Subject: Re: bin/30478
To: None <gnats-admin@netbsd.org, netbsd-bugs@netbsd.org,>
From: Paul Shupak <paul@Plectere.com>
List: netbsd-bugs
Date: 08/22/2005 16:01:59
>...
>Synopsis: host_access doesn't apply when using Postfix, but does for sendmail
>
>State-Changed-From-To: open->closed
>State-Changed-By: perry@netbsd.org
>State-Changed-When: Mon, 22 Aug 2005 22:04:11 +0000
>State-Changed-Why:
>I don't think we want to link postfix with libwrap. Postfix has perfectly
>good internal mechanisms for all of this.
>

	There are at least three very useful features missing from
the Postfix internal controls (unless they have been added in the
2.2.x branch):  The only equivalent of the hosts_options "twist"
function is the example case in the man page of "echo" - It is not
possible to run a different binary based of the built-in access
mechanisms.  There is no control over the syslog priority possible
using the built-in mechanisms.  It is not possible to use control
access based on the user, only on the IP or host/domain using what
exists within Postfix (e.g. access cannot be restricted to only
specific local processes easily).  A fourth useful but avoidable
feature is the "banner" function, which can be used to present
different "220" message additions based on access control and
which also has no internal equivalent (just getting a multi-line
"220" message from Postfix is an obscure process - making it
conditional on access control is not supported at all).

	Also,  the principle of least surprise may apply when a simple
configuration (e.g. SMARTHOST relay only) is changed from using sendmail
to Postfix (i.e. the simple command substitution will change a secure
configuration into a insecure one, quite possibly without the administrator's
knowledge);  The prevents a "simple" upgrade to Postfix from sendmail in
many environments (or causes unexpected dangerous consequences).

	Please either reopen or at least reconsider this PR.

	Thank you,

	Paul Shupak