an that is why we need a firewall -> Re: When a yum update sets up an MTA ...

Mauricio Tavares raubvogel at gmail.com
Mon Apr 21 10:58:56 UTC 2014


On Mon, Apr 21, 2014 at 3:42 AM, Reindl Harald <h.reindl at thelounge.net> wrote:
>
> Am 21.04.2014 03:39, schrieb Lars Seipel:
>> Nicely aligning with the current firewall thread I noticed that one of
>> my machines was running the exim MTA for the last few days, dutifully
>> listening on all interfaces
>
> and now it is *proven for sure* that disable the firewall
> by default is the most dumb thing a distribution can do
>
> drago01 will now say again "that is a bug"
> yes, in that case in *two* packages at the same time
> but hwat matters is the impact of a bug
>
> * smartmontools wanted sendmail instead MTA for sending sysmessages
> * sendmail obviously has a braindead default configuration listening on all ports
> * sendmail service is obviously enabled at install time even if smartmontools
>   only need /usr/sbin/sendmail
>
> all things i said that they are happening and will happen again and again
> while they get fixed here and there - again and again - that's life
>
> so you can run in circles and shout "that is a bug" which is
> true and while you are fix it it brings people in trouble
> or you have by default a security layer which hopefully does
> not open port 25 automated because you install sendmail
>
> the next problem: even if such a bug is fixed the affected users
> keep to be fucked because the updated smartmontools only require
> any MTA (which is correct) and so nothing will remove sendmail
> on that machines nor close port 25 after a update of smartmontools
>
      If all smartmontools need is to just send emails out, I would
suggest using something like ssmtp or msmtp.

> https://koji.fedoraproject.org/koji/buildinfo?buildID=511458
> * Thu Apr 17 2014 Michal Hlavinka <mhlavink at redhat.com>
>  - 1:6.2-5 - require /usr/sbin/sendmail as MTA is not provided by all packages (#1048618)
> * Tue Apr 15 2014 Michal Hlavinka <mhlavink at redhat.com>
>  - 1:6.2-4 - use MTA instead of sendmail as a requirement (#1048614)
> * Thu Apr 10 2014 Michal Hlavinka <mhlavink at redhat.com> - 1:6.2-3
>  - add mail requires (#1048614)
>
>
> --
> devel mailing list
> devel at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/devel
> Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct


More information about the devel mailing list