Date: Wed, 13 Dec 2017 07:21:02 -0600 From: Mike Karels <karels@FreeBSD.org> To: "freebsd-arch@freebsd.org" <freebsd-arch@freebsd.org> Subject: Re: RFC: Sendmail deprecation ? Message-ID: <201712131321.vBDDL29q039904@mail.karels.net>
next in thread | raw e-mail | index | archive | help
It is clear that there isn't a consensus on a single choice of MTA, and that is fine. Here is a summary of my take on current options after reading the discussion to this point: First, we seem to agree that the target for a default setup is not that of an Internet-facing MTA, which requires some thought and configuration. Instead, the target is an originate-only system that does either on-box mail delivery or outbound delivery. At the very least, it can deliver the sysadmin emails configured by default. The options that have been presented: o Use dma. That would apparently suffice for some systems, and is already in base. However, in my opinion, it is missing some capabilities that some sites (including mine) may require: - .forward processing - Its masqerade configuration seems to be too simplistic, e.g. masquerade all or nothing, rather then exempting root and other specified system users. - Some mail clients, e.g. perl packages that we use at $JOB, connect to localhost:25 (or SMTP on some other host) rather than invoking "sendmail" directly. dma will not support these. In addition, it is not as well integrated into the system. It wasn't immediately obvious to me how to enable it, until I followed the "See Also" to mailwrapper; I guess I knew that at one time. It also requires manual configuration of TLS and a certificate if you want to use TLS. o Use the sendmail in base, configured for submission only. This is completely integrated and works out of the box. It has none of the limitations listed for dma. IIRC, a certificate is generated automatically so that TLS could work with no additional configuration. Presumably this could be done for dma as well, but it has not been done. o Use the sendmail in ports. This is apparently more full-featured, but not as nicely integrated with FreeBSD. No one has volunteered to resolve this so far. Or maybe it isn't that hard. But it wouldn't work "out of the box;" the system woudln't have this MTA available until manually installed. o Use some other MTA, e.g. OpenSMTPD. Of course there are Postfix, Exim and probably others, mostly aimed at full-service MTAs. I know little about these, but they are not pre-configured. (OK, I once configured an Exim system and got it to do what was required for a test, but I've blocked it from my mind.) Another issue that has been brought up: o It's a bother to remove sendmail to replace it with something else if it is not a package. I don't understand; isn't it just a matter of putting sendmail_submit_enable="NO" into /etc/rc.conf to be ready to configure something else? Or are people so short of disk space that they need to remove the binary, config files, etc? It seems to me that the option that is best-integrated, and which serves the needs of the greatest number of systems, is the sendmail in base. I still favor a configuration step that selects one of a small number of MTA choices and configures it, but we don't seem to have a framework for doing that now if we want something to be working out-of-the box. Thus, I think that removing sendmail from base now would make the system less flexible and usable. Mike
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201712131321.vBDDL29q039904>