Description of problem: A default tricky configuration file makes Sendmail unoperative. Average end user won't be able to fix it. No warning is provided when upgrading from previous (7.0) version. How reproducible: Always Steps to Reproduce: 1.Have a mail server running OK with RedHat 7.0 2.Blind upgrade it to 7.1 3.Reboot: Your mail server is down - Thank's RedHat! Actual Results: I could fix it after a couple of hours searching what could have happened, while thousands of people insulted me because they could work nomore. Expected Results: An upgrade should be an upgrade: Things are expected to run as well as before. If not, at least, it should not have been done purposely :-( Additional info: Very bad idea from RH. Very same bad idea with rlogin rsh which have been disabled in /etc/xindet.d without any warning on installation to set them on again. Some guy at RH thinks the best way to improve security is to deny every service. Better unplug the computer! >>> Fire him <<<
I would fire someone blindly upgrading critical production machines without testing beforehand. And where is your description of the actual culprit? I read only "it does not work". And especially: where's the security problem?
Can you please have a look at the release-notes that we have prepared for our customers? Thanks, Florian La Roche
7.1 is neither rawhide, nor wolverine. Since beginning (some 4.x), we upgraded every computer (~50) in our dept (University) without a problem. They ran perfectly and smoothly, and I used to say our students "Just choose RedHat rather than X or Y, because it is easier to maintain, more up-to-date, etc. and it is as good for home use (KDE) as for development or servers." Isn't it? 7.1 gave the lie to me, because they could not use mail for half a day, and put me under high pressure - so I was very upset. And yes, I used rawhide, wolverine, then 7.1 on my own computer without problem before upgrading this server. I just can't have another 10k$ RAID5 server just for testing... Anyway, I wouldn't have fired anybody for this - tho, he would have learned some new words from me! Now, the problem: Bug#28340 and 37720 says it all. DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA') prevents to get mail from network. Contrarily as what was the default on 7.0. And I don't think that browsing /etc/sendmail.cf, than "dnl"-ing the right line in /etc/mail/sendmail.mc, then running m4 is within the reach of any end-user. Previous bug reports strengthens me in my opinion. So, this is obviously not a "bug" in 7.1, and there should be a better place (tell me?) to discuss why RedHat did not draw our attention on this change before upgrading to 7.1. I wish I had some query, in upgrade process: "Are you willing to disable network mail?" - (what's worth a no-network mail?) or at least: "Beware, default configuration will disable... please check /etc/mail/sendmail.mc" Sorry to be so long about this, I feel Linux is not to be used by Unix gurus only. RedHat did a lot in this way. Keep on!
Why don't you just read RELEASE_NOTES? It's on CD #1 in the root directory: <cite> System-Related Enhancements and Changes --------------------------------------- [...] o Sendmail -- By default, sendmail does not accept network connections from any host other than the local computer. If you want to configure sendmail as a server for other clients, please edit /etc/mail/sendmail.mc and change DAEMON_OPTIONS to also listen on network devices, or comment out this option all together. You will need to regenerate /etc/sendmail.cf by running: m4 /etc/mail/sendmail.mc > /etc/sendmail.cf Note that you must have the sendmail-cf package installed for this to work. </cite> Don't blame Red Hat. Blame yourself.
Shame on me! Anyway reading usenet news, I don't feel alone... Just for fun: What's the aim for adding this line?
Security. Most people don't need any MTA listening for incoming connections. Less exposure - less risk. And sendmail has a long history of being a risk.