On Thu, Aug 16, 2001 at 06:38:26PM +0200, Graham Leggett wrote:
> Henning Brauer wrote:
> > QMQP is far more efficient for this kind of usage. Using SMTP makes no sense.
> > I consider this "having some different mailservers accepting mail for the
> > whole domain and one qmail-ldap host as dispatcher" a broken design.
> Actually the design was "any qmail-ldap host can accept mail for the
> whole domain".
That's exactly the way clustering in qmail-ldap works. If any host is
qmail-ldap, why the heck tyhe deliveries should be done over smtp? All hosts
are able to speak qmqp then.
> My next question is this: Is it safe to leave the QMQP port open to the
> world, or is it a security risk (for unauthorised relay)?
It is. You must run qmail-qmqpd under tcpserver (inetd & co should be
possible too, but who wants that...) and restrict access to IPs from your
local network/your other qmail-ldap hosts.
> > This is
> > by far better implemented with different hostnames (e. g.
> > sendmail.example.com, exchange.example.com, someotherbrokenmta.example.com)
> > and mailForwardingAddress attributes.
> No it isn't - this adds the added kludge of having to give people actual
> userids tied to a specific box - which adds unnecessary complexity -
> which means extra work and potential for misconfiguration - yuck.
Huh? If you run different MTAs on different platforms (which was the
original requirement if I'm not mistaken, there was talked about a
migration) you have to have the uids on each box anyway.
> > > Using the mailHost attribute with SMTP is the most logical assumption.
> > No. It's a misunderstanding.
> Netscape Messaging server works this way, so there is precedant out
> there for this kind of behavior.
Some MTAs are open relays by default (and some are not even fixable), so
there is precedant out for tis kind of behaviour.
Huh???
> > A quote comes to my mind:
> > "If you want a bloated MTA whoms author happily includes every patch sent to
> > him, use Exim."
> > (Felix von Leitner on the qmail list)
> Is this kind of approach to problem solving really necessary?
It's necessary to keep the codebase clean. Bloated products are bad
products. Why do we all use qmail and not sendmail or even worse exchange?
Most of the points you'll throw into discussion now are are caused by a
clean codebase.
> Having
> been involved in the Apache project for over two years now I have always
> been amazed that despite all the arguing, debating, re-coding, vetoing
> and carry on that I have watched, at no point has anyone put up with the
> argument "I'm right, so stuff the rest of you".
Didn't said that, didn't meant that. You are trying to solve a problem. So
instead of describing the problem and asking for a solution you think of a
possible solution, notice it does not work and cry because it does not work
this way.
> There are many ways of achieving something. Where there is more than one
> way of doing something, and where there is debate over which is the
> right way, the software should allow both ways, it's simple.
This ends up in bloated shitware like sendmail. There are many other
examples I'm avoiding here to not start religious wars again. And please
don;t let us start an Apache discussion. I'm not overall happy with the
codebase. If you want to discuss this further, we have to leave this list
for that.
greetz
henning
--
* Henning Brauer, [EMAIL PROTECTED], http://www.bsws.de *
* Roedingsmarkt 14, 20459 Hamburg, Germany *
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)
