Subject: Re: pkg/33221: default exim configuration file
To: None <abs@netbsd.org, gnats-admin@netbsd.org, pkgsrc-bugs@netbsd.org,>
From: Aleksey Cheusov <vle@gmx.net>
List: pkgsrc-bugs
Date: 04/09/2006 16:40:02
The following reply was made to PR pkg/33221; it has been noted by GNATS.
From: Aleksey Cheusov <vle@gmx.net>
To: gnats-bugs@netbsd.org
Cc: abs@netbsd.org, gnats-admin@netbsd.org, pkgsrc-bugs@netbsd.org
Subject: Re: pkg/33221: default exim configuration file
Date: Sun, 09 Apr 2006 19:40:35 +0300
>> > I was refering to a different debatte than :-)
>> You didn't include me to Cc :)
>
> Hugh? GNATS should include you automatically as originator.
Something wrong happens.
>> IMO all they should be configured for local
>> delivery only with no listening to external network interfaces by
>> default.
>
> Again, why?
For me, "local delivery" means "no guests from outside"
and in general no open ports to internet or even local network
by default (with a few exclusions),
only those ports I explicitely opened.
"Explicitely" doesn't mean installing a package or running a daemon
(even network oriented), provided that such dehaviour is documented,
in case of pkgsrc MESSAGE file is a good place for this.
> Please don't get me wrong, I like secure default
> configurations. But in this case the "security" card conflicts both
> with user expectation and usuability,
What kind of benefits of opening smtp port to outside you see
in case you are not admin of megacorp?
> without providing much
> protection.
I'm sure that lots of pkgsrc users use personal computers
with a few users registered, most of them are trusted,
i.e. no foreign guests. Not?
--
Best regards, Aleksey Cheusov.