]] Vincent Lefevre > On 2013-05-13 13:01:27 +0200, Tollef Fog Heen wrote: > > ]] Vincent Lefevre > > > > > On 2013-05-12 18:51:10 +0200, Tollef Fog Heen wrote: > > > > ]] Vincent Lefevre > > > > > But not for postfix, which can reject mail by default without an > > > > > initial configuration. Since it is not working by default, and loses > > > > > mail, the daemon shouldn't be enabled by default. > > > > > > > > IIRC, postfix defaults to local mail only, listening on localhost only, > > > > so how it would reject mail by default, I'm not sure? > > > > > > According to the history of my config files, this was not the case > > > on my Debian machine where I installed postfix. This may depend on > > > the answers to some questions at install time (there is something > > > like that for exim, I don't remember for postfix), but in such a > > > case, I answered according to my use of postfix. > > > > So you configured it through debconf, in a non-default way, and it > > refused mails according to how you configured it. > > AFAIK, debconf is the *only* choice. Perhaps debconf has a way > to use the default configuration, but that's also bad (and even > worse, since more mail could be rejected) as by default, postfix > listens on all interfaces:
No, it does not, since the default configuration («Local only») sets inet_interfaces = loopback-only And re debconf, the way to use the default configuration the first time around is to just press enter. Or set the debconf frontend to noninteractive. > > I don't see what the postfix package should have done differently > > here. It would be more confusing for it to ask you about how it > > should handle mail and then just not handle mail for you after that. > > It could have asked: Do you want me to start the postfix daemon now, > or wait after some additional manual configuration? Do this or that > to start the daemon. If you want to do that, use policy-rc.d, or heck, do what you should do anyway: run an ip filter that rejects any incoming services except those you want to expose to the world. > Answering something like "local mail" would be wrong, as a manual > update of the config file from, say, "loopback-only" to "all" could > be overwritten after an upgrade of the package. I don't know about > postfix, but something like that happened to me with exim. If that happens without asking the admin, that's an RC bug. AFAICS, the postfix postinst handles the case of pre-existing configuration files completely fine. -- Tollef Fog Heen UNIX is user friendly, it's just picky about who its friends are -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/878v3jdsik....@qurzaw.varnish-software.com
