On Sat, 25 Nov 2000 14:00:56 -0500
Nathan J Mehl <[EMAIL PROTECTED]> wrote:
> In the immortal words of J C Lawrence ([EMAIL PROTECTED]):
>> Given QMail's odd licensing status I'd recommend Postfix or Exim
>> in preference to QMail.
> Uh, this requires some clarification, and verges on FUD.
QMail's licensing status is "odd" in the literal sense of the word
in that in the realm of MTAs it is atypical in the extreme.
> Qmail does not have an "odd licensing status". Qmail is simply
> _not_ _licensed_, period, because the author believes (and I
> personally concur, not that that's relevant) that software
> licenses are unenforceable legal fiction.
I agree with the assertion, but differ in my preferences. I like
explicit licensing, not because they state my legal obligations (an
argument I don't fully accept) but because they establish the
author's preferences -- what he would like done -- and thus build
the beginnings of a social contract between me and him.
> (Please don't take this as an invitation to debate the issue: the
> only debate that will count will happen in a court of law, and
> will likely not consult any of us. :)
Sorry.
> The practical upshot of this is simple: you can't distribute
> modified copies of qmail without the author's direct approval.
> You may, if you like, distribute your own modifications as patches
> to the source, and you can modify it to your heart's content as
> long as you don't distribute it.
Quite, and this is where my major problem comes in. I like the
audit trail and reproducability gains from packaging systems. And
yes, while I could build my own packages for QMail, that argument
largely falls flat were it to be extended to every software I run.
This encludes say the BSD ports system as there are many systems
which should not have compilers installed on them (eg shell account
servers, firewalls, and other security sensitive boxen).
> If your needs require you to distribute a customized MTA outside
> of your own organization, then yes, qmail is probably not for you.
Conversely, I want a customised MTA distributed to me by others I
have good reasons to trust and whose identities and work I can
verify cryptographically.
> Otherwise, you can feel safe to evaluate qmail vs sendmail vs
> postfix on the more prosaic grounds of features, security and
> portability.
True. I wish I'd had time to enclude WMail in my testing, or to
refine the bench enough to make accurate metric tracking both
possible and reproducable. However, that wasn't the client need and
I didn't have the time or equipment for that. They simply wanted an
off-hand demonstration of the base curves to ensure they weren't too
far off the mark with their IS decisions.
--
J C Lawrence [EMAIL PROTECTED]
---------(*) : http://www.kanga.nu/~claw/
--=| A man is as sane as he is dangerous to his environment |=--
