Les Mikesell wrote:
> Mikkel L. Ellertson wrote:
[...]
>>I don't know that I would call it "intentionally broken".
>
> It is useless for any reasonable use of email - unless you only
> enjoy talking to yourself.
It is intentionally secured from the outside world. This is a good
policy to ship something that will be installed by default on both
desktops and servers. Desktop users shouldn't have sendmail listening
on their external network at all. And if you intend to run a mail
server, you surely ought to be able to find the proper config files
that need to be edited.
> Someone doesn't want your mail to work. Or they want to make
> sendmail look difficult to configure.
Of the MTA's that I have seen, sendmail is one of the annoyingly
difficult to configure. The O'Reilly sendmail book (AKA the Bat
Book), is 1232 pages. That's not because sendmail is easy.
>>It is severely restricted, but if you are going to run a mail server
>>accessible to the outside world, you are going to have to make some
>>changes anyway, unless you want to end up with an open relay.
>
> No, the access file controls the ability to relay and the default
> file supplied prohibits it. It is not necessary to break normal
> network access for that.
So you think Fedora should be shipping sendmail listening on all
interfaces by default? Or do I misunderstand how the access controls
work in sendmail (which is quite possible, I gave up sendmail for
postfix when I learned of its existence and its focus on security)?
--
Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
======================================================================
There is nothing government can give you that it hasn't taken from you
in the first place.
-- Winston Churchill
Attachment:
pgpSS036hVSL4.pgp
Description: PGP signature
