PureMessage for UNIX: which mail transfer agent should I use?
PureMessage is typically used in conjunction with an mail transfer agent (MTA). PureMessage comes bundled with versions of Postfix and sendmail, but you can also use PureMessage with an existing version of Postfix, sendmail, or Java System Messaging Server (JSMS).
Reasons to choose Postfix or sendmail
Postfix communicates with the mail filter using the SMTP protocol, meaning that Postfix receives a message, queues it, and then sends it to the filter. Postfix handles front-side queuing for the milter, which absorbs message spikes. Postfix does not continue to spawn more milter processes; it works with the existing pool of milters. Consequently, Postfix has lower CPU and RAM requirements and can handle more messages with less hardware. Also, Postfix is easier to configure and manage, and it has better reputation for security. Furthermore, Postfix offers an additional layer of filtering using regular expression and PCRE lists, as well as a more flexible and simpler configuration file.
One potential disadvantage with Postfix is that queueing is more input/output intensive, potentially delaying message-processing time. In practice, however, Postfix and sendmail have similar processing times. Also, because Postfix queues before delivering, you cannot reject mail directly. Instead "bounces" are created for rejected mail (this applies to reject statements done from the policy).
Sendmail uses the milter protocol to communicate with the PureMessage mail filter (also called a milter). Each sendmail child requires a dedicated milter process to make the decision to pass, quarantine, or reject a message. Sendmail does not absorb message spikes, but rather it continues to spawn more processes that require more CPU and RAM, therefore handling fewer messages with more hardware.
Sendmail has certain advantages. Because there is less hard drive input and output, message delivery is fast and occurs without delay (although in practice sendmail and Postfix are roughly the same). Also, when sendmail encounters message spikes that are beyond its capabilities (available CPU and RAM limit the number of milter processes that can be spawned), it relies on tempfails and server-throttling to control them.
However, customers who switch to Postfix are happy with the performance and none has returned to sendmail.
Reasons to use the PureMessage-bundled sendmail or Postfix
The following factors should be considered when deciding whether to use one of the bundled MTAs or another distribution:
- Updates: PureMessage supports upgrading the MTA via the installer, making it unnecessary to apply separate patches/updates.
- IP blocking: PureMessage's IP Blocker service rejects messages originating from IP addresses blacklisted by SophosLabs. Versions of sendmail and Postfix that are not bundled with PureMessage require advanced configuration to use IP blocking. While IP blocking is fully supported with bundled MTAs, Sophos only provides conditional support if you are using this feature with an external MTA.
- Milter support (sendmail): In the version of sendmail distributed with PureMessage, milter support is enabled. Depending on your version of sendmail, milter support may need to be manually enabled. If this is the case, sendmail must also be rebuilt.
- PureMessage\mail server interoperation: Existing installations of sendmail or Postfix must be configured to work with PureMessage. The versions distributed with PureMessage are pre-configured to do so.
- SMTP service administration in the PureMessage Manager: The mail servers distributed with PureMessage can be administered using the PureMessage Manager. The status of the SMTP service can be viewed, and the mailer can be stopped and started. Only versions of sendmail or Postfix distributed with PureMessage can be administered via the PureMessage Manager in this way.
- No interruption of existing installation: By installing one of the mail servers distributed with PureMessage, you can leave existing mail server installations in place and simply run the PureMessage version instead. This provides a quick rollback method if you want to revert to your previous mail configuration, and an easy way to test PureMessage and sendmail without altering your existing mail server configuration.
Reasons to use an existing Sendmail Switch, sendmail, Postfix or JSMS installation
Complex Configuration: If your existing mail server configuration is complex or highly customized, it may be easier to use that version rather than configuring the PureMessage version to suit your needs. Ensure that your existing version complies with the sendmail or Postfix version requirements. See "Configuring an External Sendmail Installation" or "Configuring an External Postfix Installation" in the Installation Guide for more information. To configure an existing JSMS installation, see the pmxchannel.conf man page.
If you need more information or guidance, then please contact technical support.
- Article ID: 35764
- Created: 11 Mar 2008
- Last updated: 23 Oct 2008
