F20 System Wide Change: No Default Sendmail

Lennart Poettering mzerqung at 0pointer.de
Mon Jul 22 17:00:29 UTC 2013 

On Mon, 22.07.13 18:43, Miloslav Trmač (mitr at volny.cz) wrote:

> On Mon, Jul 22, 2013 at 6:36 PM, Lennart Poettering
> <mzerqung at 0pointer.de> wrote:
> > On Fri, 19.07.13 20:22, Miloslav Trmač (mitr at volny.cz) wrote:
> >
> >> On Fri, Jul 19, 2013 at 8:16 PM, Matthew Miller
> >> <mattdm at fedoraproject.org> wrote:
> >> > On Fri, Jul 19, 2013 at 07:37:35PM +0200, Miloslav Trmač wrote:
> >> >> However, having the /usr/sbin/sendmail API available to applications
> >> >> is valuable - it brings a significant system administration benefit of
> >> >> centralizing the SMTP configuration.
> >> >
> >> > What does it mean to "have available"?
> >> Just that.  The binary exists and does what it is expected to do.
> >
> > Where "expected to do" means effectively route it to /dev/null?
> 
> It's actually less similar to /dev/null than log files are - log files
> are rotated and deleted, mail stays in the mail boxes until explicitly
> deleted (or space runs out).

Well, so it's even a DoS... Just find some trigger to generate a lot of
mails to root and /var will eventually fill up, even beyond those 10%
reserved for root, since well, mail to root is accounted to root...

This is not helping your case. It just makes it worse.

> > If features only work after configuration (in articular non-trivial
> > configuration like this case) then it should not be part of the default
> > install.
> 
> That a feature needs configuration does not automatically exclude it
> from the default installation - removing a package from the default
> installation and telling users to install it back is just window
> dressing and asking them to do unnecessary extra work.

No, because only a smaller fraction of installs would actually end up
installing a local MTA.

> >> Application that want to log shoud log.  Applications that want to
> >> send e-mail should send e-mail.  My bank's monthly statement would be
> >> rather useless in the bank's splunk archive.
> >
> > Sure, but your bank web site probably doesn't send its mails out with
> > only tools of the default install?
> 
> "What is in the default install" is, as argued elsewhere, also an
> implicit documentation of "how things are done".

But it is totally bogus to claim that banks would suddenly stop sending
you notifcations by email just because Fedora doesn't install sendmail
by default. I mean, come on, you are not trying to be honest here, and
you know it.

Lennart

-- 
Lennart Poettering - Red Hat, Inc.

More information about the devel mailing list