Date: Sat, 23 Sep 2000 13:55:20 +0200 From: Neil Blakey-Milner <nbm@mithrandr.moria.org> To: cjclark@alum.mit.edu Cc: Nate Williams <nate@yogotech.com>, Warner Losh <imp@village.org>, security@FreeBSD.ORG, Peter Wemm <peter@netplex.com.au> Subject: Re: sendmail default run state Message-ID: <20000923135519.A40815@mithrandr.moria.org> In-Reply-To: <20000922220603.E367@149.211.6.64.reflexcom.com>; from cjclark@reflexnet.net on Fri, Sep 22, 2000 at 10:06:03PM -0700 References: <20000922215616.A33103@mithrandr.moria.org> <200009100358.e8A3wUG76071@netplex.com.au> <200009100415.e8A4F4G76156@netplex.com.au> <20000910154357.A78311@mithrandr.moria.org> <200009222012.OAA70984@harmony.village.org> <200009230001.SAA20358@nomad.yogotech.com> <20000923021119.A35919@mithrandr.moria.org> <20000922220603.E367@149.211.6.64.reflexcom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri 2000-09-22 (22:06), Crist J . Clark wrote: > IMHO, all this talk about 'sendmail_outbound_only' and the like is > adding an extra level of obscurity. I think that what would be even > better would just be good comments on the 'sendmail_flags' variable. > How about in /etc/rc.conf or /etc/defaults/rc.conf, > > #sendmail_flags="-bd -q30m" # Flags tell sendmail to listen for incoming > # mail and check outgoing queue every 30 min > sendmail_flags="-q30m" # Flag tells sendmail to check outgoing queue > # every 30 min, does not listen for incoming > > Just an example, but I really think these changes are so easy with > just tweaking that variable that it is ridiculus to make it more > complex. If we do this, we'll be killed by everyone who wants usability by default. If we have 'sendmail_outboundonly_enable' (or a better name), we can toggle the switch in sysinstall, so we can be "secure by default", and "usable from install" at the same time. > But for anything truly complex, like changing sendmail.cf, we > just have to let the user fend for themselves. It is beyond the scope > of sysinstall. Yes, I agree. Neil -- Neil Blakey-Milner Sunesi Clinical Systems nbm@mithrandr.moria.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000923135519.A40815>