"I want to avoid locking people into solutions that work only with Postfix. People should have a choice in what software they want to use with Postfix, be it anti-virus or otherwise"
About this Quote
Venema is staking out an ethic of infrastructure: the mail server should be a platform, not a trap. Coming from the author of Postfix, that matters. It is easy for a widely deployed tool to grow a gravitational pull, quietly pressuring admins and vendors into “the Postfix way” until compatibility becomes a polite fiction. His line pushes back on that dynamic with a deliberately unglamorous principle: interoperability.
The specific intent is practical. Mail systems live in messy, heterogenous environments where security tooling changes fast and where policies differ by organization, jurisdiction, and risk tolerance. Anti-virus is the example because it’s the most obvious pressure point: integrate too tightly with one scanner and you’ve effectively deputized a third-party product into your core architecture. The moment licensing changes, a vendor sunsets a feature, or a new threat demands a different approach, your “free choice” becomes a migration crisis.
The subtext is also reputational. Postfix has long been positioned as a safer, more maintainable alternative to legacy MTAs. Lock-in would undercut that narrative by making Postfix feel like a walled garden wearing open-source clothes. Venema is signaling to users that power stays with operators, not with the maintainer and not with adjacent vendors.
Contextually, this is a classic open-source governance move: set a boundary against feature creep that turns a clean core into an integration junk drawer. By saying “with Postfix, be it anti-virus or otherwise,” he’s defending modularity as a security posture and a cultural stance: keep the core stable, keep the edges swappable, keep the ecosystem honest.
The specific intent is practical. Mail systems live in messy, heterogenous environments where security tooling changes fast and where policies differ by organization, jurisdiction, and risk tolerance. Anti-virus is the example because it’s the most obvious pressure point: integrate too tightly with one scanner and you’ve effectively deputized a third-party product into your core architecture. The moment licensing changes, a vendor sunsets a feature, or a new threat demands a different approach, your “free choice” becomes a migration crisis.
The subtext is also reputational. Postfix has long been positioned as a safer, more maintainable alternative to legacy MTAs. Lock-in would undercut that narrative by making Postfix feel like a walled garden wearing open-source clothes. Venema is signaling to users that power stays with operators, not with the maintainer and not with adjacent vendors.
Contextually, this is a classic open-source governance move: set a boundary against feature creep that turns a clean core into an integration junk drawer. By saying “with Postfix, be it anti-virus or otherwise,” he’s defending modularity as a security posture and a cultural stance: keep the core stable, keep the edges swappable, keep the ecosystem honest.
Quote Details
| Topic | Technology |
|---|
More Quotes by Wietse
Add to List
