(a.k.a. IBM Secure Mailer, previously known as VMailer) At the time of writing, Postfix is at Beta version 19981230.
What the package does
A replacement for Sendmail which aims to be fast, secure and easy to configure.
Costs
Open source. However IBM can require you to destroy copies of Postfix in the event of an intellectual property claim, where no other alternative action exists.
Pre-requisites
A UNIX system, make and a C compiler.
Installation
There is no automated installation procedure as the author feels that Postfix is sufficiently complex, and UNIX systems sufficiently different, to make an out-of-the box procedure difficult. However, the installation is well documented and easy to follow.
You need to obtain the source files and then build using the supplied Makefile. A new user and group need to be added to the system.
Once you have finished building Postfix, you need to copy the compiled files to their permanent home. After this final tasks depend on how you wish to use Postfix. There are three choices.
- Send mail only, without changing an existing Sendmail installation.
- Send and receive mail via a virtual host interface, still without any change to an existing Sendmail installation.
- Replace Sendmail altogether.
Comprehensive instructions are given for each choice and take only a few minutes to complete.
Configuration
Postfix is configured from a file called /etc/postfix/main.cf , the mandatory edits are documented within the installation instructions and involve setting the installation directory and the local addresses. Other options are well documented within main.cf .
Postfix is virtually drop-in compatible with Sendmail. Unlike qmail, no changing of the .forward files is required.
Package availability
Source file freely available from sites listed at http://www.porcupine.org/ftp-sites.html
Security Implications
One potential DoS attack exists due to a world-writable maildrop directory, the current Beta includes instructions on how to make changes to avoid this, involving a small set-gid program.
Postfix is designed to be secure and uses no set-uid or set-gid programs (other than that indicated above). It generally distrusts everything, including itself.
Known Alternatives
Sendmail, Qmail, Exim.
Postfix is claimed to be faster than all these, and easier to configure. It is certainly much easier to configure than Sendmail, the only alternative with which I have experience.
Another advantage that people may appreciate is the lack of DJB[1], something which can put people off qmail.
[1] Dan Bernstein, the author of qmail.
Platforms
Pretty much any UNIX system.
Languages Supported
SMTP
Documentation
The software is well documented, including man pages and html files. The configuration file is well documented internally.
Performance
Faster than Sendmail, and (in one test by DJB at least) about the same speed as qmail. However Postfix will use more memory than qmail due to it's design.
Support
No commercial support is currently available. The only support is through the postfix mailing lists, details at http://www.postfix.org
Web site addresses
Comments
Postfix was created by Wietse Venema, author of TCP Wrapper, and co-author of SATAN. The development was supported by IBM, however it abstains from control over its evolution.
Postfix was simplicity itself to install on my systems (FreeBSD 3.0-Release, Redhat Linux 4.2). Replacing Sendmail was a simple task, and configuration was a joy (compared to sendmail.cf).
Originally published in news@UK, Volume 8, Number 1, March 1999.