Cron jobs output are sent to the network by default

Wed Oct 29 20:53:42 UTC 2014

On 10/29/2014 04:08 PM, Andrew Lutomirski wrote:
>
> On Oct 29, 2014 11:33 AM, "Miloslav Trmač" <mitr at redhat.com
> <mailto:mitr at redhat.com>> wrote:
>  >
>  > ----- Original Message -----
>  > > I created a new bug [1] that explains that ssmtp is sending all cron
>  > > jobs output to an external SMTP server. I marked it as a security bug,
>  > > the security tag was removed and it was recommend to make it public,
>  > > something I can't do. I will resume the problem here, because there are
>  > > comments that says that it isn't a security bug, I disagree:
>  > >
>  > > 1- Fedora 20 shipped with the feature of not running a SMTP server by
>  > > default, I was fine with it because I don't need to send emails or
>  > > receive emails locally using it.
>  > >
>  > > 2- an update pulled ssmtp
>  > >
>  > > Apr 20 19:06:14 Installed: ssmtp-2.64-11.fc20.x86_64
>  > > Apr 20 19:06:15 Updated: 1:smartmontools-6.2-5.fc20.x86_64
>  > >
>  > > 3- ssmtp is configured by default to send emails to a host named mail
>  > >
>  > > 4- If a cron jobs runs the email is sent to mail.[your.domain] without
>  > > you ever configuring that.
>  >
>  > This is certainly not a reasonable default configuration for Fedora.
>  >
>  > While I think that it is not a reasonable default configuration for
> ssmtp at all, I could be persuaded otherwise; but in that case, it
> should never be installed by _anything_ that isn’t an explicit user’s
> choice (i.e. no dependencies direct or indirect, no comps group
> presence, and ideally/overzealously? an automated test that makes
> installing ssmtp in a default product configuration a release blocker).
>
> Given that PackageKit can install things with minimal authentication,
> this seems fragile.
>
> Why not change cron's default config instead?

cron default is not the problem IMHO. What if another program is able to 
send email if sendmail command is available but it is optional? then it 
will send all those emails using the default SMTP server configured on 
ssmtp, instead of doing direct delivery to those target domains of the 
email, no other available mailer on Fedora do automatic relay to another 
in the middle MTA by default.

Another thing is that is not possible to disabled ssmtp, you can remove 
the configuration line "mailhub" but it will try the host "mailhub" 
instead of "mail", the only way to "disable" it without resorting to 
install another MTA after being pulled by smartmontools is to use 
something like "mailhub=localhost" and make it fail

>
> --Andy
>
>  >     Mirek
>  > --
>  > devel mailing list
>  > devel at lists.fedoraproject.org <mailto:devel at lists.fedoraproject.org>
>  > https://admin.fedoraproject.org/mailman/listinfo/devel
>  > Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
>
>
>