From owner-freebsd-arch Wed Jun 19 0:52:48 2002 Delivered-To: freebsd-arch@freebsd.org Received: from adsl-63-198-35-122.dsl.snfc21.pacbell.net (adsl-63-198-35-122.dsl.snfc21.pacbell.net [63.198.35.122]) by hub.freebsd.org (Postfix) with ESMTP id 34E7037B404; Wed, 19 Jun 2002 00:52:35 -0700 (PDT) Received: from lbl.gov (localhost [127.0.0.1]) by adsl-63-198-35-122.dsl.snfc21.pacbell.net (8.11.6/8.11.6) with ESMTP id g5J7rJc00589; Wed, 19 Jun 2002 00:53:19 -0700 (PDT) (envelope-from j_guojun@lbl.gov) Message-ID: <3D10386F.BD245FCA@lbl.gov> Date: Wed, 19 Jun 2002 00:53:19 -0700 From: "Jin Guojun[DSD]" X-Mailer: Mozilla 4.76 [en] (X11; U; FreeBSD 4.5-RELEASE i386) X-Accept-Language: zh, zh-CN, en MIME-Version: 1.0 To: Gregory Neil Shapiro Cc: Doug Barton , "Crist J. Clark" , FreeBSD-arch@FreeBSD.org Subject: Re: conf/39444: rc.sendmail syntax error: cannot disable sendmail References: <3D0FB406.83DE356D@lbl.gov> <20020618155900.O2483-100000@master.gorean.org> <15632.6996.519381.823439@horsey.gshapiro.net> <3D102055.F08DD2AE@FreeBSD.org> <15632.9131.365021.260177@horsey.gshapiro.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Gregory Neil Shapiro wrote: > > DougB> The problem is, the users are getting confused. Neither of the methods > DougB> you describe is "standard," which is a big part of the confusion. > > I guess the standard way would be: > > sendmail_enable=NO > sendmail_submit_enable=NO > sendmail_outbound_enable=NO > sendmail_msp_queue_enable=NO > > This is (and was) always available. sendmail_enable=NONE is just a > shortcut that has the same effect as setting all four to NO. With that in > mind, the only other thing that could be added is a > sendmail_dont_run_at_all variable that, if set to YES, is exactly the same > as: > > 1. sendmail_enable=NONE, or > 2. mta_start_script="", or > 3. sendmail_enable=NO > sendmail_submit_enable=NO > sendmail_outbound_enable=NO > sendmail_msp_queue_enable=NO > > My preference is not to add a fourth equivalent method to the above list. There is no need for another method to do above. Issues are: (1) NONE is used only here, so it is not a "standard" syntax for general purpose. It is not clear if it means sendmail_enable=NO in old system or not. So, above information with some further explanation need to be put into /etc/mail/README and/or in man/rc.sendmail. It is confusing. (2) From /etc/mail/README, running a daemon to accept localhost is needed for outbound traffic. If sendmail_submit_enable=NO and sendmail_enable=NO, then outbound mail will silently sinks. This needs to be clearly stated in some place easy to see because this is new. For another security reason, from old system, users may kill the sendmail accepting messages if they are not aware this new feature. Most argument here is that "How can I trust something is not suppose to run?" Under new system, after they kill the sendmail daemon, all outgoing mail will lost without any warning, and users may take long time to find out no mail was sent due to this issue. Changing things in email system will significantly affect current computing environment, so we need to be careful when doing so. -- ------------ Jin Guojun ----------- v --- j_guojun@lbl.gov --- Distributed Systems Department http://www.itg.lbl.gov/~jin M/S 50B-2239 Ph#:(510) 486-7531 Fax: 486-6363 Lawrence Berkeley National Laboratory, Berkeley, CA 94720 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message