Bjørn Mork wrote: > Josh Triplett <j...@joshtriplett.org> writes: >> What would it take to make this change? > > Changing the LSB. Or you need to keep the sendmail interface. Which is > what mail-transport-agent provides.
lsb-core provides the LSB interface, and it has priority extra, not standard. It already has a dependency on an MTA, along with dependencies on a large pile of other programs and libraries with priorities lower than standard. So, as far as I can tell the LSB does not specify what appears in standard, and removing an MTA from standard would not affect lsb-core in any way. >> Have I missed any important points? > > You forgot to explain the upside, reason, why, gain, whatever. Re-reading my original mail, you're right, I do seem to have missed covering that point explicitly. Thanks. :) The main reasons to stop having an MTA in standard: - Starting a daemon at boot time, which slows down booting. This led me to notice the problem in Debian Live: it took a non-trivial amount of time for the boot process to finish starting exim and move on. - Listening on ports by default, which exposes the system to any potential vulnerabilities, as well as potentially allowing the sending of spam. I've checked, and out of all the packages with priority standard or above, only exim and isc-dhcp-client listen on ports by default. Removing an MTA significantly reduces the attack surface of a default Debian system. - Asking configuration questions via debconf at install time, which increases the amount of work and complexity required to install Debian. For most users, these questions will duplicate the process they later go through to configure their MUA. - Taking time to download and install, which increases the time and bandwidth needed to install or upgrade a Debian system. - Running a daemon all the time, which takes up RAM. - Taking up space on disk, as with any other package installed but not used. - Taking up space in the process listing; the more programs a system runs that it doesn't use, the longer it takes to look over the output of "ps auxf" or top. - Similarly, taking up space in the list of installed packages, the apt-listchanges output, and so on. Any package installed but not used incurs a small but non-zero amount of mental overhead. Users can easily install an MTA; why do they need one *by default* on every Debian system they install? >> Would any other packages need changes, other than the ones I've >> mentioned above? > > all packages with cron jobs, ...which produce output to somewhere other than a log file, in some scenario other than "being buggy and accidentally producing output", and which expect end users to read their output, and which therefore expect that the end user has configured root's mail to go somewhere they'll actually read. In any case, cron can still suggest an MTA, and any package which absolutely needs a working MTA can depend on one (and add giant warnings that they require a *working* MTA configuration, which a depends does not guarantee). > all 3rd party applications assuming an UNIX > environment, ++ By which you mean having a sendmail binary? If you mean the LSB again, LSB support requires installation of lsb-core, which depends on an MTA. If you mean third-party applications in .deb form, they should depend on an MTA if they need one. And otherwise, installing third-party applications outside the package manager frequently requires installing additional supporting packages to provide expected interfaces, and having a working sendmail seems no different. And on top of all of that, nothing guarantees that the sendmail binary can actually send mail outside the local system. The admin will still need to know that the program they install wants to send mail with sendmail, so that they know not to say "local delivery only". > The reasons are all explained in the release notes. Which release notes do you mean? I don't see anything about exim or mail-transport-agent in the Debian squeeze release notes (other than the large table of various package versions in Debian, which includes notable packages of many different priorities). > Why not remove syslog as well? I'm pretty sure there are plenty of end > users never ever looking at a log file. Among other things, most daemons log information to log files (as opposed to mail). In any case, I'm specifically proposing moving an MTA out of standard, not anything else at the moment. :) - Josh Triplett -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20111013033450.GA2975@leaf