Re: WIndows 2003 SMTP

  • From: Danny <nocmonkey@xxxxxxxxx>
  • To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
  • Date: Tue, 8 Feb 2005 16:39:49 -0500

On Tue, 8 Feb 2005 13:52:26 -0500, Mulnick, Al <Al.Mulnick@xxxxxxxxxx> wrote:
> Maybe I misunderstand, but can you expand on the add-on concept?
> I understand Postfix add-ons to be applications written by others to enhance
> the service provided by the MTA.  Put in Microsoft terms, a third-party app.

You are correct. However, I was hoping that I didn't have to say it,
but the advantage of these types of add-ons vs a 3rd party MS app,  is
that the majority of Postfix add-on's (which allow you to go above and
beyond typical MTA capabilities) are open source, "free", and highly

> I'm not seeing the differences between postfix and K3 as an MTA.

What is K3?

> Additionally, it's never a good idea to consider something "bulletproof"
> when you deploy it.  It's good, but to say you don't have to worry about
> something would, over time, open the door for disaster in most cases.

Relative to Microsoft software, it's security record, and it's
industry foot print, yes, Postfix for example. is "bulletproof" (not
sure where you are quoting that from - I never said that) in

If you ignore the overall history, current developer/programmer, past
security vulnerabilities (or lack of in this case), simplicity,
reliability, robust-ness, scalability, performance, the operating
systems it can run on, and cost of Postifx (or possibly qmail and
Exim), then, yes, IIS SMTP could be considered just as good.

Bottom line: In the environments I am responsible for, I do not limit
my systems by only using Microsoft based software.  For example, both
IIS SMTP and Postfix have their place in my networks.  The difference:
one is accessible to untrusted networks (a.k.a. The Internet) and the
other isn't.  Does this make me bulletproof?  No.  Does this decrease
my exposure to known and unknown vulnerabilities in the most exploited
operating system called Windows?  Yes.  Do I need to do patch the hell
out of a Windows server and lock it down to the nuts before I even
think about plugging it into the Internet?  YES.  Do I need to do the
same for a BSD server with Postfix installed?  NO.  Do I need a pretty
OS called Windows on my SMTP MTA?  No.

Anyway, we are kind of straying off-topic.  Make not mistake about it,
though: I wouldn't be on this mailing list if I didn't think Microsoft
products, particularly Exchange had it's place in my (and millions of
other) email and collaboration systems.  I would also have less free
time if all my deployments had un-firewalled Microsoft servers facing
the Internet to perform services instead of un-firewalled (apples to
apples; what if the firewall were to fail, or was improperly
configured) BSD servers.


Other related posts: