Setting the Record Straight

  • March 19, 2024

“First they ignore you, then they laugh at you, then they fight you, then you win.”

There are a lot of milestones we’ve seen over the last year here at KumoMTA. These include a production release, multiple production users, hundreds of pages of documentation written, thousands of lines of code written and tested, and we recently celebrated reaching 200 members of our community on our Discord server!

One milestone we didn’t plan for in advance but still celebrate as an indicator of our progress is reaching the “then they fight you” stage. How? By hearing from our users and prospects that the established commercial MTA vendors have started spreading misinformation about us. The introduction of Fear, Uncertainty, and Doubt is a classic sales tactic, and we’re honored to be considered enough of a competitor that they feel the need to spread a little FUD. That said, misinformation needs to be addressed when it appears, lest it take root.


To that end, let’s address some things that it seems are being said about us:

They are only three people, with only one developer

There are indeed three of us, because at this stage in our growth that is all we need to be. We do indeed have one core developer, and look at what he’s done in a single year. This isn’t the first MTA for any of us (it’s the third for some of us), and the lowest tenure in email infrastructure among us is 14 years.

It is not our long-term plan to stay at our current size.  As we take on more sponsors and users, we have already identified not only the roles we will hire but also the people. We’ve worked with some of the best in the industry, and they believe in what we’re doing. And those roles are all engineers, either in development or support.

That said, I wonder if the fearmongers have taken a good look at their own team size and realized just how small a percentage of the people are in roles that improve customer outcomes, rather than sales/marketing/admin. They may realize that number isn’t much different than ours.

They may be at risk of a copyright lawsuit from a previous employer

I’ve heard this one with an added touch of “and their users could be sued too”, which shows either a real intent to deceive or a serious lack of understanding of how copyright law works.

If you look at the article about copyright in Wikipedia, you’ll see “Copyright is intended to protect the original expression of an idea in the form of a creative work, but not the idea itself” - so building another MTA isn’t a copyright violation.

KumoMTA is an original work whose entire development history is available to review on GitHub. This is one of the values of open-source - we can’t hide behind a commercial license agreement.

Beyond that, what we do with KumoMTA is either new and unique, such as architecting around tenants and campaigns as first-class queue entities, or something that all the commercial MTA vendors have implemented (usually because that’s what the RFCs call for), so either we’re all “violating some copyright”, or none of us are.

What’s stopping them from going closed-source and making you buy a commercial license in the future?

This one is honestly my favorite of all, raising the concern that we might someday do exactly what they are doing now. Not only have I written many times before about how we have taken no funding, and how it’s VC interests that tend to drive Open-Source companies to go to non-open license models, but there’s also a fundamental misunderstanding about how things work when that happens.

Open-Source license cannot be retroactively revoked. Even if we wanted to change the license scheme, what we’ve released so far under the Apache 2 license will always be Open-Source. We can’t even effectively take the source code offline because it’s already been forked several times. That means that users who have come to depend on KumoMTA will never be at risk of their servers shutting down, and even if in the future after we theoretically stopped shipping an Open-Source KumoMTA and a bug was found, the community could step up and fix the bug.

Hashicorp is a prime example of a venture-backed company that decided to switch to a BSL license and guess what? The community reacted by creating OpenTofu, a fork of Terraform that is now supported and maintained by the community. It was built from the last source code that Hashicorp released under its previous Open-Source license.

It bears repeating: what kind of FUD is it when you try and make someone worry that we might change gears and become exactly like the writer of the misinformation? If a commercial MTA vendor is such a scary thing, I’d suggest sticking with Open-Source.

The Facts

The email-sending industry started, and in some cases continues to depend on Open-Source MTAs. That changed not because Open-Source was the wrong model, but because early MTAs such as Sendmail, Postfix, Qmail, and Exim were not architected for the use cases of large senders. While that vacuum allowed commercial MTA vendors to grow, it’s time for a change.

Most large senders already leverage Open-Source infrastructure elsewhere in their stack, but the time has come for their critical email-sending infrastructure to also leverage the transparency, community, and risk mitigation that Open-Source has to offer.