I was reading Jon Udell's post on OS X and sendmail, and emailed him to chat about what I believe to be sendmail's bad rap. His reply I don't dis sendmail, I just avoid having to learn it. Programming in an environment as obscure as that, where the consequence of error can be massive spam, is something I'd rather let other folks do :-) is very appropriate... sendmail is definitely a black art if you need to expl I was reading Jon Udell‘s post on OS X and sendmail, and emailed him to chat about what I believe to be sendmail‘s bad rap. His replyI don’t dis sendmail, I just avoid having to learn it. Programming in an environment as obscure as that, where the consequence of error can be massive spam, is something I’d rather let other folks do 🙂is very appropriate… sendmail is definitely a black art if you need to exploit its full power. There have been several notable security holes in sendmail over the years, but I’ve been running it for 10 years on dozens of *nix platforms, for purposes ranging from strictly personal use to 5,000-10,000 user ISPs without a sendmail-related security issue. Timely upgrades made that possible, no doubt, but for what heavy-duty service is that not the case? As I type this, sendmail.org is urging upgrades to 8.12.9 to fix a security hole, but then, Cisco and Microsoft currently have much greater security issues with their products. In fact, sendmail has a relatively small CERT list, with 11 vulnerabilities listed, starting in 1995. A very brief history: We are talking about code that was born in 1979 as delivermail with the release of BSD 4.0 and 4.1. It then was renamed sendmail, and the original author, Eric Allman, stopped development in 1982. sendmail carried on anyway, with Eric rejoining his own project in 1990. Sendmail.com was formed in 1998 to commercialize sendmail, (yes, it’s even available for Windows) while the original freeware version is actively maintained and improved. Sendmail is still the most prevalent MTA on the Internet, and for good reason.In my experience, sendmail is the most malleable MTA available. There are things that can be done with sendmail that simply aren’t possible with any other MTA. Tools like milter make it even easier to mangle^H^H^H^H^H^H manage and filter large amounts of email at the MTA level. For many implementations, the full capabilities of sendmail aren’t necessary, but when they are needed, there’s really no other tool for the job. For example, over 5 years ago now, I was given a mail pathing/delivery task of herculean proportions. It took me a week to get everything in place, but it worked beautifully. I’m thankful today that I took the time to put it in writing. Have a look.I’m trying not to play ostrich, and will brush up on my postfix and exim reflexes when I get the time, or have the need… since Apple has moved to postfix in Panther, maybe sooner rather than later, but for the heavy lifting, give me sendmail any day. After all, can 7 of the Fortune 10 be wrong?