pavement

Postfix

From FreeBSDwiki
Revision as of 05:18, 4 September 2007 by DrModiford (Talk | contribs)
Jump to: navigation, search

Postfix is an MTA (mail transfer agent) that is intended to be a replacement of the default Sendmail MTA used on many Unix and Unix-like platforms, including FreeBSD. Postfix is considered to be a faster, easier to manage and more secure then Sendmail. It also has the advantage of using the same configuration file options that Sendmail uses to simplify migration and reduce the need to learn a new system.

Origins

Postfix began as a program called VMailer and later became IBM Secure Mailer before being released as Postfix in 1999 under the IBM Public License 1.0. This license makes Postfix free software but is not compatible with the GPL. It continues to be actively developed and has its own website.

Features

Postfix has the following features (taken from the Wikipedia entry for Postfix).

  • Transport Layer Security (TLS)
  • delegation of SMTP policies to an external process (this allows Greylisting) and advanced content filtering.
  • different databases for maps: Berkeley DB, CDB, DBM, LDAP, MySQL and PostgreSQL.
  • mbox-style mailboxes, Maildir-style mailboxes, and virtual domains.
  • address rewriting (envelope and header), VERP, SMTP-AUTH via SASL, and much more.
  • Milter [1] support
  • can be compiled on AIX, BSD, HP-UX, IRIX, Linux, Mac OS X, Solaris, Tru64 UNIX and, generally speaking, on every Unix-like OS that ships with a C compiler, standard POSIX development libraries and all the libraries required for handling BSD sockets.

One of the strengths of Postfix is its resilience against buffer overflows. Another one is its handling of large amounts of e-mail. Postfix is built as a cooperating network of different daemons. Each daemon fulfills a single task using minimum privileges. In this way, if a daemon is compromised, the impact remains limited to that daemon and cannot spread throughout the entire system. There is only one process with root privileges (master), and a few (local, virtual, pipe) that actually write to disk or invoke external programs. Most daemons can be easily chrooted.

Personal tools