A descendant of the original ARPANET delivermail application, sendmail is a remarkably flexible program, supporting many kinds of mail transfer and delivery including the overwhelmingly popular SMTP. The original version of Sendmail was written by Eric Allman in the early 1980s at UC Berkeley, who had also written delivermail previously.
Sendmail has been widely criticized as slow, overcomplicated, and difficult to maintain by comparison with other MTAs such as Qmail and Postfix. Nevertheless it remains the most popular MTA on the Internet, a fact almost certainly due in part to its position as the standard MTA under most variants of the Unix operating system. According to one study, as of November 2001 approximately 42% of the publicly reachable mail servers on the Internet were running sendmail on some form of Unix system.
Sendmail is often run as the root user, representing a severe security threat if compromised. This is despite the recommendation since 2001 by its authors that it be run as an unprivileged user.
In March 2003, reports of a new security vulnerability in sendmail have been circulating, together with proof-of-concept exploit code. This raises fears of an imminent new Internet worm problem, unless existing vulnerable implementations are patched in time.
References