Re: Switching from sendmail to Dragonfly Mail Agent by default

Reply: Baptiste Daroussin : "Re: Switching from sendmail to Dragonfly Mail Agent by default"
In reply to: Baptiste Daroussin : "Switching from sendmail to Dragonfly Mail Agent by default"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Cy Schubert <Cy.Schubert_at_cschubert.com>
Date: Sat, 15 Oct 2022 15:51:31 UTC

In message <20221013130533.n33j6fziwkqnjppc@aniel.nours.eu>, Baptiste 
Daroussin
 writes:
> Hello everyone,
>
> As of today, on a default FreeBSD setup, a mailer agent is configured in orde
> r
> to be able to distribute locally emails (from crontab for example) and/or for
> relaying those emails. This role has been served by a stripped down version o
> f
> sendmail up to now. By stripped down, I mean it is built without the support
> for feature that would make it a full featured MTA, like no support for ldap.
>
> Long time ago we have imported Dragonfly Mail Agent, a minimalistic MTA born
> within the Dragonfly Project, covering exactly those needs and only those.
>
> It has matured slowly over the time and we believe we have addressed all the
> major issues reported preventing it from being the default.
>
> For FreeBSD 14 we would like to activate it by default.
>
> It means:
> - install by default mailer.conf from dma (and install the one from sendmail
>   in /usr/share/example/sendmail)
> - activate sendmail_enable=NONE by default in /etc/default/rc.conf
> - make mailwrappe fallback on dma.
>
> If noone brings an obvious blocker, this change will happen in the next coupl
> e
> of weeks!

We should add a comment suggesting that if people forward email they should 
install one of the packages.

A little background:

My site here at home is primarily postfix with a single machine (sandbox) 
running sendmail. I had switched the sandbox machine's MTA from sendmail to 
dma. The sandbox machine's aliases(5) forwards root's email to an alias on 
my gateway which in turn sends it to me (stored in an MH folder using 
procmail for later viewing). This broke because dma doesn't honour aliases; 
root's mailbox on the sandbox machine contained all root's email that 
should have been forwarded.

As dma is a local-only delivery agent we should explain this to avoid POLA 
following new installs, giving the user the option to install postfix, exim 
or sendmail from packages. A local delivery agent is all that's needed to 
support a fresh new install until the sysadmin can install any needed 
packages to support their application.

Having said all this, given that sendmail no longer has the lion's share of 
the market -- the last time I looked it had something like 3% market share 
while Exim (not my choice due to its horrible security in recent years) had 
approximately 60% market share, Postfix was about 33%, with Exchange and a 
few others rounding it off. This clearly tells us that we're in the right 
direction WRT sendmail and MTA in general.

Also the fact that Sendmail is now owned by Proofpoint, I don't know how 
much effort they're putting into the open source version of Sendmail. 
Development appears to have slowed to a crawl.

Personally, I'd discourage Exim due to its horrible security history. IMO 
Exim is the new sendmail: https://stack.watch/product/exim/exim/.

-- 
Cheers,
Cy Schubert <Cy.Schubert@cschubert.com>
FreeBSD UNIX:  <cy@FreeBSD.org>   Web:  https://FreeBSD.org
NTP:           <cy@nwtime.org>    Web:  https://nwtime.org

			e^(i*pi)+1=0