Qmail
Qmail (often "qmail") is a mail transfer agent (the email equivalent of a post office) for Unix. It was written by Daniel J. Bernstein when he tired of repeated security holes in sendmail. Only two minor bugs have been found in Qmail since version 1.0; there is an for the first person to find a security hole in it.
While Qmail is free to use and redistribute, and the source code publicly available, permission is required to distribute modified versions, so it is not free software.
The program, which uses maildirs as opposed to mbox files to store messages, can use the QMTP and QMQP protocols.
Qmail's major competitors are Exim and Postfix.
Quirks
There is some controversy among mail system operators over whether Qmail is as standards-compliant as its author claims. Critics allege a number of variations from the SMTP standards, some of which they claim make Qmail more vulnerable to certain kinds of abuse than other MTAs. Qmail advocates consider some of these to be gray areas in the standard, and have created software patches and configuration changes to reduce unwanted behavior.
For instance, because it isolates mail acceptance from delivery, Qmail as shipped is unable to reject mail addressed to nonexistent users. This is in one sense a security feature ? it prevents a remote attacker (such as a spammer) from enumerating user accounts by dictionary attack. However, it also means that Qmail sends far more bounce messages than other MTAs, including spurious bounces sent to the forged addresses in spam or virus email.
One patch that amends this behavior works by simply discarding email sent to unknown users. This is also at variance with the recommendations of the SMTP standards, but at least reduces the unwanted bounce-message behavior.
See also
