OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: qmail, from bugtraq
From: Michael H. Warfield (mhwwittsend.com)
Date: Sat Feb 05 2000 - 17:36:53 CST

On Wed, Feb 02, 2000 at 02:41:10PM -0500, Wietse Venema wrote:
> Dave Sill:
> > "Rask Ingemann Lambertsen" <rask-postfixkampsax.k-net.dk> wrote:

> > > Running a qmail system out of memory has unusual consequences. When it
> > >can't run qmail-remote to deliver messages, it will, depending your luck,
> > >the phase of the moon or just sheer randomness, treat many of these
> > >delivery failures as permanent failures, and thus bounce the messages. This
> > >won't be fixed for as long as DJB is in charge.

        This has been my experience as well.

> > I can't confirm or deny this claim, but I will assert that a system
> > vulnerable to memory starvation is poorly configured. It's easy to
> > limit qmail's memory usage, and not doing so is irresponsible.

        Which resources. I've seen QMail commit random acts of terrorism
when it runs out of memory, disk, or inodes (disk and kernel) [any others].
Its error detection and recovery really sucks. When something happens that
it doesn't like, it doesn't fail gracefully, it goes nuts. We lost a message
file out of the QMail spool on one occasion (reasons unknown - shit happens)
and it couldn't recover. Instead it spammed our log file with over 40Meg
of syslog in a few minutes complaining over and over and over about the
missing file until we shut QMail down. System performance was in the
dumper because it was perpetually writing to syslog.

> I installed qmail as per author instructions and ran my machines
> out of swap with a trivial exploit.

        Yeah, like E-Mail traffic. :-(

> Now who was the irresponsible person again?

        I've run, in my time, mmdf, smail 2.x (I wrote and smtp server/client
for smail 2.x which was UUCP only), smail 3.x, sendmail, IDA Sendmail,
QMail, and Postfix on, all total, several hundred systems (maybe over a
thousand by now).

        All of the systems I tried to run QMail on ran into problems running
out of memory, swap, inodes, and other resources, sooner or later. Problems
which I have never run into with any of these other MTAs. It got so bad
for some of our mailing list servers that we blocked access to the QMail
distribution servers with a firewall and protected them from outside
access by receiving outside mail on a nice safe Sendmail front-end system.
QMail outstrips Sendmail by orders of magnituted in delivery performance
but we learned the hard way that robustness and reliability was just the
opposite. Fortunately, Postfix seems to be just as high a performance
and appears to be robust and reliable.

        All my production QMail systems have been switched to Postfix
(the last one was converted at the end of December) and the problems
just simply went away.

        I know of numerous people who have had the same experience. I
talked with one person (a QMail proponent) at LinuxCare and compared his
experience with mine. His reaction was "Oh, you can't use it out of the
box!" He told me that you had to add on all these other contributed
patches, that Dan refused to incorporate, and then follow instructions up
on the web site... He went on and on and then finished with "then it
should run ok for you". I decided then and there that it was no longer
even worth bothering with. If it doesn't work right OOB (Out Of the Box)
and requires patching and special configuration or administration and who
knows what else then there is something seriously wrong.

        I still use sendmail on most of my systems (that may change soon).
I will never install QMail on another system I have to rely on (I may
install it on systems I do research on looking for security problems
like denial of service attacks). I would have NO hesitation, at this
point, to install Postfix on any system that is currently running sendmail
or smail. I still have a few mmdf systems still running (SCO), but
converting them to ANYTHING is a can of worms that would be appropriate
for Arrakis! It has nothing to with Postfix.

        Thank you, Wietse, for all your hard work and for a most
excellent package.

> Wietse

        Mike 

-- 
 Michael H. Warfield    |  (770) 985-6132   |  mhwWittsEnd.com
  (The Mad Wizard)      |  (770) 331-2437   |  http://www.wittsend.com/mhw/
  NIC whois:  MHW9      |  An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!