Postfix

Wietse Venema’s program, Postfix, provides an alternative to Sendmail that is simpler in design, more modular, and easier to configure and administer. Equally important, it’s designed with scalability, reliability, and security as fundamental requirements.

The remainder of this chapter brings you up to speed quickly on how to use Postfix as a secure means of exchanging your network’s email with Internet hosts. In particular, I’ll focus on deploying Postfix on firewalls, in DMZs, and in other settings in which your SMTP server will have contact with untrusted systems.

I won’t go into nearly as much depth with Postfix as I just did with Sendmail. The whole point of Postfix is ease of use: you’ll have no problem figuring out how to use Postfix given little more than the documentation and example configurations included with Postfix itself.

Postfix Architecture

On the one hand, since Postfix can do most of what Sendmail can, its architecture is arguably as complex or even a little more so than Sendmail’s. Postfix consists of a suite of daemons and helper applications, whereas Sendmail is essentially monolithic.

On the other hand, Postfix’s modularity actually makes it much simpler in practice. For Mr. Venema and the others who maintain Postfix’s code, it’s easier to fix a bug in the SMTP daemon if that daemon’s code is self-contained and not part of a much larger whole. As for end users, Postfix is administered mainly with the postfix command and a few others (most users only need ...

Get Building Secure Servers with Linux now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.