Book Review: Postfix: The Definitive Guide
Postfix: The Definitive Guide is a beautifully written book about a beautifully designed program. Kyle Dent's writing is precise and concise without being too dense to read--standards, for example, typically are precise and dense. After the first chapter or two, I asked, "Has this guy written anything else?" Answer: the Postfix section of Running Linux, 4th Ed.
The excerpted sentence that follows is a bit long, but it covers the required ground, including the all important except-whens: "With maildir-style delivery, Postfix normally creates the necessary directories and files, if the user's credentials permit it; however as a security precaution, if the parent directory is world-writable, Postfix delivery agents will not create any additional files or directories."
The phrase "Postfix delivery agents" is a necessary qualifier. Many installations use a third-party mail delivery agent, such as procmail or Maildrop, that have different security policies.
Wietse Venema wrote the initial versions of Postfix and continues to develop it. He also scrutinizes all contributions. He is the author of tcpwrappers and other security programs, so his scrutiny sets a high standard. Needless to say, Postfix has a very good security record.
Postfix also is quite resource efficient: it easily can handle a thousand messages per day on a high-end 486 machine. I've used Postfix for three years, and it always has been several steps ahead of what I've needed for SOHO environments without overwhelming me with what I did not (yet) need. ISPs are using it on high-end modern PCs to handle as much as a million messages a day. It runs on Linux and most flavors of Unix. This book covers Postfix 2.1, which is in release candidate status as I write this review in May 2004. One caveat: the book does not cover the policy daemon interface; it is in the development branch only and may not make it into 2.1 stable.
Postfix: The Definitive Guide digs a little deeper into the hows and whys. I like that; I've never been much good at turning the crank on rote procedures. By explaining how Postfix's features reflect its architecture and how they relate to real world needs, debugging configurations and extending Postfix with third-party virus scanners and spam filter is a lot easier.
Too many guides that claim to be definitive list all the options and settings without explaining how they work together. Dent's examples are well chosen to illustrate a real setup and the underlying processing. A good example is the chapter titled "Blocking Unsolicited Commercial Email". Postfix can enforce a dress code to keep out the more blatantly standards non-compliant e-mail, usually sent from viruses or spammers. Dent leads you through the dialogue between mail clients and servers and shows how the restrictions correspond to the steps of the dialogue. He also explains which parts of the standards should be enforced and which skipped, plus what information you can depend on and what is forged easily. In the past, I tried to do this but bumped up against a couple of newsletters from big companies that were not compliant. Usually, the domain name in the From line does not resolve, because there is either no DNS record or no computer at that address. Now I understand how to whitelist them. With stricter restrictions in place, I now can refuse some of the spam before accepting it. Also, spammers with fixed addresses can be blacklisted. This is an area of Postfix that has improved considerably over the past year. This update alone is worth the price of the book.
Postfix endeavors to work well with others by supporting standard protocols in third-party programs for virus scanning and spam filtering. Below Dent describes the differences among SMTP, the main Internet e-mail transport protocol; LMTP, a variant used within a LAN with the Cyrus IMAP server; and other third-party programs and why Postfix is different:
When an MTA makes a delivery to an SMTP server, where the message is destined for multiple recipients, and one or more recipients cannot accept the message for some reason, the SMTP server takes the responsibility for queuing the message to deliver it later, and reports an overall successful delivery to the MTA. LMTP servers do not queue messages, so they must return an individual status reply for every recipient of a particular email message. For those recipients that could not be delivered, the MTA, and not the LMTP server, takes the responsibility of queuing the message and attempting redelivery.
Dent picks his battles carefully. He covers how to integrate Postfix with LDAP and MySQL but not their installation. The only reason to use these databases is because you already are using them with some other application, meaning they already are installed. For standalone use, the native Postfix databases are more than adequate and simpler to use.
In summary, I like this book a lot. I am tempted to buy anything else Dent writes, sight unseen. I liked Postfix and now am more impressed by its design, both for its security offering and its feature mix, which is aimed at the needs of the real world--spam, hostile Internet denizens and so on. All this is accomplished without succumbing to creeping featuritis. I intend to keep this book within reach and to use Postfix on any system I administer.
Jeffrey L. Taylor is a 30 year veteran of software engineering. He has been using UNIX for over 25 years and Linux for over four.