http://cr.yp.to/qmail/qmailsec-20071101.pdf
I would like to say that I am not a qmail fanatic, and Daniel J Bernstein is not a friend of mine :). Actually I remember some testy emails back in 1997/8 where I was rather brash and talking out my ass and thinking he was doing the same. However, I would like to say a couple of things nice about qmail and DJB.
- 10 years ago, while there were other email server software's.. the majority of it was sendmail, and most people used it whether they liked it or not. It basically took a lot of grok-foo to be able to understand the sendmail language, and if you got it wrong you ended up with poor security and poor performance. However, once you had 'earned' your stripes, you weren't likely to ever want to learn another email language. qmail changed that for a lot of admins... and it changed it enough that the monopoly hold was broken and things like postfix and exim got a larger mindshare than they would have 15+ years ago.
- Qmail invalidated a psychological tendency I had seen with some Unix admins to ever patch, or touch their email servers. Sendmail was hard enough to get working minimally for some people, and so patching it was out of the question. I remember one site I worked had a process that would replace any sendmail after SunOS patches with 'sendmail-working' which was basicially an unpatched version of sendmail that they knew worked from 5 years ago...
- I really would like to focus on this sentance:
"In retrospect, some of qmail's "security" mechanisms were half-baked ideas that didn't actually accomplish anything and that could have been omitted with no loss of security." The DJB of 10 years ago would not have said that... but he was getting attacked everyday for this or that. A secure coder should always be able to look back at their code and be able to say that and believe it. I would like to think that I could be able to say that someday about my code (which is perfect, has no problems, and doesnt need patching as all my ideas are perfect, no problems, and never need patching :)).