Qmail BLURB =========== qmail is a secure, reliable, efficient, simple message transfer agent. It is meant as a replacement for the entire sendmail-binmail system on typical Internet-connected UNIX hosts. Secure: Security isn't just a goal, but an absolute requirement. Mail delivery is critical for users; it cannot be turned off, so it must be completely secure. (This is why I started writing qmail: I was sick of the security holes in sendmail and other MTAs.) Reliable: qmail's straight-paper-path philosophy guarantees that a message, once accepted into the system, will never be lost. qmail also supports maildir, a new, super-reliable user mailbox format. Maildirs, unlike mbox files and mh folders, won't be corrupted if the system crashes during delivery. Even better, not only can a user safely read his mail over NFS, but any number of NFS clients can deliver mail to him at the same time. Efficient: On a Pentium under BSD/OS, qmail can easily sustain 200000 local messages per day---that's separate messages injected and delivered to mailboxes in a real test! Although remote deliveries are inherently limited by the slowness of DNS and SMTP, qmail overlaps 20 simultaneous deliveries by default, so it zooms quickly through mailing lists. (This is why I finished qmail: I had to get a big mailing list set up.) Simple: qmail is vastly smaller than any other Internet MTA. Some reasons why: (1) Other MTAs have separate forwarding, aliasing, and mailing list mechanisms. qmail has one simple forwarding mechanism that lets users handle their own mailing lists. (2) Other MTAs offer a spectrum of delivery modes, from fast+unsafe to slow+queued. qmail-send is instantly triggered by new items in the queue, so the qmail system has just one delivery mode: fast+queued. (3) Other MTAs include, in effect, a specialized version of inetd that watches the load average. qmail's design inherently limits the machine load, so qmail-smtpd can safely run from your system's inetd. Replacement for sendmail: qmail supports host and user masquerading, full host hiding, virtual domains, null clients, list-owner rewriting, relay control, double-bounce recording, arbitrary RFC 822 address lists, cross-host mailing list loop detection, per-recipient checkpointing, downed host backoffs, independent message retry schedules, etc. In short, it's up to speed on modern MTA features. qmail also includes a drop-in ``sendmail'' wrapper so that it will be used transparently by your current UAs. Mailing Lists ============= Mailing list management is one of qmail's strengths. Notable features: * qmail lets each user handle his own mailing lists. The delivery instructions for user-whatever go into ~user/.qmail-whatever. * qmail makes it really easy to set up mailing list owners. If the user touches ~user/.qmail-whatever-owner, all bounces will come back to him. * qmail supports VERPs, which permit completely reliable automated bounce handling for mailing lists of any size. * SPEED---qmail blasts through mailing lists an order of magnitude faster than sendmail. For example, one message was successfully delivered to 150 hosts around the world in just 70 seconds, with qmail's out-of-the-box configuration. * qmail automatically prevents mailing list loops, even across hosts. * qmail allows inconceivably gigantic mailing lists. No random limits. * qmail handles aliasing and forwarding with the same simple mechanism. For example, Postmaster is controlled by ~alias/.qmail-postmaster. This means that cross-host loop detection also applies to aliases. * qmail supports the ezmlm mailing list manager, which easily and automatically handles bounces, subscription requests, and archives. Features ======== Here are some of qmail's features. Setup: * automatic adaptation to your UNIX variant---no configuration needed * AIX, BSD/OS, FreeBSD, HP/UX, Irix, Linux, OSF/1, SunOS, Solaris, and more * automatic per-host configuration (config, config-fast) * quick installation---no big list of decisions to make Security: * clear separation between addresses, files, and programs * minimization of setuid code (qmail-queue) * minimization of root code (qmail-start, qmail-lspawn) * five-way trust partitioning---security in depth * optional logging of one-way hashes, entire contents, etc. (QUEUE_EXTRA) Message construction (qmail-inject): * RFC 822, RFC 1123 * full support for address groups * automatic conversion of old-style address lists to RFC 822 format * sendmail hook for compatibility with current user agents * header line length limited only by memory * host masquerading (control/defaulthost) * user masquerading ($MAILUSER, $MAILHOST) * automatic Mail-Followup-To creation ($QMAILMFTFILE) SMTP service (qmail-smtpd): * RFC 821, RFC 1123, RFC 1651, RFC 1652, RFC 1854 * 8-bit clean * 931/1413/ident/TAP callback (tcp-env) * relay control---stop unauthorized relaying by outsiders (control/rcpthosts) * no interference between relay control and forwarding * tcpd hook---reject SMTP connections from known abusers * automatic recognition of local IP addresses * per-buffer timeouts * hop counting Queue management (qmail-send): * instant handling of messages added to queue * parallelism limit (control/concurrencyremote, control/concurrencylocal) * split queue directory---no slowdown when queue gets big * quadratic retry schedule---old messages tried less often * independent message retry schedules * automatic safe queueing---no loss of mail if system crashes * automatic per-recipient checkpointing * automatic queue cleanups (qmail-clean) * queue viewing (qmail-qread) * detailed delivery statistics (qmailanalog, available separately) Bounces (qmail-send): * QSBMF bounce messages---both machine-readable and human-readable * HCMSSC support---language-independent RFC 1893 error codes * double bounces sent to postmaster Routing by domain (qmail-send): * any number of names for local host (control/locals) * any number of virtual domains (control/virtualdomains) * domain wildcards (control/virtualdomains) * configurable percent hack support (control/percenthack) * UUCP hook SMTP delivery (qmail-remote): * RFC 821, RFC 974, RFC 1123 * 8-bit clean * automatic downed host backoffs * artificial routing---smarthost, localnet, mailertable (control/smtproutes) * per-buffer timeouts * passive SMTP queue---perfect for SLIP/PPP (serialmail, available separately) Forwarding and mailing lists (qmail-local): * address wildcards (.qmail-default, .qmail-foo-default, etc.) * sendmail .forward compatibility (dot-forward, available separately) * fast forwarding databases (fastforward, available separately) * sendmail /etc/aliases compatibility (fastforward/newaliases) * mailing list owners---automatically divert bounces and vacation messages * VERPs---automatic recipient identification for mailing list bounces * Delivered-To---automatic loop prevention, even across hosts * automatic mailing list management (ezmlm, available separately) Local delivery (qmail-local): * user-controlled address hierarchy---fred controls fred-anything * mbox delivery * reliable NFS delivery (maildir) * user-controlled program delivery: procmail etc. (qmail-command) * optional new-mail notification (qbiff) * optional NRUDT return receipts (qreceipt) * conditional filtering (condredirect, bouncesaying) POP3 service (qmail-popup, qmail-pop3d): * RFC 1939 * UIDL support * TOP support * APOP hook * modular password checking (checkpassword, available separately) Internals ========= qmail's modular, lightweight design and sensible queue management make it the fastest available message transfer agent. Here's how it stacks up against the competition in five different speed measurements. * Scheduling: I sent a message to 8192 ``trash'' recipients on my home machine. All the deliveries were done in a mere 78 seconds---a rate of over 9 million deliveries a day! Compare this to the speed advertised for Zmailer's scheduling: 1.1 million deliveries a day on a SparcStation-10/50. (My home machine is a 16MB Pentium-100 under BSD/OS, with the default qmail configuration. qmail's logs were piped through accustamp and written to disk as usual.) * Local mailing lists: When qmail is delivering a message to a mailbox, it physically writes the message to disk before it announces success--- that way, mail doesn't get lost if the power goes out. I tried sending a message to 1024 local mailboxes on the same disk on my home machine; all the deliveries were done in 25.5 seconds. That's more than 3.4 million deliveries a day! Sending 1024 copies to a _single_ mailbox was just as fast. Compare these figures to Zmailer's advertised rate for throwing recipients away without even delivering the message---only 0.48 million per day on the SparcStation. * Mailing lists with remote recipients: qmail uses the same delivery strategy that makes LSOFT's LSMTP so fast for outgoing mailing lists--- you choose how many parallel SMTP connections you want to run, and qmail runs exactly that many. Of course, performance varies depending on how far away your recipients are. The advantage of qmail over other packages is its smallness: for example, one Linux user is running 60 simultaneous connections, without swapping, on a machine with just 16MB of memory! * Separate local messages: What LSOFT doesn't tell you about LSMTP is how many _separate_ messages it can handle in a day. Does it get bogged down as the queue fills up? On my home machine, I disabled qmail's deliveries and then sent 5000 separate messages to one recipient. The messages were all safely written to the queue disk in 23 minutes, with no slowdown as the queue filled up. After I reenabled deliveries, all the messages were delivered to the recipient's mailbox in under 12 minutes. End-to-end rate: more than 200000 individual messages a day! * Overall performance: What really matters is how well qmail performs with your mail load. Red Hat Software found one day that their mail hub, a 48MB Pentium running sendmail 8.7, was running out of steam at 70000 messages a day. They shifted the load to qmail---on a _smaller_ machine, a 16MB 486/66---and now they're doing fine.