Wietse Venema’s program, Postfix, provides an alternative to Sendmail that is simpler in design, more modular, and easier to configure and administer. Equally important, it’s designed with scalability, reliability, and security as fundamental requirements.
The remainder of this chapter brings you up to speed quickly on how to use Postfix as a secure means of exchanging your network’s email with Internet hosts. In particular, I’ll focus on deploying Postfix on firewalls, in DMZs, and in other settings in which your SMTP server will have contact with untrusted systems.
I won’t go into nearly as much depth with Postfix as I just did with Sendmail. The whole point of Postfix is ease of use: you’ll have no problem figuring out how to use Postfix given little more than the documentation and example configurations included with Postfix itself.
On the one hand, since Postfix can do most of what Sendmail can, its architecture is arguably as complex or even a little more so than Sendmail’s. Postfix consists of a suite of daemons and helper applications, whereas Sendmail is essentially monolithic.
On the other hand, Postfix’s modularity actually
makes it much simpler in practice. For Mr. Venema and the others who
maintain Postfix’s code, it’s
easier to fix a bug in the SMTP daemon if that
daemon’s code is self-contained and not part of a
much larger whole. As for end users, Postfix is administered mainly
postfix command and a few others (most users only need ...