How to SMTP (Email) Server Fedora 6?

[Mikkel L. Ellertson]

Les Mikesell wrote:
> James Wilkinson wrote:
> 
> You make some very good arguments about why distributions should ship
> expertly built working configuations instead of requiring every user who
> needs to receive email by smtp to muddle though fixing a broken one and
> probably doing it badly. Were you trying to say the opposite?
> 
Maybe because the configuration as shipped is not broken. You keep
trying to make it look like everyone needs to receive email by SMTP.
But most machines do NOT need to be able to receive outside mail. So
let the people that do need it turn it on. If the default
configuration were changed so that Sendmail was not limited to the
loopback interface, most people running a mail server would still
have to modify it. So they would still have to "muddle through" the
configuration. At the same time, you have all these other machines
that should not be listening for outside mail connections that ether
have to edit the configuration, or block the connections another way.

So you are saying that the configuration should be changed to one
that helps a few people of the people that want to run a mail
server, while making it harder the people that do not need it, and
makes no difference to most people that are going to run a mail
server. It makes more sense to have a configuration that works for
most people. And it does work for most machines that are not mail
servers. (Are you trying to say most machines are configured as mail
servers, not counting delivering locally generated mail?) The
non-mail server machines that it does not work on need changes to
use a specific mail server for outgoing mail, and so would not be
helped by any default config file. But the current default will work
for them with one small change. (Or you can edit the sendmail.cf
file directly and put in the relay host.)

Regardless of what kind of configuration is shipped, it is not going
to work for most people running a mail server without changes.

You talk about shipping "expertly built working configuations".
Maybe if you defined what they should be, there could be packages
containing those configurations for people that need them. Something
like the caching-nameserver package for Bind.


>> The other one is of
>> more use, but given the state of public key cryptography, it would
>> *still* need the admin to set up PKI to ensure that the passwords that
>> were exchanged couldn't be eavesdropped (think man-in-the-middle
>> attacks).
> 
> This is _exactly_ the same for ssh and https, but _oh look_, they come
> already set up for you...  They don't depend on the end user to get this
> tricky part of the configuration right.
> 
The services are not enabled by default. For ssh, it is not hard to
configure. It is also easier to spot a man in the middle attack,
especially if you have connected to the remote machine before. I
have not used the stock https setup, so I can not comment on it.
> 
> As I recall, your own reaction to the way RH/fedora distributes sendmail
> was to dump it completely and replace it with a different package.  I
> don't think that qualifies you as a cheerleader for the way it works now.
> 
Why? Just because he feels that Sendmail is the wrong package to use
at the default mail server does not invalidate his arguments about
the configuration to use if you are going to ship Sendmail as the
default.

So far, your complaints about how hard it is to get the Sendmail
configuration right are the best arguments I have seen about not
using Sendmail as the default mail server. Maybe they should be
using Postfix by default. You don't need the M4 package to configure
it, and the configuration files are heavily commented and can be
changed with a normal text editor.

Mikkel
-- 

  Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!