Re: [Mageia-dev] [RFC] msec (nail) can't send reports to local users accounts - require an MTA?

Mon, 10 Oct 2011 07:41:13 -0700 

Am 28.09.2011 14:40, schrieb Florian Hubold:

Am 22.09.2011 21:37, schrieb Florian Hubold:

Am 22.09.2011 00:09, schrieb Luc Menut:
My own opinion is we should do both 1 and 3 in your list of options
1/ Change the defaults in /etc/security/msec/level.*  and
3/ make dma a suggest for msec

If these two changes were introduced as updates to Mageia 1 then the
consequences would I believe be.
a/ Users with default configuration :-

Changing the defaults in /etc/security/msec/level.* will not affect an
existing installation unless they change their security level.

Mail would go into /var/spool/mail/root instead of /root/dead.letter  They
probably would still not see the mail because they are unlikely to know
how to configure another user to receive roots mail. The only change they
would notice is when logging in at a root console they would see a message
saying "You have new mail".

b/ Users who have configured a real mail address in msec
Installing dma as a require will cause these mails to actually start being
delivered. Since the user has put the real mail address in the msec
configuration we have to assume they actually want the mails to be
delivered so that is a "good thing".  If their ISP will only accept mail
   from a real MTA as mentioned by Frank Griffin then the message will not be
delivered unless a relay host is defined in dma. Since they are already
not being delivered nothing will have changed.

c/ New users of Mageia 2
Changing the defaults in /etc/security/msec/level.* will suppress emails
other than to those users who have specifically requested them.


Hope that helps

Derek



So if nobody objects or sees other problem with this, i'll modify
the defaults in /etc/security/msec/level.* to not send email by default
and making dma a suggest for msec.


This poses another problem:

On a default configuration, we would enable sending reports by installing dma 
with
the msec update, but also disable sending of all reports by changing the default settings, which will apply for everybody who has not run msec-gui or configured msec manually. 
So this change would be quite antipodal.
I'm for not changing the default to send mail to root, as this would enable sending of reports on default configurations, and change nothing for configurations where people 
want those reports sent by mail.

Opinions, please?

Reply via email to