[Cryptography] Simpler programs?

Bill Frantz frantz at pwpconsult.com
Sun Apr 20 10:12:52 EDT 2014 

On 4/18/14 at 10:25 AM, cryptography at dukhovni.org (Viktor 
Dukhovni) wrote:

>On Fri, Apr 18, 2014 at 08:54:00AM -0700, Bill Frantz wrote:
>
>>One question that might shed light on the marketing problem: Why hasn't
>>Postfix completely displaced Sendmail? Perhaps some of the Postfix people
>>have some insights.
>
>A major impediment to displacing Sendmail in businesses is that
>Postfix has no sales organization and no commercial support.  Some
>companies want to pay somebody (will somebody *please* take our
>money) to feel that they are "supported".
>
>Also, Postfix is not delivered in the form-factor that businesses
>expect these days, which is as an "appliance", with a web-UI for
>management and an integrated vertical stack of anti-spam filters,
>data-leakage detection, anti-virus scanners, ...
>
>Hence, Sendmail appliances, Cisco Ironport appliances, Symantec
>Appliances, ...
>
>As for MTAs in open source O/S distributions, Sendmail has largely
>been displaced, roughly in order of "popularity":
>
>- Exim is the default MTA on Debian and Ubuntu
>
>- Postfix is the default MTA on RedHat, NetBSD and MacOSX
>
>- Sendmail is the default MTA on FreeBSD and OpenBSD
>
>My sense is that while Exim is on more systems, Postfix handles
>more mail, but whichever way the numbers break, each substantially
>outnumbers the open-source Sendmail install base.
>
>...  Exim has a built-in macro language with
>conditionals and uses it for all kinds of content inspection and
>policy extensions.  People who want built-in flexibility tend to
>choose Exim as a more modern alternative to Sendmail.  Exim is not
>as secure by design as Postfix, and its vulnerability history
>reflects that.  And yet it is at least by some (if not all) measures
>the more popular of the two.
>
>Getting back to security, I think that Postfix is used primarily
>because its configuration is human-readable and what it does, can
>be done without resorting to a Turing-complete customization
>language, though content filter and milter support pushes that
>problem out to the extension interface.  The fact that Postfix has
>a sound security architecture motivates only a minority of users.
>
>Also the formerly endless series of Sendmail security advisories
>seem to have dried-up, IIRC NetBSD switched to Postfix as a result
>of frustration with the constant advisories right after the last
>substantive Sendmail advisory.

The lesson I read from this story is that in general familiarity 
trumps better when better means fewer bugs and/or better 
security[1]. However, if people suffer for long enough from the 
bugs, then they will change. However features can be worth more 
than reliability.

[1] I have long contended, and continue to contend that 
reliability and security are two sides of the same coin. You 
can't have one without the other. It's nice that freedom from 
crashes also makes you safer.

Cheers - Bill

-----------------------------------------------------------------------
Bill Frantz        | "The only thing we have to   | Periwinkle
(408)356-8506      | fear is fear itself." - FDR  | 16345 
Englewood Ave
www.pwpconsult.com | Inaugural address, 3/4/1933  | Los Gatos, 
CA 95032

More information about the cryptography mailing list