Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 19 Jun 2002 00:53:19 -0700
From:      "Jin Guojun[DSD]" <j_guojun@lbl.gov>
To:        Gregory Neil Shapiro <gshapiro@FreeBSD.org>
Cc:        Doug Barton <DougB@FreeBSD.org>, "Crist J. Clark" <cjc@FreeBSD.org>, FreeBSD-arch@FreeBSD.org
Subject:   Re: conf/39444: rc.sendmail syntax error: cannot disable sendmail
Message-ID:  <3D10386F.BD245FCA@lbl.gov>
References:  <3D0FB406.83DE356D@lbl.gov> <20020618155900.O2483-100000@master.gorean.org> <15632.6996.519381.823439@horsey.gshapiro.net> <3D102055.F08DD2AE@FreeBSD.org> <15632.9131.365021.260177@horsey.gshapiro.net>

next in thread | previous in thread | raw e-mail | index | archive | help
Gregory Neil Shapiro wrote:
> 
> DougB> The problem is, the users are getting confused. Neither of the methods
> DougB> you describe is "standard," which is a big part of the confusion.
> 
> I guess the standard way would be:
> 
> sendmail_enable=NO
> sendmail_submit_enable=NO
> sendmail_outbound_enable=NO
> sendmail_msp_queue_enable=NO
> 
> This is (and was) always available.  sendmail_enable=NONE is just a
> shortcut that has the same effect as setting all four to NO.  With that in
> mind, the only other thing that could be added is a
> sendmail_dont_run_at_all variable that, if set to YES, is exactly the same
> as:
> 
> 1. sendmail_enable=NONE, or
> 2. mta_start_script="", or
> 3. sendmail_enable=NO
>    sendmail_submit_enable=NO
>    sendmail_outbound_enable=NO
>    sendmail_msp_queue_enable=NO
> 
> My preference is not to add a fourth equivalent method to the above list.

There is no need for another method to do above. Issues are:

(1) NONE is used only here, so it is not a "standard" syntax for general
purpose. It is not clear if it means sendmail_enable=NO in old system or
not.  So, above information with some further explanation need to be put
into /etc/mail/README and/or in man/rc.sendmail.
It is confusing.

(2) From /etc/mail/README, running a daemon to accept localhost is needed
for outbound traffic. If sendmail_submit_enable=NO and sendmail_enable=NO,
then outbound mail will silently sinks. This needs to be clearly stated
in some place easy to see because this is new.
For another security reason, from old system, users may kill the sendmail
accepting messages if they are not aware this new feature. Most argument
here is that "How can I trust something is not suppose to run?"
Under new system, after they kill the sendmail daemon, all outgoing mail
will lost without any warning, and users may take long time to find out
no mail was sent due to this issue.

Changing things in email system will significantly affect current
computing environment, so we need to be careful when doing so.

-- 
------------ Jin Guojun ----------- v --- j_guojun@lbl.gov ---
Distributed Systems Department		http://www.itg.lbl.gov/~jin
M/S 50B-2239				Ph#:(510) 486-7531 Fax: 486-6363
Lawrence Berkeley National Laboratory,	Berkeley, CA 94720

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3D10386F.BD245FCA>