Software Consulting Tornado Icon Software Consulting Tornado Icon


I no longer recommend qmail (versions 1.03 or earlier) for general use as a Mail Transport Agent (MTA). I believe it remains an excellent choice for many specific uses.

Though the architecture, design, and codebase of qmail itself are of high quality, the quality of the release cycle, support, licensing, and documentation are not sufficient to make qmail suitable for general use on the Internet.

In practice, an experienced network administrator can make good use of the vast amount of information and support available on the Internet itself to make qmail among the top choices for an MTA. Add-on patches, almost always needed, are widely available, and some of them are of adequate quality; free support is typically offered in response to thoughtfully presented questions; and third-party on-line documentation exists of sufficient quality to make internal installation and support feasible.

In particular, qmail's architecture is well-designed for rock-solid internal security. Bugs found in its code that would, in most any other network-based server requiring privileged access to a system's internals, be easily exploited, are prevented from doing so by design in qmail. See my writeup on Guninski's discoveries for further discussion.

(Kyle Wheeler's book, Qmail Quickstarter, is a helpful guide to getting up to speed on understanding, installing, and making good use of qmail.)

I used to publish several popular patches to qmail; I no longer do so, though they are occasionally requested in private and public forums and available on web sites that archive old versions of this web site. Most of them appear to be widely used.


Copyright (C) 2005 James Craig Burley, Software Craftsperson
Last modified on 2007-07-15.