RFC: Sendmail deprecation ?

Mike Karels karels at FreeBSD.org
Wed Dec 13 13:21:05 UTC 2017 

It is clear that there isn't a consensus on a single choice of MTA,
and that is fine.  Here is a summary of my take on current options
after reading the discussion to this point:

First, we seem to agree that the target for a default setup is not
that of an Internet-facing MTA, which requires some thought and
configuration.  Instead, the target is an originate-only system
that does either on-box mail delivery or outbound delivery.  At the
very least, it can deliver the sysadmin emails configured by default.

The options that have been presented:

o Use dma.  That would apparently suffice for some systems, and is already
  in base.  However, in my opinion, it is missing some capabilities that
  some sites (including mine) may require:
    - .forward processing
    - Its masqerade configuration seems to be too simplistic, e.g.
      masquerade all or nothing, rather then exempting root and other
      specified system users.
    - Some mail clients, e.g. perl packages that we use at $JOB, connect
      to localhost:25 (or SMTP on some other host) rather than invoking
      "sendmail" directly.  dma will not support these.
  In addition, it is not as well integrated into the system.  It wasn't
  immediately obvious to me how to enable it, until I followed the
  "See Also" to mailwrapper; I guess I knew that at one time.  It also
  requires manual configuration of TLS and a certificate if you want to
  use TLS.

o Use the sendmail in base, configured for submission only.  This is
  completely integrated and works out of the box.  It has none of the
  limitations listed for dma.  IIRC, a certificate is generated automatically
  so that TLS could work with no additional configuration.  Presumably this
  could be done for dma as well, but it has not been done.

o Use the sendmail in ports.  This is apparently more full-featured, but not
  as nicely integrated with FreeBSD.  No one has volunteered to resolve this
  so far.  Or maybe it isn't that hard.  But it wouldn't work "out of the
  box;" the system woudln't have this MTA available until manually installed.

o  Use some other MTA, e.g. OpenSMTPD.  Of course there are Postfix, Exim
   and probably others, mostly aimed at full-service MTAs.  I know little
   about these, but they are not pre-configured.  (OK, I once configured
   an Exim system and got it to do what was required for a test, but I've
   blocked it from my mind.)

Another issue that has been brought up:

o It's a bother to remove sendmail to replace it with something else if it
  is not a package.  I don't understand; isn't it just a matter of putting
  sendmail_submit_enable="NO" into /etc/rc.conf to be ready to configure
  something else?  Or are people so short of disk space that they need to
  remove the binary, config files, etc?

It seems to me that the option that is best-integrated, and which serves
the needs of the greatest number of systems, is the sendmail in base.  I still
favor a configuration step that selects one of a small number of MTA choices
and configures it, but we don't seem to have a framework for doing that now
if we want something to be working out-of-the box.  Thus, I think that
removing sendmail from base now would make the system less flexible and
usable.

		Mike

More information about the freebsd-arch mailing list