None of the Above (was Re: Sendmail still default?)

[Les Mikesell]

Bill Nottingham wrote:

>>>> Which is why mail is a sensible delivery mechanism.  It already knows 
>>>>  how to deliver elsewhere if you want.
>>> With built-in mechanisms to allow for easy spoofing of critical events
>>> to the user from anyone on the internet, no less!
>> I'm surprised you are able to do that with fedora's default mail  
>> configuration that only accepts from localhost...  Perhaps you should  
>> let us in on the secret.
> 
> ????
> 
> We're talking about arbitrary mail delivery. It could be forwarded
> to any e-mail account, anywhere. (After all, that's what you're asking
> for with redirection of root e-mail.)  Ergo, anyone with knowledge of
> 1) your e-mail address 2) your machine could send you a spoof/phishing/etc.

But that's true whether or not you use it yourself.  And it is 
relatively difficult to spoof the originating host IP since it is 
recorded by the receiving server.

>>> Should the information be sent via e-mail to an adminstrator, and
>>> stored for later viewing in general? Yes. Does that mean e-mail is
>>> the best mechanism for presenting it? No.
>> If you have a bad email mechanism, fix that problem.
> 
> I think attempting to have all cron/alert/whatever mail gpg-signed
> with a host-specific key would be waaaaaaaaaaaay overkill.

The value of unix-like systems is that they provide the user with a 
standard toolbox to be used in an appropriate way for any situation. 
Good working defaults are just a plus - the tools, and the fact that 
they follow standards, are the critical part.

-- 
   Les Mikesell
    lesmikesell at gmail.com