Package: courier-mta Version: 0.75.0-18 Severity: grave Justification: renders package unusable
Recently I decided to upgrade courier (mta and imap) on one of my mail servers. It was a disaster. The quality of these packages is abysmal and dangerous. This is one of the many serious, grave, and critical bugs I ran into during that process. It appears that recently a change was made to transition the courier-* system away from the generic "daemon" user towards the "courier" user. This is good and probably should have been a done a long time ago. However, this process is being handled terribly and will almost certainly result in broken mail systems and possibly (confirmed in my case) data loss. First, the administrator needs to be made aware of this change. It needs to be a NEWS item, there should probably be a confirmation dialog prompting the user for acknowledgment, and it needs to be documented, which it currently is not short of a tiny changelog line. In the case of /etc/courier/esmtpd, the MAILUSER and MAILGROUP parameters need to be checked and the administrator should be VIOLENTLY notified if these need to get updated. There may be other configuration items which need updating which I am not aware of. I use only a portion of the courier suite. Proper file permissions need to be set. in my case, the courier system could not read any of my .pem files and some other files/directories because they were set to ownership root:courier but had permissions -rw-------. A chmod g+r should probably be done against similar files. A change like this needs to be done carefully and with consideration. -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.3.0-1-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages courier-mta depends on: ii courier-authlib 0.66.4-7 ii courier-base 0.75.0-18 ii debconf [debconf-2.0] 1.5.59 ii libc6 2.22-7 ii libcourier-unicode1 1.4-2 ii libgcc1 1:5.3.1-14 ii libgdbm3 1.8.3-13.1 ii libidn11 1.32-3 ii libnet-cidr-perl 0.17-1 ii libperl5.22 5.22.1-10 ii libstdc++6 5.3.1-14 ii sysvinit-utils 2.88dsf-59.3 courier-mta recommends no packages. Versions of packages courier-mta suggests: ii bsd-mailx [mail-reader] 8.1.2-0.20160123cvs-2 ii courier-doc 0.75.0-18 ii courier-filter-perl 0.200+ds-4 pn couriergrey <none> ii emacs24 [mail-reader] 24.5+1-6+b2 ii mutt [mail-reader] 1.5.24-1+b1 ii s-nail [mail-reader] 14.8.8-1 -- Configuration Files: /etc/courier/aliases/system [Errno 13] Permission denied: u'/etc/courier/aliases/system' /etc/courier/courierd changed [not included] /etc/courier/dsnheader.txt changed [not included] /etc/courier/esmtpauthclient [Errno 13] Permission denied: u'/etc/courier/esmtpauthclient' /etc/courier/esmtpd changed [not included] /etc/courier/esmtpd-msa changed [not included] /etc/courier/esmtpd-ssl changed [not included] /etc/courier/esmtpd.cnf [Errno 13] Permission denied: u'/etc/courier/esmtpd.cnf' /etc/courier/smtpaccess/default [Errno 13] Permission denied: u'/etc/courier/smtpaccess/default' /etc/init.d/courier-mta changed [not included] /etc/init.d/courier-mta-ssl changed [not included] -- debconf information excluded
