> I was quite dismayed to find both sendmail and postfix included in
> -current.  I can imagine arguments for including one MTA, or none, but
> two of them?  Can someone please explain the rationale behind this?


because they're two different tools, intended for very different
uses.   sendmail is a very general MTA, intended to relay mail between
systems that use god-knows-what for addressing and delivery
mechanisms.   it's a glue utility.   postfix is an RFC822-compliant SMTP
server, and nothing else.

sendmail has been around forever, and most mailserver admins have had to
become familiar with it at some point or another.   in recent years,
though, the proliferation of TCP/IP networking and pure-SMTP email
networks has made the need for a general glue utility less
important.   sysads run sendmail because they've always run sendmail, even
though the only part that's being used any more is the bit that does
simple SMTP-SMTP transfers.

that leads to some problems, because sendmail has never pretended to be
RFC822-compliant, and its size and complexity contain some well known
security holes.   frankly, as pure-SMTP servers go, sendmail isn't all
that great.


postfix was developed by Weitse Venema (as in: "bow down before the great 
god of unix network security, Weitse Venema") to address the need for a
simpler, trustworthy, efficient, pure-SMTP MTA that's reasonably
compatible with the huge number of existing sendmail installations.

from everything i've seen and heard, postfix is a pretty darned good
package.   the code is clean and well written, it's easy to install and
configure, and administration seems to be nice and simple.   it also seems
to be free of the dubious code issues and personal politics of other
pure-SMTP development efforts, so endorsing it isn't too much of a
challenge.. heck, it's from the same guy whose tcp wrappers were
incorporated into the NetBSD version of inetd.


in the long run, it's likely that postfix will take over the niche
currently filled by sendmail.   right now, though, we're in a state of
transition.   bundling both sendmail and postfix is a reasonably quiet and
non-intrusive way to help the migration along.   there'd be cries of
outrage if sendmail was unbundled, but if postfix was left as a "get it
yourself" option, most people would never install it.   the situation
would be analogous to putting Netscape on a Win95 machine.. you can, but
why bother?

so.. sendmail is there because it's a bit out of date, but nobody wants to
be assasinated for taking it out.   postfix is there because it's a better
tool for the current environment, and will spread more quickly if it's
part of the distro.


personally, i'm afraid i find your use of the word 'dismay' puzzling.. the
purpose of bundling is to give users a reasonable selection of useful
software 'right out of the box'.   if you don't want to use one or the
other (or either), don't.   they'll be right at home with all the other
bundled packages that rarely get used.. /usr/sbin/zzz and most of the RPC
daemons, for instance.





mike stone
.