source-changes: Re: /etc/mailer.conf vs. postfix vs. sendmail vs. ??? (was: CVS commit: basesrc/etc)

Subject: Re: /etc/mailer.conf vs. postfix vs. sendmail vs. ??? (was: CVS commit: basesrc/etc)
To: Charlie Allom <charlie@rubberduck.com>
From: Greg A. Woods <woods@weird.com>
List: source-changes
Date: 10/19/2002 17:25:12

[ On Sunday, October 20, 2002 at 05:23:13 (+1000), Charlie Allom wrote: ]
> Subject: Re: CVS commit: basesrc/etc
>
> On Thu, Oct 17, 2002 at 09:48:43PM +0200, Soren S. Jorvang wrote:
> > On Thu, Oct 17, 2002 at 08:45:43PM +0100, Andrew Doran wrote:
> > > 
> > > If you want to do this, then please change sysinst to provide the choice, or
> > > at a minimum document it in a prominent place.
> > 
> > With no entries in mailer.conf, mailwrapper prints the following.
> > 
> > sendmail: mailwrapper: no mapping in /etc/mailer.conf
> > 
> > I'd say that's fairly user-friendly.
> 
> I would thouroughly disagree!
> 
> "what is a mail wrapper?"

"man mailwrapper"  :-)

> "what does mailer.conf do for me?"

"man mailer.conf" :-)

> "what is sendmail, exactly?" for that matter

"man sendmail" :-)

> I remember these questions from some time ago - _document_ it for the
> clueless or leave it as a working system IMO. I would call a
> non-local-delivering OS on install a broken one.

The clueless really must learn to RTFM -- or at least find help from
someone clued enough to do that for them.  If they can't do that they
probably shouldn't even be trying to use a computer, let alone have the
root password to one.  "Good system administration is not easy, ..." and
"... it takes great system administration to keep a machine secure...".
(Steve Bellovin, <URL:http://www.research.att.com/~smb/papers/sysadmin.html>)

> Some of us may hate sendmail - but hey - it works for that simple
> purpose!

well, if you ignore the potentially serious consequences of being hit
with a subtle mis-configuration that makes it an open relay, or worse
there's yet another remote exploit.....  :-)

a nice small mailer that only handles aliases and either calls
mail.local to deliver locally or if networking is enabled then
optionally calls some trivial SMTP-like client that only forwards to a
gateway (no routing) would be much better.

Note that Postfix can be very safely configured that way MUCH more
easily than Sendmail can be.....  The setting the gateway is just one
non-standard line in /etc/postfix/main.cf (relayhost=SOMEHOST) and the
rest is just a matter of commenting out the 'smtpd' line in
/etc/postfix/master.cf.

-- 
								Greg A. Woods

+1 416 218-0098;            <g.a.woods@ieee.org>;           <woods@robohack.ca>
Planix, Inc. <woods@planix.com>; VE3TCP; Secrets of the Weird <woods@weird.com>