Subject: Re: replacing sendmail with postfix (summary)
To: NetBSD current list <email@example.com>
From: William Allen Simpson <firstname.lastname@example.org>
Date: 07/04/2003 17:15:27
David Laight wrote:
> Why is support for incoming mail undesirable?
You're not thinking like a security analyst. A service that isn't
enabled -- isn't hackable.
Incoming port 25 service is not enabled by default on installation.
Since it _was_ in the past, I'm assuming that the core folks here
made that security decision, just as they did over in OpenBSD, etc.
> > * comment (add # next to) smtpd in /etc/postfix/master.cf
> > * swap the commented lines (sendmail to postfix) in /etc/mailer.conf
> > * have sysinst add "postfix=YES" to /etc/rc.conf
> And using sendmail takes no changes!
Obviously, you haven't tried running NetBSD out of the box.... Or
followed the related threads this past week.
> > This will not tread on anybody's toes, will not affect current
> > operations, will not prevent folks from using other mailers, but will
> > solve the current install bug (PR install/21998).
> I'm not sure it will.
I'm sure it will, *and* I've tested it.
> A certain amount of other mail has to suceed - eg from crashed vi sessions.
> These all require local mail delivery to be setup for all users.
And in postfix it does, simply by adding "postfix=YES" to rc.conf.
In sendmail it doesn't.
William Allen Simpson
Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32