At the time the Sendmail program had a very poor reputation with respect to security, with four root vulnerabilities per year for two successive years. |
Most of the effort in the software business goes into the maintenance of code that already exists. |
In a previous life I wrote the software that controlled my physics experiments. That software had to deal with all kinds of possible failures in equipment. That is probably where I learned to rely on multiple safety nets inside and around my systems. |
Like all software, Qmail can survive only when it keeps up with changing requirements. |
Postfix keeps running even if one Postfix process dies; Windows requires that someone restarts the service. |
Adding functionality is not just a matter of adding code. |
The challenge with Postfix, or with any piece of software, is to update software without introducing problems. |
Sure, but competition is good for the user. |
However, writing software without defects is not sufficient. In my experience, it is at least as difficult to write software that is safe - that is, software that behaves reasonably under adverse conditions. |
When I write software, I know that it will fail, either due to my own mistake, or due to some other cause. |
One bug in an SMTP server can open up the whole machine for intrusion. |
Coming back to the topic of computer security, the TCP Wrapper is an example of such a safety net. I wrote it when my systems were under attack by someone who appeared to walk through walls. |
The Postfix security model is based on keeping software simple and stupid. |
I want to avoid locking people into solutions that work only with Postfix. People should have a choice in what software they want to use with Postfix, be it anti-virus or otherwise. |
As of today, the Postfix mail transport agent has almost 50,000 lines of code, comments not included. |
Windows favors multi-threading, which means that a service is implemented by one single process. |
For many people my software is something that you install and forget. I like to keep it that way. |
Writing software that's safe even in the presence of bugs makes the challenge even more interesting. |
Qmail out of the box works fine, so people will want to use it regardless of licensing restrictions, even when the software does not ship with their system software. |
This will surprise some of your readers, but my primary interest is not with computer security. I am primarily interested in writing software that works as intended. |