(Eric Allman) - the original MTA, and still the most popular. It has a lot of features and a very powerful address re-writing language (which can be quite cryptic to the neophyte). It's monolithic (single process, no security barriers) design shows it's age, and, over time, has gained a bad reputation for security, although current versions of code contain no
Postfix MTA (formerly vmailer)
(Wietse Venema) - a new mail transport agent, designed with security and performance as primary goals. Wherever possible, the author has maintained compatiblity with sendmail, which makes migration quite a bit easier. This is the only MTA I would recommend at this time.
- a high performance MTA with plenty of anti-spam configuration options, but lacks sendmail's extensive support for address re-writing. Appears to be a monolithic design like sendmail, although I don't know of any vulnerabilities.
- don't know much about this one.
- (Dan Bernstein) another new MTA written with security as it's primary goal. The author has very strong ideas about how things should be done, however, which means it can be a complete pig to migrate from any other MTA to Qmail.
The Porcupine Project
- a research project to build a fault-tolerant clustered mail server that automatically discovers new nodes and distributes resources.
- a tiny POP3 daemon, designed with security as the primary goal.
- a POP3 daemon that supports APOP, virtual hosting, maildir or mailbox, bulletins and expiration of messages. Security design is similar to popa3d (above), and some code auditing has been performed.
- a popular POP daemon - flexible and fast, and probably secure, although it hasn't been audited to my knowledge.
- an IMAPD that supports maildir and abstracted authentication out of the box.
- Carnegie Mellon Enterprise Electronic Mail Project
- Application Configuration Access Protocol (CMU)
- Qualcomm's free POP server
- PHP scripts that implement an IMAP based webmail system.
TWIG - The Web Information Gateway
- a PHP based webmail system, more fully featured than IMP - as well as mail, it does scheduling, newsgroups, bookmarks, etc.
- Dynamic Relay Access Control - an implementation of pop-before-smtp.
- POP3 and IMAP4 redirection proxy. Supports regular expression, LDAP, NIS, GDBM, MySQL and PostgreSQL lookups.
- the classic filtering local delivery agent. It has extensive support for filing into separate user mail folders. Unfortunately the code structure does not make a security audit easy, and anything that runs neophyte user code with input from the big bad internet has a fair bit of potential for harm (this is probably true of all filtering local delivery agents that allow user code to be executed).
- mail delivery agent with filtering abilities
- A Mail Virus Scanner: a perl script that can work with many common unix MTA's to extract mime attachments and run them through a third party virus file scanner (not supplied).
- the original mailing list manager
Jason L Tibbitts III's Majordomo Page
- includes information about his re-write of the majordomo list manager called Majordomo II.
- Neat GNU mailing list manager, written in
. Includes comprehensive web interface.
- "Modular Mailing List Management" - plugable modules, written in C.
- a mailing list manager for qmail
- minimalistic majordomo replacement, written in perl
- minimalistic majordomo replacement, written in perl
E-mail List Management Software
- Vivian Neou
"All mail clients suck. This one just sucks less."
- Carrier-scale Internet Messaging
- supplier of e-mail service to ISP's etc.
- digital signed documents/statements/bills with round trip transaction processing. They also have an IMAP/POP solution that is apparently based on Cyrus.
- Internet Messaging and Directory Products
- commercial mailing list manager software and hosting
How to Get There From Here
- Scaling the Enterprise-Wide Mail Infrastructure (Duke University)
Highly Scalable Electronic Mail Service Using Open Systems
- Nick Christenson, Tim Bosserman, David Beckemeyer (EarthLink Networks)
High Capacity E-Mail
- a paper by Simon Horman of VA Linux Systems.
Manageability, availability and performance in Porcupine: a highly scalable, cluster-based mail service
- by Yasushi Saito, Brian N. Bershad, and Henry M. Levy
Papers by Brad Knowles
- includes Sendmail Performance Tuning for Large Systems, and Design and Implementation of Highly Scalable E-mail Systems.
- a web based IMAP/NNTP gateway. Includes a link to a paper on the
Oxford University mail cluster
- a scalable mail server using open source software on comodity hardware.
What a Public Operator May Need from Servers
- John Klensin (MCI Communications) (slides from a presentation)
Claus Assman's Patches, Additions and Known Problems for Sendmail
- general discussion of IMAP performance and some tweaks to the UW imapd.
Dynamic Relay Authorization Control (DRAC)
- or POP before SMTP auth.
- a proposed protocol to allow internet application determine if a particular dynamic IP has authenticated.
The Internet Engineering Task Force
Internet Mail Consortium
rfc822 Message format
rfc2076 Common Internet Message Headers
rfc2822 Message Format
- replaces rfc822
rfc1123 Requirements for Internet Hosts
rfc1845 SMTP Service Extension for Checkpoint/Restart
- not commonly implemented.
rfc1869 SMTP Service Extensions
- defines ESMTP (EHLO)
rfc1891 SMTP Service Extension for Delivery Status Notifications
rfc1870 SMTP Service Extension for Message Size Declaration
- defines SIZE
rfc1985 SMTP Service Extension for Remote Message Queue Starting
- defines ETRN
rfc2034 SMTP Service Extension for Returning Enhanced Error Codes
rfc2197 SMTP Service Extension for Command Pipelining
rfc2442 Batch SMTP
rfc2554 SMTP Service Extension for Authentication
- defines AUTH
- replacement for rfc821
rfc2033 Local Mail Transport Protocol
rfc1734 POP3 AUTH
rfc1957 Some Observations on Implementations of POP3
rfc2195 IMAP/POP AUTHorize Extension for Simple Challenge/Response
rfc2449 POP3 Extension Mechanism
rfc1731 IMAP4 AUTH
rfc1732 IMAP4 compatibility with IMAP2 and IMAP2bis
rfc2342 IMAP4 namespace
rfc2505 Anti-Spam Recommendations for SMTP MTAs
rfc1918 Address Allocation for Private Internets
"Reply-To" Considered Harmful
- adding "Reply-To" headers to mailing list traffic is a Bad Thing. Read this to find why.
"Reply-To" Considered Useful
- a rebuttal to the previous paper - I don't find their reasoning particularly convincing.
Mail-Followup-To and Mail-Reply-To
- DJB's take on Reply-to:
- and a counter view from Keith Moore
Content-Length is brain-damaged
Electronic Mail Resources
- Duke University, Office of Information Technology
Internet Mailing List Providers
- Brian Edmonds
HTTP Mail User Agent inventory