Qmail
Encyclopedia
qmail is a mail transfer agent
(MTA) that runs on Unix
. It was written, starting December 1995, by Daniel J. Bernstein
as a more secure
replacement for the popular Sendmail
program. qmail's source code is in the public domain
, making qmail free software
.
s have been published. The most popular predecessor to qmail, Sendmail
, was not designed with security as a goal, and as a result has been a perennial target for attackers. In contrast to sendmail, qmail has a modular architecture composed of mutually untrusting components; for instance, the SMTP listener component of qmail runs with different credentials
than the queue manager, or the SMTP sender. qmail was also implemented with a security-aware replacement to the C standard library
, and as a result has not been vulnerable to stack
and heap
overflows, format string attack
s, or temporary file race conditions.
Maildir
Wildcard mailboxes
qmail also introduces the Quick Mail Transport Protocol (QMTP) and Quick Mail Queuing Protocol (QMQP) protocols.
In 2005, security researcher Georgi Guninski found an integer overflow
in qmail. On 64-bit platforms, in certain configurations of disputed realism (including absence of resource limits and unusually large amounts of available virtual memory), the delivery of huge amounts of data to certain qmail components may allow remote code execution. Bernstein disputes that this is a practical attack, arguing that no real-world deployment of qmail would be susceptible. Configuration of resource limits for qmail components mitigates the vulnerability.
On November 1, 2007, Bernstein raised the reward to US$1000. At a slide presentation the following day, Bernstein stated that there were 4 "known bugs" in the ten year old qmail-1.03, none of which were "security holes." He characterized the bug found by Guninski as a "potential overflow of an unchecked counter." "Fortunately, counter growth was limited by memory and thus by configuration, but this was pure luck."
, and does not behave exactly as Sendmail
did in all situations. In some cases, these differences in behavior have become grounds for criticism. For instance, qmail's approach to bounce messages (a format called QSBMF) differs from the standard format of delivery status notifications
specified by the IETF in RFC 1894, meanwhile advanced to draft standard as RFC 3464, and recommended in the SMTP
specification.
Furthermore, some qmail features have been criticized for introducing mail forwarding complications; for instance, qmail's "wildcard" delivery mechanism and security design prevents it from rejecting messages to nonexistent senders during SMTP transactions. In the past, these differences may have made qmail behave differently when abused as a spam relay, though modern spam delivery techniques are less influenced by bounce behavior.
qmail was released to the public domain
in November 2007.
Until November 2007, qmail was license-free software, with permission granted for distribution in source form or in pre-compiled form (a "var-qmail package") only if certain restrictions (primarily involving compatibility) were met. This unusual licencing arrangement made qmail non-free according to some guidelines (such as the DFSG), and was a cause of controversy.
qmail is the only broadly deployed MTA in the public domain.
Mail transfer agent
Within Internet message handling services , a message transfer agent or mail transfer agent or mail relay is software that transfers electronic mail messages from one computer to another using a client–server application architecture...
(MTA) that runs on Unix
Unix
Unix is a multitasking, multi-user computer operating system originally developed in 1969 by a group of AT&T employees at Bell Labs, including Ken Thompson, Dennis Ritchie, Brian Kernighan, Douglas McIlroy, and Joe Ossanna...
. It was written, starting December 1995, by Daniel J. Bernstein
Daniel J. Bernstein
Daniel Julius Bernstein is a mathematician, cryptologist, programmer, and professor of mathematics at the University of Illinois at Chicago...
as a more secure
Computer security
Computer security is a branch of computer technology known as information security as applied to computers and networks. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to...
replacement for the popular Sendmail
Sendmail
Sendmail is a general purpose internetwork email routing facility that supports many kinds of mail-transfer and -delivery methods, including the Simple Mail Transfer Protocol used for email transport over the Internet....
program. qmail's source code is in the public domain
Public domain
Works are in the public domain if the intellectual property rights have expired, if the intellectual property rights are forfeited, or if they are not covered by intellectual property rights at all...
, making qmail free software
Free software
Free software, software libre or libre software is software that can be used, studied, and modified without restriction, and which can be copied and redistributed in modified or unmodified form either without restriction, or with restrictions that only ensure that further recipients can also do...
.
Security
When first published, qmail was the first security-aware mail transport agent; since then, other security-aware MTAMail transfer agent
Within Internet message handling services , a message transfer agent or mail transfer agent or mail relay is software that transfers electronic mail messages from one computer to another using a client–server application architecture...
s have been published. The most popular predecessor to qmail, Sendmail
Sendmail
Sendmail is a general purpose internetwork email routing facility that supports many kinds of mail-transfer and -delivery methods, including the Simple Mail Transfer Protocol used for email transport over the Internet....
, was not designed with security as a goal, and as a result has been a perennial target for attackers. In contrast to sendmail, qmail has a modular architecture composed of mutually untrusting components; for instance, the SMTP listener component of qmail runs with different credentials
User identifier (Unix)
Unix-like operating systems identify users within the kernel by an unsigned integer value called a user identifier, often abbreviated to UID or User ID...
than the queue manager, or the SMTP sender. qmail was also implemented with a security-aware replacement to the C standard library
C standard library
The C Standard Library is the standard library for the programming language C, as specified in the ANSI C standard.. It was developed at the same time as the C POSIX library, which is basically a superset of it...
, and as a result has not been vulnerable to stack
Stack buffer overflow
In software, a stack buffer overflow occurs when a program writes to a memory address on the program's call stack outside of the intended data structure; usually a fixed length buffer....
and heap
Heap overflow
A heap overflow is a type of buffer overflow that occurs in the heap data area. Heap overflows are exploitable in a different manner to that of stack-based overflows. Memory on the heap is dynamically allocated by the application at run-time and typically contains program data...
overflows, format string attack
Format string attack
Uncontrolled format string is a type of software vulnerability, discovered around 1999, that can be used in security exploits. Previously thought harmless, format string exploits can be used to crash a program or to execute harmful code...
s, or temporary file race conditions.
Performance
When it was released, qmail was significantly faster than Sendmail, particularly for bulk mail tasks such as mailing list servers. qmail was originally designed as a way for managing large mailing lists.Simplicity
Sendmail configuration is complex. For common configurations, qmail is significantly easier to configure and deploy.Innovations
qmail encourages the use of several innovations in mail (some originated by Bernstein, others not):Maildir
- Bernstein invented the MaildirMaildirThe Maildir e-mail format is a common way of storing e-mail messages, where each message is kept in a separate file with a unique name, and each folder is a directory...
format for qmail, which splits individual email messages into separate files. Unlike the de facto standard MboxMboxmbox is a generic term for a family of related file formats used for holding collections of electronic mail messages. All messages in an mbox mailbox are concatenated and stored as plain text in a single file...
format, which stored all messages in a single file, Maildir avoids many locking and concurrency problems, and can safely be provisioned over NFS. qmail also delivers to Mbox mailboxes.
Wildcard mailboxes
- qmail introduced the concept of user-controlled wildcards. Out of the box, mail addressed to "user-wildcard" on qmail hosts is delivered to separate mailboxes, allowing users to publish multiple mail addresses for mailing lists and spam management.
qmail also introduces the Quick Mail Transport Protocol (QMTP) and Quick Mail Queuing Protocol (QMQP) protocols.
Controversy
qmail was designed as a pointed response to Sendmail, an extremely popular and somewhat beloved piece of Unix software. Author Bernstein was not shy about pointing out the deficiencies in Sendmail's design and the superior characteristics of qmail, nor did he take pains to replicate Sendmail's behavior, which at the time was the de facto standard for Internet mail delivery. As a result, qmail came under unusually intense scrutiny.Security reward and Georgi Guninski's vulnerability
Bernstein offered a US$500 reward for the first person to publish a verifiable security hole in the latest version of the software.In 2005, security researcher Georgi Guninski found an integer overflow
Integer overflow
In computer programming, an integer overflow occurs when an arithmetic operation attempts to create a numeric value that is too large to be represented within the available storage space. For instance, adding 1 to the largest value that can be represented constitutes an integer overflow...
in qmail. On 64-bit platforms, in certain configurations of disputed realism (including absence of resource limits and unusually large amounts of available virtual memory), the delivery of huge amounts of data to certain qmail components may allow remote code execution. Bernstein disputes that this is a practical attack, arguing that no real-world deployment of qmail would be susceptible. Configuration of resource limits for qmail components mitigates the vulnerability.
On November 1, 2007, Bernstein raised the reward to US$1000. At a slide presentation the following day, Bernstein stated that there were 4 "known bugs" in the ten year old qmail-1.03, none of which were "security holes." He characterized the bug found by Guninski as a "potential overflow of an unchecked counter." "Fortunately, counter growth was limited by memory and thus by configuration, but this was pure luck."
Frequency of updates
The core qmail package has not been updated for many years. New features are provided by third party patches, such as net-qmail. This is a benefit for some users, from not needing to apply patches continuously, and a liability for other users, particularly those who rely on authentication mechanisms that post-date qmail.Standards compliance
qmail was not designed to replace SendmailSendmail
Sendmail is a general purpose internetwork email routing facility that supports many kinds of mail-transfer and -delivery methods, including the Simple Mail Transfer Protocol used for email transport over the Internet....
, and does not behave exactly as Sendmail
Sendmail
Sendmail is a general purpose internetwork email routing facility that supports many kinds of mail-transfer and -delivery methods, including the Simple Mail Transfer Protocol used for email transport over the Internet....
did in all situations. In some cases, these differences in behavior have become grounds for criticism. For instance, qmail's approach to bounce messages (a format called QSBMF) differs from the standard format of delivery status notifications
Bounce message
In the Internet's standard e-mail protocol SMTP, a bounce message, also called a Non-Delivery Report/Receipt , a Delivery Status Notification message, a Non-Delivery Notification or simply a bounce, is an automated electronic mail message from a mail system informing the sender of another...
specified by the IETF in RFC 1894, meanwhile advanced to draft standard as RFC 3464, and recommended in the SMTP
Simple Mail Transfer Protocol
Simple Mail Transfer Protocol is an Internet standard for electronic mail transmission across Internet Protocol networks. SMTP was first defined by RFC 821 , and last updated by RFC 5321 which includes the extended SMTP additions, and is the protocol in widespread use today...
specification.
Furthermore, some qmail features have been criticized for introducing mail forwarding complications; for instance, qmail's "wildcard" delivery mechanism and security design prevents it from rejecting messages to nonexistent senders during SMTP transactions. In the past, these differences may have made qmail behave differently when abused as a spam relay, though modern spam delivery techniques are less influenced by bounce behavior.
Copyright status
Prior to 1994, Qmail was the oubound message processor for PCBoard BBS systems. Versions 1 through 3 were written by Mark (Sparky) Herring, and version 4 was written by Michael Leavitt. Neither Herring or Leavitt claim a trademark on the name and only wish that there be no confusion between their Qmail software and this product which came later.qmail was released to the public domain
Public domain
Works are in the public domain if the intellectual property rights have expired, if the intellectual property rights are forfeited, or if they are not covered by intellectual property rights at all...
in November 2007.
Until November 2007, qmail was license-free software, with permission granted for distribution in source form or in pre-compiled form (a "var-qmail package") only if certain restrictions (primarily involving compatibility) were met. This unusual licencing arrangement made qmail non-free according to some guidelines (such as the DFSG), and was a cause of controversy.
qmail is the only broadly deployed MTA in the public domain.
See also
- qpsmtpdQpsmtpdqpsmtpd is an SMTP daemon written in Perl. It was originally designed to be a drop-in replacement for qmail-smtpd, the SMTP component of qmail, and it is now also compatible with Postfix, Exim, sendmail and virtually any software that "speaks SMTP"...
- djbdnsDjbdnsThe djbdns software package is a DNS implementation created by Daniel J. Bernstein due to his frustrations with repeated BIND security holes. A $1000 prize for the first person to find a privilege escalation security hole in djbdns was awarded in March 2009 to Matthew Dempsky., djbdns's tinydns...
- List of mail servers
- Comparison of mail serversComparison of mail serversThis is a comparison of mail servers: mail transfer agents, mail delivery agents, and other computer software which provide e-mail services.- Feature comparison :- Authentication :- Antispam Features :...
External links
- Official qmail website, maintained by the author.
- qmail.org A reference site for qmail users, including patches and addons, maintained by Russ NelsonRuss NelsonRussell "Russ" Nelson is an American computer programmer. He was a founding board member of the Open Source Initiative and briefly served as its president in 2005.-Career:...
- qmail-LDAP-UI - qmail-LDAP-UI is a Web based User Administration tool
- Qmailtoaster - Distributes RPM files for appropriate distros to install Qmail quickly and easily. Has a wiki and mailing list.
- pkgsrc [ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/mail/qmail/README.html qmail] and [ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/mail/qmail-run/README.html qmail-run], a pair of easy-to-install cross-platform qmail source packages included in pkgsrc
- The qmail section of FAQTS, an extensive knowledgebase built by qmail users
- qmailWiki is a relatively new wikiWikiA wiki is a website that allows the creation and editing of any number of interlinked web pages via a web browser using a simplified markup language or a WYSIWYG text editor. Wikis are typically powered by wiki software and are often used collaboratively by multiple users. Examples include...
about qmail, hosted by Inter7 - J.M.Simpson qmail site Useful Information about qmail, including explanations and patches, by John M. Simpson (Updated regularly)
- Unofficial qmail Bug and Wishlist
- Qmail queue messages deliver (PHP)
- qmail-distributions - qmail patches combined into easy to use distributions
- IndiMail - A Modern, Modular Mailserver using qmail as MTA. Provides multiple missing features not found in qmail
- Roberto's qmail notes - An English/Italian howto on qmail and related software. A big patch is included. Updated regularly.