The author tries to give the impression that qmail has been through a real usage workout (used at very large sites, has lots of installations), and I certainly can't say for sure otherwise. Still, I'm not very convinced that qmail has had the eyeballs and testing to really call it as solid as the author would like to call it.
I had a look at the Debian popularity contest numbers. There are four times more sendmail installations than qmail, and there are eight times more Postfix installations than sendmail. All of these are well behind exim, which is Debian's default.
The author tries to argue that minimizing privileges of trusted code is a distraction. He basically says that if it's trusted and it has a bug, it's still a security problem. That's true as far as it goes, but I think it misses the point of minimizing privileges. The point is to reduce the severity of problems created by bugs. This is similar to how I reduce the severity of my daughter's injuries by letting her use safety scissors rather than a chainsaw. Sure, she could still put an eye out if she really tries, but if I've saved her from losing a limb, I think it's a good policy. Sometimes you can't (or don't have time to) fix all the bugs in a program, but you can make the bugs it has do less damage.
He has good things to say about being secure but less efficient, as clinton has already highlighted.
Are you posting in the right place? Check out Where do I post X? to know for sure.
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big>
<blockquote> <br /> <dd>
<dl> <dt> <em> <font>
<h1> <h2> <h3> <h4>
<h5> <h6> <hr /> <i>
<li> <nbsp> <ol> <p>
<small> <strike> <strong>
<sub> <sup> <table>
<td> <th> <tr> <tt>
Snippets of code should be wrapped in
<code> tags not
<pre> tags. In fact, <pre>
tags should generally be avoided. If they must
be used, extreme care should be
taken to ensure that their contents do not
have long lines (<70 chars), in order to prevent
horizontal scrolling (and possible janitor
Want more info? How to link or
or How to display code and escape characters
are good places to start.