One week after announcing a commercialized version of the free sendmail software that routes most Internet e-mail, Sendmail Inc. has a new heavyweight competitor: IBM Corp.
Big Blue claims that long-running security concerns about open source sendmail prompted the company's researchers to develop a free, open source message transfer agent (MTA) of its own, called Secure Mailer. The new MTA runs on IBM's AIX, and MTA code is available for download from www.ibm.com/alphaworks.
As might be expected, Sendmail executives and loyalists take exception to IBM's criticism of the MTA, which has played an integral role on the Internet since it was written by Eric Allman in 1981. However, even they praise IBM for jumping on the open source bandwagon, calling the move essential for maximizing overall Internet security through the sharing of innovative ideas.
"Secure Mailer is an OK concept, but it's really reinventing the wheel," says Ben Giddings, a hardware/software engineer at Vitana Corp. in Gloucester, Ontario. "Sendmail handles nearly all of the Internet's traffic, has a 20-year history, and, although it's somewhat buggy and sometimes has security problems, [the latest version] has most of the bugs ironed out."
However, Giddings does see long-term potential in IBM's decision.
"I like the fact that IBM is willing to go open source with its new product," Giddings says. "Open source software is a great concept. I make a living writing software, and yet I still feel that things would be far better if all software were open source."
IBM claims its software has reliability and performance advantages over sendmail. In addition, the company says Secure Mailer will prove more secure primarily because it has a modular rather than monolithic architecture. This compartmentalization helps contain potential damage caused by hackers or routine irregularities, the company says.
Sendmail CEO Greg Olson insists that his fledgling company welcomes IBM's "contribution of new ideas in open source form." However, he rejects his new rival's characterizations of sendmail's alleged security shortcomings, maintaining that more than a year has passed since the current version has suffered a documented breach.
"Sendmail is probably the most scrutinized program on the Internet at this point," Olson says. "Given that it runs more than 75 percent of the Internet's servers, the MTA has been hardened in the fire of the trenches."