security problems in the past, making it imperative that the latest updates are applied. Sendmail's popularity has made it the target of attacks, which is both an advantage and disadvantage: it means security issues are exploited quickly, but also leads to a more secure product in the long run. The other issue is that sendmail is often configured with minimal security by default, making it easy to set up but open to attack. If using sendmail then make sure you know what options you have turned on.
Qmail is less complex, but typically has more than enough features for most users. Sendmail is like office applications where 80 percent of the features are rarely or never touched by most users. This allows qmail to easily fit where sendmail might be considered, because qmail includes the more popular and useful features. In fact, qmail comes with more built-in modules than sendmail, including POP3 support. Qmail also includes features found in sendmail, such as masquerading of hosts and users, virtual domains, downed host backoffs and much more. Qmail's simpler environment also makes configuration easier.
Qmail is considered to be more secure and more efficient that sendmail. While I have not made an empirical study, sites that have switched from sendmail to qmail have reported better throughput and reliability. A regular Pentium can handle 200,000 message per day.
Qmail's source code is significantly easier to understand for those interested in checking out the innards. Qmail has also been very resistant to security attacks. It has not been unassailable, but it has fewer security related updates than sendmail. There is even an outstanding offer of $1,000 for the person who breaks into qmail through qmail. (No luck or bucks if you come in through another Linux security hole.) One example of qmail's approach to security is that only two qmail applications run as root.
Qmail's disadvantages may not be significant to some. Qmail has good support but does not have sendmail's broad usage or pool of experienced administrators. Installation requires a number of manual steps that some sendmail installations automate. The job is not extensive and the instructions are only a couple of pages, but new administrators may shy away from this. Qmail's documentation is also less sophisticated than sendmail's. There is no one authoritative source for all its various combinations, though one is in the works.
Qmail's list of add-ons is shorter than sendmail's, though many add-ons work with any MTA including qmail. Still, experience and documentation available for add-ons is often tilted towards sendmail.
While both are excellent choices for an MTA, from my perspective, each has a place. Sites where sendmail is working well will most likely stay with it, though it's worthwhile to look at qmail if some of the features or add-ons discussed later are of interest.
Administrators setting up a new mail server should definitely consider qmail although its use should be considered with respect to other installation options. For example, some Linux distributions include automatic configuration of sendmail for basic environments. I have found that qmail is best when setting up a mail server on an existing system. I would definitely consider qmail for systems to be managed by less experienced administrators.
Many ISPs use qmail because of security and performance considerations. While sendmail still handles the bulk of the traffic, qmail has made some inroads.
- 1Linux Top 3: Fedora 24, Peppermint 7 and Solus 1.2
- 2Linux Top 3: Alpine Linux 3.4, deepin 15.2 and Linux Lite 3.0
- 3Linux 4.7 Set to Boost Live Patching, Security and Power Management
- 4Linux 4.6 Charred Weasel adds USB 3.1 Support
- 5Linux Top 3: OpenIndiana 2016.04, Ubuntu 16.04 and Debian's New Leader