Jump to content

Examine individual changes

This page allows you to examine the variables generated by the Edit Filter for an individual change.

Variables generated for this change

VariableValue
Name of the user account (user_name)
'59.103.194.222'
Page ID (page_id)
198977
Page namespace (page_namespace)
0
Page title without namespace (page_title)
'Qmail'
Full page title (page_prefixedtitle)
'Qmail'
Action (action)
'edit'
Edit summary/reason (summary)
'/* Innovations */ '
Whether or not the edit is marked as minor (no longer in use) (minor_edit)
false
Old page wikitext, before the edit (old_wikitext)
'{{lowercase|title=qmail}} {{Infobox software | name = qmail | logo = | screenshot = | caption = | developer = [[Daniel J. Bernstein]] | latest release version = 1.03 | latest release date = {{release date|1998|06|15}} | latest preview version = netqmail 1.06 | latest preview date = November 11, 2007 | operating system = [[Unix-like]] | programming language = [[C (programming language)]] | platform = | genre = [[Mail transfer agent]] | license = [[public domain]]<ref name=rewardraised> {{cite web |url=http://cr.yp.to/qmail/qmailsec-20071101.pdf |title=Some thoughts on security after ten years of qmail 1.0 |accessdate=2007-12-01 }}</ref> | website = http://cr.yp.to/qmail.html }} '''qmail''' is a [[mail transfer agent]] (MTA) that runs on [[Unix]]. It was written, starting December 1995, by [[Daniel J. Bernstein]] as a more [[computer security|secure]] replacement for the popular [[Sendmail]] program. qmail's source code is in the [[public domain]], making qmail [[free software]].<ref name="source-pd">{{cite web |url=http://cr.yp.to/qmail/dist.html |title=Information for distributors |quote=I hereby place the qmail package (in particular, qmail-1.03.tar.gz, with MD5 checksum 622f65f982e380dbe86e6574f3abcb7c) into the public domain. You are free to modify the package, distribute modified versions, etc. }}</ref> ==Features== ===Security=== When first published, qmail was the first security-aware mail transport agent; since then, other security-aware [[Mail transfer agent|MTA]]s have been published. The most popular predecessor to qmail, [[Sendmail]], was not designed with security as a goal, and as a result has been a perennial target for attackers. In contrast to sendmail, qmail has a modular architecture composed of mutually untrusting components; for instance, the [[SMTP]] listener component of qmail runs with different [[User identifier (Unix)|credentials]] than the queue manager, or the SMTP sender. qmail was also implemented with a security-aware replacement to the [[C standard library]], and as a result has not been vulnerable to [[Stack buffer overflow|stack]] and [[Heap overflow|heap]] overflows, [[format string attack]]s, or temporary file race conditions. ===Performance=== When it was released, qmail was significantly faster than Sendmail, particularly for bulk mail tasks such as mailing list servers. qmail was originally designed as a way for managing large mailing lists. ===Simplicity=== Sendmail configuration is complex. For common configurations, qmail is significantly easier to configure and deploy. ===Innovations=== qmail encourages the use of several innovations in mail (some originated by Bernstein, others not): ; Maildir : Bernstein invented the [[Maildir]] format for qmail, which splits individual email messages into separate files. Unlike the ''de facto'' standard [[Mbox]] format, which stored all messages in a single file, Maildir avoids many locking and concurrency problems, and can safely be provisioned over [[Network File System (protocol)|NFS]]. qmail also delivers to Mbox mailboxes. ; Wildcard mailboxes : qmail introduced the concept of user-controlled wildcards. Out of the box, mail addressed to "user-''wildcard''" on qmail hosts is delivered to separate mailboxes, allowing users to publish multiple mail addresses for mailing lists and spam management. qmail also introduces the [[Quick Mail Transport Protocol]] (QMTP) and [[Quick Mail Queuing Protocol]] (QMQP) protocols. ===Modularity=== qmail is nearly a completely modular system in which each major function is separated from the other major functions. It is easy to replace any part of the qmail system with a different module as long as the new module retains the same interface as the original. ==Controversy== qmail was designed as a pointed response to Sendmail, an extremely popular and somewhat beloved piece of Unix software. Author Bernstein was not shy about pointing out the deficiencies in Sendmail's design and the superior characteristics of qmail, nor did he take pains to replicate Sendmail's behavior, which at the time was the de facto standard for Internet mail delivery. As a result, qmail came under unusually intense scrutiny. ===Security reward and Georgi Guninski's vulnerability=== Bernstein offered a US$500 reward for the first person to publish a verifiable [[security hole]] in the latest version of the software.<ref name=guarantee> {{cite web |url=http://cr.yp.to/qmail/guarantee.html |title=The qmail security guarantee |accessdate=2007-10-05 }}</ref> In 2005, security researcher Georgi Guninski found an [[integer overflow]] in qmail. On 64-bit platforms, in certain configurations of disputed realism (including absence of resource limits and unusually large amounts of available virtual memory), the delivery of huge amounts of data to certain qmail components may allow remote code execution. Bernstein disputes that this is a practical attack, arguing that no real-world deployment of qmail would be susceptible. Configuration of resource limits for qmail components mitigates the vulnerability.<ref> {{cite web |author = Georgi Guninski |title = Georgi Guninski security advisory #74, 2005 |url = http://www.guninski.com/where_do_you_want_billg_to_go_today_4.html |accessdate= 2007-10-05 }}</ref> On November 1, 2007, Bernstein raised the reward to US$1000.<ref name="rewardraised"/> At a slide presentation the following day, Bernstein stated that there were 4 "known bugs" in the ten year old qmail-1.03, none of which were "security holes." He characterized the bug found by Guninski as a "potential overflow of an unchecked counter." "Fortunately, counter growth was limited by memory and thus by configuration, but this was pure luck."<ref name=slideshow> {{cite web |url=http://cr.yp.to/talks/2007.11.02/slides.pdf |title=Some thoughts on security after ten years of qmail 1.0 [Slide presentation] |accessdate=2008-01-17 }}</ref> === Frequency of updates === The core qmail package has not been updated for many years.<ref> {{cite web | url = http://www.lifewithqmail.org/lwq.html#history | title = Life with qmail; History | accessdate = 2007-12-01 }}</ref> New features are provided by third party patches, such as net-qmail. This is a benefit for some users, from not needing to apply patches continuously, and a liability for other users, particularly those who rely on authentication mechanisms that post-date qmail. === Standards compliance === qmail was not designed to replace [[Sendmail]], and does not behave exactly as [[Sendmail]] did in all situations. In some cases, these differences in behavior have become grounds for criticism. For instance, qmail's approach to bounce messages (a format called QSBMF) differs from the standard format of [[bounce message|delivery status notifications]] specified by the [[IETF]] in RFC 1894, meanwhile advanced to [[Internet_standard#Draft_Standard|draft standard]] as RFC 3464, and recommended in the [[Simple Mail Transfer Protocol|SMTP]] specification. Furthermore, some qmail features have been criticized for introducing mail forwarding complications; for instance, qmail's "wildcard" delivery mechanism and security design prevents it from rejecting messages to nonexistent senders during SMTP transactions. In the past, these differences may have made qmail behave differently when abused as a spam relay, though modern spam delivery techniques are less influenced by bounce behavior. === Copyright status === qmail was released to the [[Public Domain|public domain]] in November 2007.<ref> {{cite web | url = http://video.google.com/videoplay?docid=-3147768955127254412&q=%22Bernstein+releases+code+to+public+domain%22&total=1&start=0&num=10&so=0&type=search&plindex=0 | title = Bernstein releases code into the public domain | accessdate = 2007-11-30 }}</ref> Until November 2007, qmail was [[license-free software]], with permission granted for distribution in source form or in pre-compiled form (a "var-qmail package") only if certain restrictions (primarily involving compatibility) were met. This unusual licencing arrangement made qmail non-free according to some guidelines (such as the [[DFSG]]), and was a cause of controversy. qmail is the only broadly deployed MTA in the public domain. ==See also== {{Portal|Free software}} * [[qpsmtpd]] * [[djbdns]] * [[List of mail servers]] * [[Comparison of mail servers]] ==References== <references/> ==External links== * [http://cr.yp.to/qmail.html Official qmail website], maintained by the author. * [http://www.qmail.org/ qmail.org] A reference site for qmail users, including patches and addons, maintained by [[Russ Nelson]] * [http://qmail-ldap-ui.sourceforge.net qmail-LDAP-UI] - qmail-LDAP-UI is a Web based User Administration tool * [http://www.qmailtoaster.com/ Qmailtoaster] - Distributes RPM files for appropriate distros to install Qmail quickly and easily. Has a wiki and mailing list. * pkgsrc [ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/mail/qmail/README.html qmail] and [ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/mail/qmail-run/README.html qmail-run], a pair of easy-to-install cross-platform qmail source packages included in [http://www.pkgsrc.org/ pkgsrc] * [http://qmail.faqts.com/ The qmail section of FAQTS], an extensive knowledgebase built by qmail users * [http://www.qmailwiki.org/ qmailWiki] is a relatively new [[wiki]] about qmail, hosted by [[Inter7]] *[http://qmail.jms1.net/ J.M.Simpson qmail site] Useful Information about qmail, including explanations and patches, by John M. Simpson (Updated regularly) * [http://home.pages.de/~mandree/qmail-bugs.html Unofficial qmail Bug and Wishlist] * [http://xzdev.com/qmail_queue.html Qmail queue messages deliver (PHP)] * [http://code.google.com/p/qmail-distributions qmail-distributions] - qmail patches combined into easy to use distributions * [http://www.indimail.org IndiMail] - A Modern, Modular Mailserver using qmail as MTA. Provides multiple missing features not found in qmail * [http://notes.sagredo.eu/node/8 Roberto's qmail notes] - An English/Italian howto on qmail and related software. A big patch is included. Updated regularly. [[Category:Message transfer agents]] [[Category:Free email server software]] [[Category:Free software programmed in C]] [[Category:Public domain software]] [[cs:Qmail]] [[de:Qmail]] [[es:Qmail]] [[eo:Qmail]] [[fr:Qmail]] [[it:Qmail]] [[ja:Qmail]] [[pl:Qmail]] [[pt:Qmail]] [[ru:Qmail]] [[sv:Qmail]] [[zh:Qmail]]'
New page wikitext, after the edit (new_wikitext)
'{{lowercase|title=qmail}} {{Infobox software | name = qmail | logo = | screenshot = | caption = | developer = [[Daniel J. Bernstein]] | latest release version = 1.03 | latest release date = {{release date|1998|06|15}} | latest preview version = netqmail 1.06 | latest preview date = November 11, 2007 | operating system = [[Unix-like]] | programming language = [[C (programming language)]] | platform = | genre = [[Mail transfer agent]] | license = [[public domain]]<ref name=rewardraised> {{cite web |url=http://cr.yp.to/qmail/qmailsec-20071101.pdf |title=Some thoughts on security after ten years of qmail 1.0 |accessdate=2007-12-01 }}</ref> | website = http://cr.yp.to/qmail.html }} '''qmail''' is a [[mail transfer agent]] (MTA) that runs on [[Unix]]. It was written, starting December 1995, by [[Daniel J. Bernstein]] as a more [[computer security|secure]] replacement for the popular [[Sendmail]] program. qmail's source code is in the [[public domain]], making qmail [[free software]].<ref name="source-pd">{{cite web |url=http://cr.yp.to/qmail/dist.html |title=Information for distributors |quote=I hereby place the qmail package (in particular, qmail-1.03.tar.gz, with MD5 checksum 622f65f982e380dbe86e6574f3abcb7c) into the public domain. You are free to modify the package, distribute modified versions, etc. }}</ref> ==Features== ===Security=== When first published, qmail was the first security-aware mail transport agent; since then, other security-aware [[Mail transfer agent|MTA]]s have been published. The most popular predecessor to qmail, [[Sendmail]], was not designed with security as a goal, and as a result has been a perennial target for attackers. In contrast to sendmail, qmail has a modular architecture composed of mutually untrusting components; for instance, the [[SMTP]] listener component of qmail runs with different [[User identifier (Unix)|credentials]] than the queue manager, or the SMTP sender. qmail was also implemented with a security-aware replacement to the [[C standard library]], and as a result has not been vulnerable to [[Stack buffer overflow|stack]] and [[Heap overflow|heap]] overflows, [[format string attack]]s, or temporary file race conditions. ===Performance=== When it was released, qmail was significantly faster than Sendmail, particularly for bulk mail tasks such as mailing list servers. qmail was originally designed as a way for managing large mailing lists. ===Simplicity=== Sendmail configuration is complex. For common configurations, qmail is significantly easier to configure and deploy. ===Modularity=== qmail is nearly a completely modular system in which each major function is separated from the other major functions. It is easy to replace any part of the qmail system with a different module as long as the new module retains the same interface as the original. ==Controversy== qmail was designed as a pointed response to Sendmail, an extremely popular and somewhat beloved piece of Unix software. Author Bernstein was not shy about pointing out the deficiencies in Sendmail's design and the superior characteristics of qmail, nor did he take pains to replicate Sendmail's behavior, which at the time was the de facto standard for Internet mail delivery. As a result, qmail came under unusually intense scrutiny. ===Security reward and Georgi Guninski's vulnerability=== Bernstein offered a US$500 reward for the first person to publish a verifiable [[security hole]] in the latest version of the software.<ref name=guarantee> {{cite web |url=http://cr.yp.to/qmail/guarantee.html |title=The qmail security guarantee |accessdate=2007-10-05 }}</ref> In 2005, security researcher Georgi Guninski found an [[integer overflow]] in qmail. On 64-bit platforms, in certain configurations of disputed realism (including absence of resource limits and unusually large amounts of available virtual memory), the delivery of huge amounts of data to certain qmail components may allow remote code execution. Bernstein disputes that this is a practical attack, arguing that no real-world deployment of qmail would be susceptible. Configuration of resource limits for qmail components mitigates the vulnerability.<ref> {{cite web |author = Georgi Guninski |title = Georgi Guninski security advisory #74, 2005 |url = http://www.guninski.com/where_do_you_want_billg_to_go_today_4.html |accessdate= 2007-10-05 }}</ref> On November 1, 2007, Bernstein raised the reward to US$1000.<ref name="rewardraised"/> At a slide presentation the following day, Bernstein stated that there were 4 "known bugs" in the ten year old qmail-1.03, none of which were "security holes." He characterized the bug found by Guninski as a "potential overflow of an unchecked counter." "Fortunately, counter growth was limited by memory and thus by configuration, but this was pure luck."<ref name=slideshow> {{cite web |url=http://cr.yp.to/talks/2007.11.02/slides.pdf |title=Some thoughts on security after ten years of qmail 1.0 [Slide presentation] |accessdate=2008-01-17 }}</ref> === Frequency of updates === The core qmail package has not been updated for many years.<ref> {{cite web | url = http://www.lifewithqmail.org/lwq.html#history | title = Life with qmail; History | accessdate = 2007-12-01 }}</ref> New features are provided by third party patches, such as net-qmail. This is a benefit for some users, from not needing to apply patches continuously, and a liability for other users, particularly those who rely on authentication mechanisms that post-date qmail. === Standards compliance === qmail was not designed to replace [[Sendmail]], and does not behave exactly as [[Sendmail]] did in all situations. In some cases, these differences in behavior have become grounds for criticism. For instance, qmail's approach to bounce messages (a format called QSBMF) differs from the standard format of [[bounce message|delivery status notifications]] specified by the [[IETF]] in RFC 1894, meanwhile advanced to [[Internet_standard#Draft_Standard|draft standard]] as RFC 3464, and recommended in the [[Simple Mail Transfer Protocol|SMTP]] specification. Furthermore, some qmail features have been criticized for introducing mail forwarding complications; for instance, qmail's "wildcard" delivery mechanism and security design prevents it from rejecting messages to nonexistent senders during SMTP transactions. In the past, these differences may have made qmail behave differently when abused as a spam relay, though modern spam delivery techniques are less influenced by bounce behavior. === Copyright status === qmail was released to the [[Public Domain|public domain]] in November 2007.<ref> {{cite web | url = http://video.google.com/videoplay?docid=-3147768955127254412&q=%22Bernstein+releases+code+to+public+domain%22&total=1&start=0&num=10&so=0&type=search&plindex=0 | title = Bernstein releases code into the public domain | accessdate = 2007-11-30 }}</ref> Until November 2007, qmail was [[license-free software]], with permission granted for distribution in source form or in pre-compiled form (a "var-qmail package") only if certain restrictions (primarily involving compatibility) were met. This unusual licencing arrangement made qmail non-free according to some guidelines (such as the [[DFSG]]), and was a cause of controversy. qmail is the only broadly deployed MTA in the public domain. ==See also== {{Portal|Free software}} * [[qpsmtpd]] * [[djbdns]] * [[List of mail servers]] * [[Comparison of mail servers]] ==References== <references/> ==External links== * [http://cr.yp.to/qmail.html Official qmail website], maintained by the author. * [http://www.qmail.org/ qmail.org] A reference site for qmail users, including patches and addons, maintained by [[Russ Nelson]] * [http://qmail-ldap-ui.sourceforge.net qmail-LDAP-UI] - qmail-LDAP-UI is a Web based User Administration tool * [http://www.qmailtoaster.com/ Qmailtoaster] - Distributes RPM files for appropriate distros to install Qmail quickly and easily. Has a wiki and mailing list. * pkgsrc [ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/mail/qmail/README.html qmail] and [ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/mail/qmail-run/README.html qmail-run], a pair of easy-to-install cross-platform qmail source packages included in [http://www.pkgsrc.org/ pkgsrc] * [http://qmail.faqts.com/ The qmail section of FAQTS], an extensive knowledgebase built by qmail users * [http://www.qmailwiki.org/ qmailWiki] is a relatively new [[wiki]] about qmail, hosted by [[Inter7]] *[http://qmail.jms1.net/ J.M.Simpson qmail site] Useful Information about qmail, including explanations and patches, by John M. Simpson (Updated regularly) * [http://home.pages.de/~mandree/qmail-bugs.html Unofficial qmail Bug and Wishlist] * [http://xzdev.com/qmail_queue.html Qmail queue messages deliver (PHP)] * [http://code.google.com/p/qmail-distributions qmail-distributions] - qmail patches combined into easy to use distributions * [http://www.indimail.org IndiMail] - A Modern, Modular Mailserver using qmail as MTA. Provides multiple missing features not found in qmail * [http://notes.sagredo.eu/node/8 Roberto's qmail notes] - An English/Italian howto on qmail and related software. A big patch is included. Updated regularly. [[Category:Message transfer agents]] [[Category:Free email server software]] [[Category:Free software programmed in C]] [[Category:Public domain software]] [[cs:Qmail]] [[de:Qmail]] [[es:Qmail]] [[eo:Qmail]] [[fr:Qmail]] [[it:Qmail]] [[ja:Qmail]] [[pl:Qmail]] [[pt:Qmail]] [[ru:Qmail]] [[sv:Qmail]] [[zh:Qmail]]'
Whether or not the change was made through a Tor exit node (tor_exit_node)
0
Unix timestamp of change (timestamp)
1318710465