smail (3.2.0.100-2) and ppp issues
Last night I ran an upgrade on my home machine, and smail got upgraded
from version 3.2.0.92
Surprises:
* It printed a message saying reconfiguration was requiered. I backed up
/etc/smail (I had customized transports and config files) and ran
"smailconfing --force". It wen't ok, and didn't ask anything it hadn't
asked before, except for the inetd/daemon thing. This is ok, but not THAT
ok. I mean, there wasn't much information about why the reconfiguration
was requiered. smail stopped working after the upgrade, which by the way,
still doesn't work wrt inetd.conf, but that's not the cause, that's the
effect
* Worse. This darned thing, as configured by answering questions after
"Internet Site", doesn't accept connections from localhost, and that
corrected, it won't accept mail at all, unless ...
Let me explain this verbosely, and I'll get to the "unless ..." part:
I have a PPP connection set up following recommendations on debian-user,
the docs in /usr/doc/ppp, man pages, and the PPP howto, which is almost
orthogonal to Debian's configuration (somebody should ask the howto
maintainer to point out this in the document) now that we have the ip-up.d
and ip-down.d things besides pon and poff. [Point here: my configuration
is probably close to Joe Debian User's]
I haven't found a reason to run BIND on my machine on a permanet basis. I
start BIND in ip-up.d and stop it in ip-down.d; it caches NS requests, and
it's easier to configure (FOR ME). There's nothing really special about
bind's configuration on my machine. [Point here: there's no nameserver
running when offline]
In the US many of you guys have toll free numbers where you dial and stay
online as long as you want. You pay for Internet access, not for Internet
use. In other places we pay for Internet access *AND* Internet use *AND*
phone use. Get the picture? Ain't pretty, uh? [Point here: MOST of the
time MOST Debian users don't have a connection up]
I write email offline, using pine (someday far far in the future I'll
switch to mutt or GNUS). I have "smtp-server: localhost". I write my mail.
Pine contacts localhost, there's no connection. The mail is queued. That's
the point.
Now the problem...
First, using pine (this is mentioned somewhere in the documentation) it
seems it does Something Not Quite Right, and one needs to put
"smtp_hello_broken_allow: localnet". Localnet has nothing to do with the
subnet the machine belongs to, it matches IP 127.*. This can't be on the
default configuration. It's a big security hole. Unless the machine (or
routers) is configured to filter spoofed packets, this is a BIG problem.
In pine I set "From: ..." to match my email address. I don't want to use
the "traditional" method, ie, seting "user-domain", for some silly reasons
not worth mentioning here. The other option, rewriting "from_field" in
smail's config, is better, but I didn't have that, mainly because I'm
lazy, I admit it, and the previous smail didn't complain about this. For
now, a "solution" is to put "-trusted_users" in the config. This isn't the
right way.
Worse (this I haven't figured out yet, so if somebody points out the
solution, I'll be able to send email from my pc again). smail wants to
check the address it's sending mail to. If I want to write to
debian-user@lists.debian.org, it wants to check that lists.debian.org is
valid BEFORE accepting the data. It takes ages before it says it can't
resolve a thing and that it won't accept even a single bit of mail. (It
doesn't say it this way, but I was getting pissed off and that was what I
was reading ;-) Now, obviously, no mail can be send from my pc anymore.
And I can't find an option to tell smail to relax and make it forget about
checking the addresses.
I even switched to sendmail! And it's more forgiving (and I'd say, easier
to configure), but I had some problems and gave up. More important,
sendmail is overkill.
Given the fact that smail is Debian's default MTA, and that there are huge
ammounts of people using Debian the way I do at home, shouldn't smail
provide a sixth option called "PPP connection" that takes care, AND
EXPLAINS, all this? Before releasing 2.0?
PPP configuration should be worked out, too. Recently a couple of users in
debian-user have complained about the discrepancies between the PPP howto
and Debian's setup. The PPP howto is fine, but a user configuring Debian's
PPP shouldn't be pointed to that document.
I hope this opens up some discussion...
Marcelo
PS: I haven't figured out the difference between private and non private
discussions and I think this belongs here and not it debian-private. And
it's better if this gets archived, IMO.
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: