Qmail: Difference between revisions

'''qmail''' is a [[mail transfer agent]] (MTA) that runs on [[Unix]]. It was written, starting December 1995,<ref>{{Cite web |last=Bernstein |first=Daniel J. |title=Some thoughts on security after ten years of qmail 1.0 |url=https://cr.yp.to/qmail/qmailsec-20071101.pdf}}</ref><ref>{{Cite web |title=Qmail Explained |url=https://everything.explained.today/Qmail/}}</ref> by [[Daniel J. Bernstein]] as a more [[computer security|secure]] alternative to the popular [[Sendmail]] program. Originally [[license-free software]], qmail's [[source code]] was later dedicated to the [[public domain]] by the author.<ref name="source-pd">{{cite web

When first published, qmail was the first security-aware mail transport agent; since then, other security-aware [[Mail transfer agent|MTA]]s have been published. The most popular predecessor to qmail, [[Sendmail]], was not designed with security as a goal, and, as a result, has been a perennial target for attackers. In contrast to sendmail, qmail has a modular architecture composed of mutually untrusting components; for instance, the [[SMTP]] listener component of qmail runs with different [[User identifier (Unix)|credentials]] from the queue manager or the SMTP sender. qmail was also implemented with a security-aware replacement to the [[C standard library]], and, as a result, has not been vulnerable to [[Stack buffer overflow|stack]] and [[Heap overflow|heap]] overflows, [[format string attack]]s, or temporary file [[race condition]]s.