By Timothy Prickett Morgan
IBM yesterday announced support for a new internet email server called Secure Mailer that it hopes will eventually rival the popular Sendmail program. About 1.5 million copies of Sendmail are running out there on the net today, and they control anywhere from 70% to 75% of the internet’s email. IBM calls the new mail program Secure Mailer, but it is actually one and the same as Postfix, which is the same product as VMailer. IBM’s lawyers nixed the VMailer moniker because it was too similar to another company’s product. Postfix was developed by Wietse Venema, a physicist and computer scientist who is an expert on electronic data interchange and the esoteric realm of internet security. Venema, who has become one of the legendary programmers of the internet community, created Postfix on IBM’s nickel while on sabbatical for the last year at IBM’s Global Security Analysis Laboratory in Hawthorne, New York, one of the facilities of its TJ Watson Research Center. IBM supported Venema because both the company and the man agree that Sendmail does not have robust enough security to satisfy the requirements of an e-business setting that relies on email as part of an overall application. Postfix debuted yesterday under the Secure Mailer name on IBM’s AlphaWorks skunkworks web site (www.alphaworks.ibm.com). The IBM site was moving pretty slow when we looked at it, and not much information is available on the site describing Secure Mailer. But Venema keeps his own web site at www.porcupine.org/wietse, which includes a FAQ file as well as the Postfix program for those who want to take a look at it. Simply put, the Postfix project and IBM’s Secure Mailer program for AIX is the result of Venema’s desire to create a faster, more secure mail program than the Unix Sendmail program while maintaining compatibility with that program. As such, Postfix is a direct competitor of the qmail program for Unix developed by Dan Bernstein, a professor at the Department of Mathematics, Statistics and Computer Science at the University of Illinois (qmail is used by the HotMail web site and hundreds of ISPs). Venema says that Postfix is up to three times as fast as competitive products and that a desktop PC has enough power to receive and deliver a million messages a day using his program. Postfix is compatible with Sendmail’s spooling, aliasing and forwarding features but Venema claims that it has a much better administrative front end than Sendmail. Postfix was also designed to behave rationally under stress, and is designed to know when to back off so it doesn’t crash itself or other internet servers that are running email servers. But the main benefit of Postfix is that it offers better security. Postfix is not a monolithic program with high levels of access to Unix server resources (making it an ideal target for hackers), but rather a collection of smaller programs that work together with very low Unix privileges. To the greatest extent possible, Postfix is isolated from Unix. For the moment, IBM is only announcing support for AIX with its Secure Mailer brand of Postfix available on the AlphaWorks site. But Postfix is aimed at replacing Sendmail, and that means eventually it will have to run on the popular commercial and open source implementations of Unix as well as Linux and very likely Windows NT. Sendmail was recently ported to NT by Eric Allman, chief technology officer at Sendmail Inc and the original creator of the Sendmail program for Unix that is still available on an open source basis at www.sendmail.org. Allman’s company, like Red Hat with Linux, is trying to make money by offering commercial-level support and collaboration with the business community while taking advantage of the cheap and excellent programming talent available in the open source community. IBM has no intention of trying to make money directly off of Secure Mailer/Postfix and is taking a laissez-faire approach. Charles Palmer, IBM’s network security research manager, believes that IBM’s various server groups as well as members of the open source community will see the benefits to porting Venema’s mail program to other Unix environments, Windows NT and maybe even OS/400 and OS/390. But IBM is not going to do it, or even put in any effort into coaxing other to do it. Nonetheless, if Secure Mailer/Postfix does what IBM claims, the odds are high that programmers in the internet community will do the work. Venema has written some of the most portable code ever written, says Palmer, adding that he expects Secure Mailer/Postfix to take off much as Apache and Linux have, and for much the same reasons. รก
