Hi, Am Di, den 16.12.2003 schrieb ScruLoose um 21:36: > On Tue, Dec 16, 2003 at 09:08:12PM +0100, Joerg Rossdeutscher wrote: > > Am Mo, den 15.12.2003 schrieb Wesley J Landaker um 02:55: > > A mailserver can harm _others_. > > > > I said that yesterday, and today I find this mailinglist full of > > nonsense since one guy is not able to configure his procmail. Now got > > what I mean? > > But his procmail rule would do exactly the same damage whether his mail > is routed through a smarthost or sent direct from a local mailserver, so > I don't really see how this provides any support for your position. Yes - but it shows a normal user should use as less "harmful" technology as possible. I wouldn't say a mailserver at home is useless at all, but if someone tries to setup a mailserver and doesn't even know that a lot providers reject dynIPs, I'd say: This person is the wrong one to connect a mailserver to the net. > Your argument is based on the assumption that an ISP can always be > trusted to set up a mailserver right, and the home user (sysadmin of a > home LAN, etc.) never can. > I've seen enough counter-examples to convince me that this assumption > has no merit. The assumption is not "always" and "never" - but it is "very often" and "not so often". This should be compared to the risks of a useless server just for fun. The next time there's a security hole in one of the famous SMTPs, what do you think, how many of them will fix it soon? > Frankly, the "no e-mail from dynamic IPs" solution sounds like Microsoft > reasoning. "Take power away from the user, they can't be trusted with > it." I'm not interested in M$, nor do I use their stuff. > The philosophy of Debian and Linux and open-source in general has a lot > to do with giving power to individual users/administrators. > There are _lots_ of aspects of a computer system that can be destructive > (to others, not just locally) if they're misconfigured. The Linux way > of dealing with this is to package things with sane defaults, and > educate people to configure their systems properly. Your solution is to > take away useful functionality for fear that it might be abused. > On a Debian forum, don't be surprised if you meet stiff opposition to > this idea. There's nothing bad in giving the power to the users. That's why I use linux. Nevertheless there's a responsibility in using that power, i.e.: Don't expose services to the net that you don't need. On your machine - play what you want, break it, crash it, have fun. But when connecting to the net - be responsible. If you have use in a mailserver: Do it. But I often have the feeling that people just like to have a server "like a /real/ server! kewl!" with lots of useless risks. Having ftp online for getting a file once a year. Hell. After 6 month they don't even remember /which/ ftpd they are running. Compare that to a guy whose whole-day-job it is to read security bulletins and care for machines. Yes, not all providers work that way. But many more than homeusers. Bye, Ratti -- -o) fontlinge | Font management for Linux | Schriftenverwaltung in Linux /\\ http://freshmeat.net/projects/fontlinge/ _\_V http://www.gesindel.de https://sourceforge.net/projects/fontlinge/
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil