Bug 39583
Summary: | Default config makes sendmail useless | ||
---|---|---|---|
Product: | [Retired] Red Hat Linux | Reporter: | Jean Berthomieu <berthoms> |
Component: | sendmail | Assignee: | Florian La Roche <laroche> |
Status: | CLOSED NOTABUG | QA Contact: | David Lawrence <dkl> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 7.1 | CC: | dr |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | i386 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2001-05-08 17:25:58 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Jean Berthomieu
2001-05-08 09:09:18 UTC
I would fire someone blindly upgrading critical production machines without testing beforehand. And where is your description of the actual culprit? I read only "it does not work". And especially: where's the security problem? Can you please have a look at the release-notes that we have prepared for our customers? Thanks, Florian La Roche 7.1 is neither rawhide, nor wolverine. Since beginning (some 4.x), we upgraded every computer (~50) in our dept (University) without a problem. They ran perfectly and smoothly, and I used to say our students "Just choose RedHat rather than X or Y, because it is easier to maintain, more up-to-date, etc. and it is as good for home use (KDE) as for development or servers." Isn't it? 7.1 gave the lie to me, because they could not use mail for half a day, and put me under high pressure - so I was very upset. And yes, I used rawhide, wolverine, then 7.1 on my own computer without problem before upgrading this server. I just can't have another 10k$ RAID5 server just for testing... Anyway, I wouldn't have fired anybody for this - tho, he would have learned some new words from me! Now, the problem: Bug#28340 and 37720 says it all. DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA') prevents to get mail from network. Contrarily as what was the default on 7.0. And I don't think that browsing /etc/sendmail.cf, than "dnl"-ing the right line in /etc/mail/sendmail.mc, then running m4 is within the reach of any end-user. Previous bug reports strengthens me in my opinion. So, this is obviously not a "bug" in 7.1, and there should be a better place (tell me?) to discuss why RedHat did not draw our attention on this change before upgrading to 7.1. I wish I had some query, in upgrade process: "Are you willing to disable network mail?" - (what's worth a no-network mail?) or at least: "Beware, default configuration will disable... please check /etc/mail/sendmail.mc" Sorry to be so long about this, I feel Linux is not to be used by Unix gurus only. RedHat did a lot in this way. Keep on! Why don't you just read RELEASE_NOTES? It's on CD #1 in the root directory: <cite> System-Related Enhancements and Changes --------------------------------------- [...] o Sendmail -- By default, sendmail does not accept network connections from any host other than the local computer. If you want to configure sendmail as a server for other clients, please edit /etc/mail/sendmail.mc and change DAEMON_OPTIONS to also listen on network devices, or comment out this option all together. You will need to regenerate /etc/sendmail.cf by running: m4 /etc/mail/sendmail.mc > /etc/sendmail.cf Note that you must have the sendmail-cf package installed for this to work. </cite> Don't blame Red Hat. Blame yourself. Shame on me! Anyway reading usenet news, I don't feel alone... Just for fun: What's the aim for adding this line? Security. Most people don't need any MTA listening for incoming connections. Less exposure - less risk. And sendmail has a long history of being a risk. |