| 1 |
On Sun, Jul 22, 2018 at 08:53:44AM -0400, Rich Freeman wrote |
| 2 |
> On Sun, Jul 22, 2018 at 6:57 AM Alan Mackenzie <acm@×××.de> wrote: |
| 3 |
> |
| 4 |
> Yeah, there is nothing wrong with nullmailer. It is a minimalist MTA |
| 5 |
> for systems where you just want to relay mail to another host without |
| 6 |
> running a full MTA. |
| 7 |
|
| 8 |
The problem is brain-dead packages which gratuitously pull in an mta |
| 9 |
because they "might" need one in certain edge cases that most people do |
| 10 |
not use them for. |
| 11 |
|
| 12 |
> |
| 13 |
> > > You must have installed a package that depends on virtual/mta, |
| 14 |
> > > presumably because it needs to send emails. |
| 15 |
> > |
| 16 |
> > The package was gnupg, which surely doesn't need to send email. |
| 17 |
> > |
| 18 |
> |
| 19 |
> https://wiki.gnupg.org/WKS |
| 20 |
> https://bugs.gentoo.org/658164 |
| 21 |
|
| 22 |
###################################################### |
| 23 |
emerge -pv gnupg |
| 24 |
|
| 25 |
These are the packages that would be merged, in order: |
| 26 |
|
| 27 |
Calculating dependencies... done! |
| 28 |
[ebuild R ] app-crypt/gnupg-2.2.8::gentoo USE="bzip2 readline smartcard ssl -doc -ldap -nls (-selinux) -tofu -tools -usb -wks-server" 0 KiB |
| 29 |
###################################################### |
| 30 |
|
| 31 |
On my system, gnupg has the "-wks-server" USE flag, but it is still |
| 32 |
hard-coded to depend on mta-1. procmail also pulls in mta-1, even |
| 33 |
though I only use it to filter incoming email. |
| 34 |
|
| 35 |
> Plus, you really don't want to have a system without any MTA - |
| 36 |
|
| 37 |
That should be my decision. |
| 38 |
|
| 39 |
> in your case you had installed one outside of portage, but if you |
| 40 |
> don't have any that is what nullmailer is for.) |
| 41 |
|
| 42 |
There was already a /usr/sbin/sendmail symlink, as the OP pointed out. |
| 43 |
Is there a way to make the presence of that file satisfy mta-1? |
| 44 |
|
| 45 |
Speaking of "sendmail" symlinks, I do ***NOT*** want them. My most |
| 46 |
embaressing linux moment occured years ago at a more newbie stage, when |
| 47 |
a chatty cron job started spewing stuff to root. ssmtp does one thing; |
| 48 |
it forwards emails to my ISP's mta for dispatch. I was more of a newbie |
| 49 |
back the, and din't realise that ssmtp splatters symlinks all over the |
| 50 |
place... |
| 51 |
|
| 52 |
/usr/bin/sendmail |
| 53 |
/usr/lib64/sendmail (64-bit systems) |
| 54 |
/usr/lib/sendmail (32-bit systems) |
| 55 |
/usr/sbin/sendmail |
| 56 |
|
| 57 |
I wasn't aware of filtering outbound email by UID. Net result; |
| 58 |
cronjob spam ended up going to root@<my ISP>. Not appreciated. I |
| 59 |
eventually figured this out, and took the following safety precaution... |
| 60 |
|
| 61 |
###################################################### |
| 62 |
#!/bin/bash |
| 63 |
rm -rf /usr/bin/sendmail |
| 64 |
rm -rf /usr/lib64/sendmail |
| 65 |
rm -rf /usr/lib/sendmail |
| 66 |
rm -rf /usr/sbin/sendmail |
| 67 |
|
| 68 |
mkdir /usr/bin/sendmail |
| 69 |
touch /usr/bin/sendmail/.keep |
| 70 |
mkdir /usr/lib64/sendmail |
| 71 |
touch /usr/lib64/sendmail/.keep |
| 72 |
mkdir /usr/lib/sendmail |
| 73 |
touch /usr/lib/sendmail/.keep |
| 74 |
mkdir /usr/sbin/sendmail |
| 75 |
touch /usr/sbin/sendmail/.keep |
| 76 |
###################################################### |
| 77 |
|
| 78 |
This blocked the creation of sendmail symlinks. I "lived happily ever |
| 79 |
after"... until Portage changed policy to fail hard when it couldn't |
| 80 |
create the symlinks. So an @world update dies in the middle. Now, if a |
| 81 |
"-pv" run shows that ssmtp will be updated, I have to... |
| 82 |
|
| 83 |
* "rm -rf" the "sendmail" directories |
| 84 |
* emerge -1 ssmtp |
| 85 |
* re-run the symlink-killer script |
| 86 |
* do the @world update. |
| 87 |
|
| 88 |
Yes, I do filter emails for low UIDs now, but I like defense-in-depth. |
| 89 |
|
| 90 |
-- |
| 91 |
Walter Dnes <waltdnes@××××××××.org> |
| 92 |
I don't run "desktop environments"; I run useful applications |
Archives