However, writing software without defects is not sufficient. In my experience, it is at least as difficult to write software that is safe - that is, software that behaves reasonably under adverse conditions.
Lack of documentation is becoming a problem for acceptance.
Defect-free software does not exist.
Most of the effort in the software business goes into the maintenance of code that already exists.
This will surprise some of your readers, but my primary interest is not with computer security. I am primarily interested in writing software that works as intended.
Writing software that's safe even in the presence of bugs makes the challenge even more interesting.
For many people my software is something that you install and forget. I like to keep it that way.
Coming back to the topic of computer security, the TCP Wrapper is an example of such a safety net. I wrote it when my systems were under attack by someone who appeared to walk through walls.
Sure, but competition is good for the user.
When I write software, I know that it will fail, either due to my own mistake, or due to some other cause.
Windows favors multi-threading, which means that a service is implemented by one single process.
The challenge with Postfix, or with any piece of software, is to update software without introducing problems.
The Postfix security model is based on keeping software simple and stupid.
Qmail out of the box works fine, so people will want to use it regardless of licensing restrictions, even when the software does not ship with their system software.
Postfix keeps running even if one Postfix process dies; Windows requires that someone restarts the service.
One bug in an SMTP server can open up the whole machine for intrusion.
My reply is: the software has no known bugs, therefore it has not been updated.
Like all software, Qmail can survive only when it keeps up with changing requirements.
As of today, the Postfix mail transport agent has almost 50,000 lines of code, comments not included.