The Four Horsemen of Linux Mail Transfer: Exim, Postfix, Sendmail, and Qmail
Considering how important and popular email is today, it shouldn’t surprise anyone that there are millions of email servers currently operating on the public internet. According to a 2019 survey from securityspace.com (http://www.securityspace.com/s_survey/data/man.201907/mxsurvey.html), there are approximately 1.8 million email servers online!
Given the long history of email (dating back to 1971), and the massive number of email servers online, you’d be right to assume that there are many different email server platforms available. However, according to the securityspace.com survey, three types of email servers account for more than 95% of the global market share:
- Exim
- Postfix
- Sendmail
- Qmail
The top three email servers on the internet are Exim (with over 55%), Postfix (over 30%), and Sendmail (about 4%). All three of these email platforms, and Qmail, were originally developed for Unix-Like or Linux based Operating Systems.
Today, with the widespread availability of easy and low-cost cloud-hosted server providers, anyone can setup their own email server. This guide focuses on deploying, configuring, and discussing best practices and security concerns for Exim, Postfix, Sendmail, and Qmail.
Exim – Overview + Pros & Cons
Exim is an MTA (Mail Transfer Agent) for Unix-like operating systems first written in 1995 by Philip Hazel. Exim is licensed under the GPLv2 license. Exim is used extensively all around the world. According to the study noted earlier (http://www.securityspace.com/s_survey/data/man.201907/mxsurvey.html), as of 2019 Exim accounted for approximately 57% of all online public email servers on the internet. Exim4 is currently the default MTA on all Debian-based GNU/Linux systems, including Ubuntu.
Exim – Pros
- Default MTA on Debian-based Linux distributions
- Easy install, basic install is guided via user interface
- Popular and well documented
- Plenty of community support
- Secure
Exim – Cons
- Arguably more difficult to maintain/administer post-deployment than Postfix
Postfix – Overview + Pros & Cons
Postfix is an MTA (mail transfer agent) for Unix-like operating systems developed by Wietse Venema in partnership with IBM in 1997. Postfix is licensed under the IBM Public License. As of 2019, Postfix is still under active development by its creator and a team of contributors. According to the following study (http://www.securityspace.com/s_survey/data/man.201907/mxsurvey.html),as of 2019 Postfix accounted for approximately 34% of all online public email servers on the internet.
Postfix – Pros
- Easy to configure and use
- Elegant (author’s opinion)
- Popular and well documented
- Plenty of community support
- Secure
Postfix – Cons
- No Windows port
Sendmail – Overview + Pros & Cons
Sendmail is an MTA (mail transfer agent) for Unix-like operating systems first released in 1983. Sendmail is a descendant of the original ARPANET delivermail program written by Eric Allman. Allman developed Sendmail as a replacement for delivermail for BSD systems, starting with BSD version 4.1c in 1983. Sendmail is licensed under the Sendmail license. At one point (1996), Sendmail accounted for approximately 80% of all public email servers available on the internet. According to the Security Space study (http://www.securityspace.com/s_survey/data/man.201907/mxsurvey.html), in 2019 Sendmail accounted for approximately 4% of all online public email servers on the internet. Sendmail was acquired by Proofpoint in 2013.
Sendmail – Pros
- Native Windows port available
Sendmail – Cons
- Not as easy to configure as Exim or Postfix
- Not as efficient with resources
Qmail – Overview + Pros & Cons
Qmail is an MTA (mail transfer agent) for Unix-like operating systems first developed in 1995 by Daniel J. Bernstein. At its release, Qmail was touted as a more secure replacement for Sendmail. Qmail’s source code was released to the public domain by its author. According to the Security Space study (http://www.securityspace.com/s_survey/data/man.201907/mxsurvey.html), in 2019 Qmail accounted for approximately 0.07% of all online public email servers on the internet.
Qmail – Pros
- Secure
- Low resource requirements
Qmail – Cons
- Unmaintained
- Most complicated of the four to install
- Config file structure and general operation is less elegant than Postfix or Exim
- Not as popular as the others (less than 1% market share)
- No Windows port
Installation and Configuration Procedure – Environment Setup Notes
Unless otherwise specified, the following environment is used for all installation and configuration procedures to follow:
- Ubuntu Server 18.04.3 LTS
- Kernel Version: 4.15.0-1045-aws
- Running on an entry-level Amazon Lightsail instance (at the time of this writing, $3.50/mo)
- 512 MB RAM
- 1 vCPU
- 20GB SSD
- 1 TB Bandwidth
These procedures assume you are starting with a fresh installation of Ubuntu.
As always, don’t forget to start by fully updating Ubuntu:
sudo apt-get update && sudo apt-get dist-upgrade
Also, we will need to allow TCP port 25 (the default SMTP port) through the firewall. In our Amazon Lightsail environment, that looks like this:
How to Use Mutt Email Client to Send a Test Email
Mutt is a lightweight, CLI-only email client. It is very useful for testing and as a lightweight general purpose email client.
To install Mutt:
sudo apt-get install mutt
We’re not going to go into a full configuration of Mutt. To manually launch Mutt and tell it to use our Maildir, run this:
mutt -f ~/Maildir
Mutt will ask you if you want to create /home/ubuntu/Mail (we don’t) so just press n
Once Mutt starts, it will look like this:
To send a test email with Mutt, do the following:
- To start the mail, press m
- Enter the email address to which you want to send a test email
- Enter the subject of the test email
- You will then enter Nano text editor to write the body of your message. Write whatever you want.
- When finished writing your test message, press ctrl + x
- Then press y
- Then press enter
If it has been done correctly, you should see something like this:
Finally, press y to send the email, and you should see “mail sent.”
Now, let’s go check our email to see if the message was delivered. Since this is a brand new email server with no DNS configuration or SPF, DKIM or DMARC, our test message will most likely be flagged as spam (if it gets delivered at all). For our tests, we used a Gmail account, and we were able to find our message in the spam folder:
Our email was delivered! This means our email server is correctly sending outbound mail.
Basic Install & Config Procedure for Exim
Exim – Intro & Unique Considerations
Exim version 4 is the default MTA for Debian-based Linux distributions, including Ubuntu 18. Therefore, installing Exim4 on Ubuntu is very straightforward.
Exim – Common config files
/etc/exim4/update-exim4.conf.conf – This is the config file where all settings configured via the configuration user interface are stored. You can either edit this file directly, or re-run sudo dpkg-reconfigure exim4-config
/var/lib/exim4/config.autogenerated – This is the master configuration file that is generated automatically every time you run sudo update-exim4.conf
This file should NOT be edited manually.
Exim – Useful commands
To start the Exim4 daemon:
sudo systemctl start exim4.service
To stop the Exim4 daemon:
sudo systemctl stop exim4.service
To restart the Exim4 daemon:
sudo systemctl restart exim4.service
To generate main Exim4 config files:
sudo update-exim4.conf
Run the configuration user interface for Exim4:
sudo dpkg-reconfigure exim4-config
Exim – Procedure
First, see what Exim4 package is available in the default repositories:
sudo apt-cache policy exim4
(At the time of this writing, Exim version 4.90-1 is available in the default repositories.)
To install Exim4, run the following:
sudo apt-get install exim4
To configure Exim4, run the following, which will display a user interface for configuring many Exim parameters:
sudo dpkg-reconfigure exim4-config
Exim – Testing Initial Installation
We now have a basic installation of Exim! Let’s make sure it started and is running OK.
Run this:
sudo service exim4 status