Andrew Hudson - Fedora™ Unleashed, 2008 edition

Postfix has its origins as the IBM Secure Mailer, but was released to the developer community by IBM. Compared to Sendmail, it is much easier to administer and has a number of speed advantages. Postfix offers a pain-free replacement for Sendmail, and you are able to replace Sendmail with Postfix without the system breaking a sweat. In fact, when you install Postfix in place of Sendmail, applications that relied on Sendmail automatically use Postfix instead and carry on working correctly. Postfix uses a Sendmail wrapper, which deceives other programs into thinking that Postfix is Sendmail. This wrapper, or more correctly, interface, makes switching to Postfix extremely easy.

Fedora provides Postfix version 2.4, which uses a slightly different configuration than the earlier version. If you are upgrading Postfix from an earlier Fedora or Red Hat version, check your configuration files.

Fedora also now compiles Postfix and Sendmail against version 2.1 of the Cyrus SASL library (an authentication library). The Release Notes contain detailed information on file location and option changes that affect you if you use these libraries.

For enhanced security, many Postfix processes used to use the chrootfacility (which restricts access to only specific parts of the file system) for improved security, and there are no setuidcomponents in Postfix. With the current release of Fedora, a chrootconfiguration is no longer used and is, in fact, discouraged by the Postfix author. You can manually reconfigure Postfix to a chrootconfiguration, but that is no longer supported by Fedora.

If you are starting from scratch, Postfix is considered a better choice than Sendmail.

Qmail is a direct competitor to Postfix but is not provided with Fedora. Postfix is designed to be easier to use than Sendmail, as well as faster and more secure. However, Qmail isn't a drop-in replacement for Sendmail, so migrating an existing Sendmail installation to Qmail is not quite as simple as migrating from Sendmail to Postfix. Qmail is relatively easy to administer, and it integrates with a number of software add-ons, including web mail systems and POP3 servers. Qmail is available fromhttp://www.qmail.org/.

Exim is yet another MTA, and it is available using yum. Exim is considered faster and more secure than Sendmail or Postfix, but is much different to configure than either of those. Exim and Qmail use the maildirformat rather than mbox, so both are considered "NFS safe" (see the following sidebar).

Qmail also introduced maildir, which is an alternative to the standard UNIX method of storing incoming mail. maildiris a more versatile system of handling incoming email, but it requires your email clients to be reconfigured, and it is not compatible with the traditional UNIX way of storing incoming mail. You have to use mail programs that recognize the maildirformat. (Modern programs do.)

The traditional mboxformat keeps all mail assigned to a folder concatenated as a single file and maintains an index of individual emails. With maildir,each mail folder has three subfolders: /cur, /new, and /tmp. Each email is kept in a separate, unique file. If you are running a mail server for a large number of people, you should select a file system that can efficiently handle a large number of small files. mboxdoes have one major disadvantage. While you are accessing the monolithic mboxfile that contains all your email, suppose that some type of corruption occurs, either to the file itself or to the index. Recovery from this problem can be difficult. The mboxfiles are especially prone to problems if the files are being accessed over a network and can result in file corruption; you should avoid accessing mboxmail mounted over NFS, the network file system, because sudden connection loss can seriously corrupt your mboxfile.

Depending on how you access your mail, maildirdoes permit the simultaneous access of maildirfiles by multiple applications; mboxdoes not.

The choice of a mail user agent, or email client, also affects your choice of mail directory format. For example, the pineprogram does not cache any directory information and must reread the mail directory any time it accesses it. If you are using pine, maildirwould be a poor choice. More advanced email clients perform caching, so maildirmight be a good choice, although the email client cache can get out of synchronization. It seems that there is no perfect choice.

Fedora provides you with mail alternatives that have both strong and weak points. Be aware of the differences among the alternatives and frequently reevaluate your selection to make certain that it is the best one for your circumstances.

Other MTAs are available for use with Fedora, but those discussed in the preceding sections are the most popular. Which one should you choose? That depends on what you need to do. Sendmail's main strengths are that it is considered the standard and it can do things that many other MTAs cannot. However, if ease of use or speed is a concern to you, you might want to consider replacing Sendmail with Postfix, Exim, or Qmail. Because Sendmail is the default MTA included with Fedora, it is covered in more detail over the following sections.

SMTP is a server-to-server protocol that was designed to deliver mail to systems that are always connected to the Internet. Dialup systems connect only at the user's command; they connect for specific operations, and are frequently disconnected. To accommodate this difference, many mail systems also include a mail delivery agent , or MDA . The MDA transfers mail to systems without permanent Internet connections. An MDA is similar to an MTA (see the following note), but does not handle deliveries between systems and does not provide an interface to the user.

Procmail and Spamassassin are examples of MTAs; both provide filtering services to the MTA while they store messages locally and then make them available to the MUA or email client for reading by the user.

The MDA uses the POP3 or IMAP protocols for this process. In a manner similar to a post office box at the post office, POP3 and IMAP implement a "store and forward" process that alleviates the need to maintain a local mail server if all you want to do is read your mail. For example, dialup Internet users can intermittently connect to their ISPs' mail servers to retrieve mail by using Fetchmail — the MDA provided by Fedora (see the section "Using Fetchmail to Retrieve Mail," later in this chapter).

The mail user agent, or MUA, is another necessary part of the email system. The MUA is a mail client, or mail reader, that enables the user to read and compose email and provides the user interface. (It is the email application itself that most users are familiar with as "email.") Some popular UNIX command-line MUAs are elm, pine, and mutt. Fedora also provides modern GUI MUAs: Evolution, Thunderbird, Mozilla Mail, Balsa, Sylpheed, and KMail. For comparison, common non-UNIX MUAs are Microsoft Outlook, Outlook Express, Pegasus, and Eudora.

The Microsoft Windows and Macintosh MUAs often include some MTA functionality; UNIX does not. For example, Microsoft Outlook can connect to your Internet provider's mail server to send messages. On the other hand, UNIX MUAs generally rely on an external MTA such as Sendmail. This might seem like a needlessly complicated way to do things, and it is if used to connect a single user to her ISP. For any other situation, however, using an external MTA provides you much greater flexibility because you can use any number of external programs to handle and process your email functions and customize the service. Having the process handled by different applications gives you great control over how you provide email service to users on your network, as well as to individual and SOHO (small office/home office) users.