On 05/19/2017 02:53 AM, Ángel wrote:
> On 2017-05-18 at 19:03 +0200, Alessandro Vesely wrote:
>> Although the real issue is maildrop, let me note the following about 
>> courier-base:
>> * couriertcpd could be just suggested or recommended, not required,

as Sam mentioned, the current startup scripts do required couriertcpd
(even the adjusted ones in Debian).

>> * testmxlookup could be moved to courier-mta,

Hm.. sounds like a courier-utils package might be useful.

>> * I don't see how maildir utilities can be useful on a standalone SMTP 
>> server.

Well, it could still be an MTA delivering mail to maildirs. Doesn't seem
far fetched to me. But if we add a courier-utils or such, that would
probably be the right place.

> While we are on the topic of debian package wishlists...
> (not sure if this is the best venue, but otoh I feel it's good to
> discuss it first rather than simply filing a bug)

Thanks for your consideration. Yes, I appreciate that. OTOH I tend to
forget discussions, if they don't result in a bug, so please file
wishlist bugs as a result of the discussion. (And it's sometimes helpful
if it's users filing the issues, rather than the maintainer himself.)

> ...I would like having couriertls at its own package:

Sounds like a good idea to me, yes.

> 1) It is a standalone tool, useful on its own.
> It can be used as a cli tool (as a "tls telnet"), as well as by other
> programs (I have used it that way to support TLS)
> 2) It used to be at a different package, so it would be consistent with
> previous practice
> (kind of, it had an -apparently unneeded- depends on courier-base)

I wasn't aware of that. In this case, I should better check why the
separate package was dropped.

> 3) That would allow having a virtual package with two versions, so that
> the sysadmin could choose whether to have it linked against openssl or
> gnutls (they used to have slightly different features, so in the past I
> ended up recompiling the courier-ssl package to switch libraries)

Hm.. IIRC I had to compile courier against GnuTLS to work. I don't
currently find the exact issue, though.

> This is specially interesting from a security point of view imho, since
> should a problem develop on either of these libraries, you could easily
> switch to the other library while keeping the upper level server
> unchanged (assuming the config used compatible ciphers, etc.).

Well, that however means we'd always have to support both. But yes, I
can see merit in having a separate package.

> I apologize for the annoyance, tell me if there's anything I can do to
> help with it.

No need to apologize.

Scanning through the Debian bug list would help. There are lots of very
old issues and I think many of them do not apply any more.


Even just prioritizing the list would be helpful.

I'm focusing on the stretch release, ATM.

Kind Regards

Markus Wanner

Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
courier-users mailing list
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Reply via email to