When I write software, I know that it will fail, either due to my own mistake, or due to some other cause.
At the time the Sendmail program had a very poor reputation with respect to security, with four root vulnerabilities per year for two successive years.
Windows favors multi-threading, which means that a service is implemented by one single process.
Defect-free software does not exist.
Writing software that's safe even in the presence of bugs makes the challenge even more interesting.
Most of the effort in the software business goes into the maintenance of code that already exists.
However, writing software without defects is not sufficient. In my experience, it is at least as difficult to write software that is safe - that is, software that behaves reasonably under adverse conditions.
In a previous life I wrote the software that controlled my physics experiments. That software had to deal with all kinds of possible failures in equipment. That is probably where I learned to rely on multiple safety nets inside and around my systems.
Like all software, Qmail can survive only when it keeps up with changing requirements.
For many people my software is something that you install and forget. I like to keep it that way.