How to SMTP (Email) Server Fedora 6?
Les Mikesell
lesmikesell at gmail.com
Tue Feb 13 19:57:53 UTC 2007
Mikkel L. Ellertson wrote:
> Not really. Why should they be installed by default when most people
> are not going to be running a mail server?
It's not a matter of doing it by default, it is a matter of having to
edit an obscure config file to do it, instead of the RedHat 'way' of
enabling things. What's right for sendmail should be right for sshd,
ftpd, named, httpd, samba, and all the other things where security flaws
have been known to exist and be exploited.
> You keep insisting that EVERY machine needs to be able to accept
> Internet delivery of mail, but you have yet to give a valid reason
> for this.
No, I'm saying that SOME machines need to be able to accept mail and
thus the distribution should provide a reasonable means. I don't
believe that everyone's machine would be safer if it were shipped with a
non-working sshd config file and every user that needed it had to
figure out for themselves what might be good options to put in there,
and I don't believe that for sendmail either.
> I have given you examples of classes of machines that have no
> need for it, but you keep deleting that part of the message in your
> replies, instead of addressing it.
I keep deleting it because it is not relevant to sendmail being treated
differently than every other RH/fedora package. You probably don't need
a web server on your laptop either, but where you do need it, the
package comes up working on the network with the expected RH/fedora
commands.
> Isn't it part of basic security
> to not run services you do not need, and limit connections to the
> services you are running to machines that need to connect?
Again, not relevant. The part that is relevant is following well known
best practices by using expertly developed configurations changed only
where necessary for local differences. The people who need sshd
listening on their network connections can do that because RH/fedora
ships a usable setup. The people who need to receive email via smtp
can't because they don't. And again, I don't believe the world is a
safer place because every person who needs to activate their network
email service has to muddle through sendmail.mc trying whatever changes
look likely to make it work.
--
Les Mikesell
lesmikesell at gmail.com
More information about the fedora-list
mailing list