Solaris and sendmail

So, I’m looking at the next round of changes to be introduced to Solaris 10 via the 10/04 Express release, and I’m struck by the continued presence of sendmail in Solaris. I just don’t understand it. Does anyone willingly deploy sendmail anymore? Certainly myself, or nobody I know does. Now, I have to admit that my circle of sysadmin friends all came out of the Internet era and have at some point in their lives worked at major ISPs (AT&T, Sprint, Netcom, you name it) so perhaps we’re more than a little tainted by the evil that is sendmail than the average corporate UNIX sysadmin. But this *is* the Internet era, and in my mind anything you deploy ought to be able to stand up to the wrath of the Net, even if it is “only an internal box”..

If you look at Linux, for example, you won’t find a *single* distro that ships with sendmail anymore. SuSE and Gentoo have been postfix for years, Debian has always been exim. Slackware and Mandrake have long used postfix as well, and even RedHat (who were the only sendmail holdout) have been shipping postfix since RH9 two years ago. Postfix is superior to sendmail and is a much better fit for Solaris users than sendmail. It’s faster, more scalable, and proven to be more secure. That last point can not be emphasized enough: POSTFIX HAS A PROVEN SECURITY TRACK RECORD. You know, the opposite of sendmail. Hell I’d even settle for exim over sendmail. Qmail I can understand ruling out cause it just isn’t very sendmail compatible.

So why would Sun continue to ship sendmail? The only reason I can think of is “it’s familiar to our install base”. Well, fair enough, but with all the dramatic changes happening in the Solaris 10 release, that argument just doesn’t hold up. Why on earth would Sun continue to ship sendmail as the MTA when there are vastly better alternatives out there? Isn’t Solaris 10 all about dramatic improvement? I can gaurantee you that switching to postfix is an order of magnitude less change than the switch to Solaris Service Manager. So I send this message out to the powers that be at Sun:

Please, for the love of god, replace sendmail with postfix in Solaris 10. This is an opportunity for improvement that should not be overlooked!

Thank you. At least I have Blastwave to make eradicating sendmail quick and easy…

About this entry

You’re currently reading “Solaris and sendmail,” an entry on VMUNIX Blues

Published:: 10.26.04 / 12pm

Category:: tech, solaris

About

VMUNIX Blues is written by me, Mark Mayo, in Vancouver, BC. I like unix, coding, and the web, and naturally most articles I write here have something to do with what I like. If commenting on an article isn’t your style, you can always email me — mark (at) vmunix.com.

Recent Comments

Vic: I'm using ESX3 for the very first time. I have 6 nics on a SUN blade and have decied to 3 teams of 2 NICS. I...

darkfader: Hi, synchronous NFS often seems faster even than iSCSI that might take like a minute to get all your data...

Paul Fox: http : / / w w w crispdemoncouk click on the tools page to find the source to dtrace. no guarantees it...

mark: Joe: Gigabit. SHEP: I've been gloriously VDI ignorant, and plan to stay that way. Desktops == pain. No thanks....

mark: Great to see someone forging ahead regardless of license issues, Paul. Good luck with the port! I'd certainly...

James 10.26.04 / 10pm

You need to get this logged as an RFE within Sun, and then get the powers that be within their engineering community to accept it and run with it.

Good luck!

If you want to have an even-money chance of succeeding, you will need
to supply Sun with the full business case and cost-benefit analysis.
There are a lot of sendmail-trained engineers within Sun, the cost of re-training would be enormous.

Mark 10.27.04 / 9am

You know, I think I will log an RFE on this one (if someone hasn’t already). I realize there’s the whole retraining aspect, but I really don’t think it would be a big deal if you frame the context properly - just because it took a long time to train the engineers on how to make something work in sendmail DOESN’T mean it will take that long for them to learn how to do it in postfix. The fact that it took so much effort to train your staff on something that should be simple ought to be an indicator of a problem on its own.. With an MTA like postfix, almost everything you want to do is self-evident. I know I certainly felt empowered the first time I looked at postfix after years of sendmail work.

So I’d argue that the retraining would not be a tremendous undertaking, and just think of the upside for customers! A capable MTA that’s robust, secure, and much easier to wrap your head around and get working!

manchi 04.01.06 / 4am

hi,
I just got my solaris 10 up, and I really hate sendmail too.

when I was trying to install postfix, there was an error saying that i have sendmail install.

but there is a problem to remove sendmail from solaris 10!!

there is not in pkgrm , may I know how to do it in SMF ? pls help!!! pls help!!

Eric Kimminau 09.13.07 / 7pm

sendmail uses SMF. you may check the status of sendmail:

# svcs svc:/network/smtp:sendmail
STATE STIME FMRI
disabled 12:33:32 svc:/network/smtp:sendmail

the above shows that sendmail is stopped. you may start it with:

# svcadm enable svc:/network/smtp:sendmail
# svcs svc:/network/smtp:sendmail
STATE STIME FMRI
online 12:34:58 svc:/network/smtp:sendmail

# ps -ef |grep sendmail

root 13578 1 0 12:34:59 ? 0:00 /usr/lib/sendmail -bd -q15m -C /etc/mail/local.cf

root 13589 13556 0 12:37:05 pts/1 0:00 grep sendmail

smmsp 13581 1 0 12:34:59 ? 0:00 /usr/lib/sendmail -Ac -q15m

# netstat -a |grep smtp
localhost.smtp *.* 0 0 49152 0 LISTEN

now we see that sendmail is running but remote clients could not connect. this is the default behavior. to change this we have to change the “local_only” SMF property:

# svccfg -s svc:/network/smtp:sendmail listprop config/local_only
config/local_only boolean true

now we change the property to false:
# svccfg -s svc:/network/smtp:sendmail setprop config/local_only = false
# svccfg -s svc:/network/smtp:sendmail listprop config/local_only
config/local_only boolean false

now restart sendmail:
# svcadm restart svc:/network/smtp:sendmail

# netstat -a |grep smtp
*.smtp *.* 0 0 49152 0 LISTEN
*.smtp *.* 0 0 49152 0 LISTEN

*.smtp *.* 0 0 49152 0 LISTEN please check the documentation on how to properly tweak sendmail’s configuration for your needs.