On Tue, 8 Feb 2005 13:52:26 -0500, Mulnick, Al <Al.Mulnick@xxxxxxxxxx> wrote: > http://www.MSExchange.org/ > > Maybe I misunderstand, but can you expand on the add-on concept? > > I understand Postfix add-ons to be applications written by others to enhance > the service provided by the MTA. Put in Microsoft terms, a third-party app. You are correct. However, I was hoping that I didn't have to say it, but the advantage of these types of add-ons vs a 3rd party MS app, is that the majority of Postfix add-on's (which allow you to go above and beyond typical MTA capabilities) are open source, "free", and highly customizable. > I'm not seeing the differences between postfix and K3 as an MTA. What is K3? > Additionally, it's never a good idea to consider something "bulletproof" > when you deploy it. It's good, but to say you don't have to worry about > something would, over time, open the door for disaster in most cases. Relative to Microsoft software, it's security record, and it's industry foot print, yes, Postfix for example. is "bulletproof" (not sure where you are quoting that from - I never said that) in comparison. If you ignore the overall history, current developer/programmer, past security vulnerabilities (or lack of in this case), simplicity, reliability, robust-ness, scalability, performance, the operating systems it can run on, and cost of Postifx (or possibly qmail and Exim), then, yes, IIS SMTP could be considered just as good. Bottom line: In the environments I am responsible for, I do not limit my systems by only using Microsoft based software. For example, both IIS SMTP and Postfix have their place in my networks. The difference: one is accessible to untrusted networks (a.k.a. The Internet) and the other isn't. Does this make me bulletproof? No. Does this decrease my exposure to known and unknown vulnerabilities in the most exploited operating system called Windows? Yes. Do I need to do patch the hell out of a Windows server and lock it down to the nuts before I even think about plugging it into the Internet? YES. Do I need to do the same for a BSD server with Postfix installed? NO. Do I need a pretty OS called Windows on my SMTP MTA? No. Anyway, we are kind of straying off-topic. Make not mistake about it, though: I wouldn't be on this mailing list if I didn't think Microsoft products, particularly Exchange had it's place in my (and millions of other) email and collaboration systems. I would also have less free time if all my deployments had un-firewalled Microsoft servers facing the Internet to perform services instead of un-firewalled (apples to apples; what if the firewall were to fail, or was improperly configured) BSD servers. ...D