Removing Sendmail

Terry Lambert tlambert2 at mindspring.com
Wed Apr 2 13:55:03 PST 2003 

Peter Schultz wrote:
> Terry Lambert wrote:
> > If you look over the historical cases of this discussion,
> > you'll see that the answer always comes down to "make the
> > system more modular, so people can replace XXX with YYY and
> > quit bothering us; please send patches".  8-) 8-).
> 
> Thanks for your help on this.  I've been getting so many search results
> that I've been unable to determine the exact problem myself.  So, one
> absolute requirement is that the system have both an mta, and an msa.
> When you say msa, does this include pop&imap capabilities?

MTA:	Mail Transfer Agent; used for transferring mail via the
	SMTP protocol to other platforms over the network; this
	is where most security vulnerabilities surface, because
	the port is generally open to public attack, if people
	fail to use a proxy firewall.

MSA:	Mail Submission Agent; used for local submission of mail
	messages, for either later or immediate delivery by an
	MTA or an MDA.

MDA:	Mail Delivery Agent; used for delivery of mail that has
	been submitted via an MSA to a mail transport or to an
	endpoint; an MDA that delivers mail to local mailboxes
	is called a "Local Delivery Agent".

MUA:	Mail User Agent; used for interacting with an MSA and/or
	a Message Store; usually an MUA can do both, e.g. the
	program /usr/bin/mail operates "mbox" formatted message
	stores located in /var/mail/$USER and ~/mbox by default.

MS:	Message Store; an MS can be simple filesystem storage,
	such as a single "mbox" format file (see "MUA", above),
	or "maildir" format (one file per message), a POP3 or
	IMAP4 database protected and accessed only via a wire
	protocol, etc..  The MS is usually directly accessible in
	some form through direct file manipulation by *some* form
	of MUA.

Minimal requirements for supporting local mail to the root user as
a result of security script processing (for example) are an MUA,
an MSA, and an MDA.

Clear?

If you decide your MS is Cyrus IMAP from ports, for example, then
you will need to provide an MUA replacement for /bin/mail, minimally
for reading mail sent to root, since Cyrus keeps its messages in an
internalized database format not understood by /usr/bin/mail.

There are other examples where an impedence mismatch is possible, of
course, but you specifically mentiond POP3/IMAP4.

-- Terry

More information about the freebsd-current mailing list