Les Mikesell wrote: > James Wilkinson wrote: > > You make some very good arguments about why distributions should ship > expertly built working configuations instead of requiring every user who > needs to receive email by smtp to muddle though fixing a broken one and > probably doing it badly. Were you trying to say the opposite? > Maybe because the configuration as shipped is not broken. You keep trying to make it look like everyone needs to receive email by SMTP. But most machines do NOT need to be able to receive outside mail. So let the people that do need it turn it on. If the default configuration were changed so that Sendmail was not limited to the loopback interface, most people running a mail server would still have to modify it. So they would still have to "muddle through" the configuration. At the same time, you have all these other machines that should not be listening for outside mail connections that ether have to edit the configuration, or block the connections another way. So you are saying that the configuration should be changed to one that helps a few people of the people that want to run a mail server, while making it harder the people that do not need it, and makes no difference to most people that are going to run a mail server. It makes more sense to have a configuration that works for most people. And it does work for most machines that are not mail servers. (Are you trying to say most machines are configured as mail servers, not counting delivering locally generated mail?) The non-mail server machines that it does not work on need changes to use a specific mail server for outgoing mail, and so would not be helped by any default config file. But the current default will work for them with one small change. (Or you can edit the sendmail.cf file directly and put in the relay host.) Regardless of what kind of configuration is shipped, it is not going to work for most people running a mail server without changes. You talk about shipping "expertly built working configuations". Maybe if you defined what they should be, there could be packages containing those configurations for people that need them. Something like the caching-nameserver package for Bind. >> The other one is of >> more use, but given the state of public key cryptography, it would >> *still* need the admin to set up PKI to ensure that the passwords that >> were exchanged couldn't be eavesdropped (think man-in-the-middle >> attacks). > > This is _exactly_ the same for ssh and https, but _oh look_, they come > already set up for you... They don't depend on the end user to get this > tricky part of the configuration right. > The services are not enabled by default. For ssh, it is not hard to configure. It is also easier to spot a man in the middle attack, especially if you have connected to the remote machine before. I have not used the stock https setup, so I can not comment on it. > > As I recall, your own reaction to the way RH/fedora distributes sendmail > was to dump it completely and replace it with a different package. I > don't think that qualifies you as a cheerleader for the way it works now. > Why? Just because he feels that Sendmail is the wrong package to use at the default mail server does not invalidate his arguments about the configuration to use if you are going to ship Sendmail as the default. So far, your complaints about how hard it is to get the Sendmail configuration right are the best arguments I have seen about not using Sendmail as the default mail server. Maybe they should be using Postfix by default. You don't need the M4 package to configure it, and the configuration files are heavily commented and can be changed with a normal text editor. Mikkel -- Do not meddle in the affairs of dragons, for thou art crunchy and taste good with Ketchup!
