http://bugzilla.novell.com/show_bug.cgi?id=566665 http://bugzilla.novell.com/show_bug.cgi?id=566665#c0 Summary: changing SMTPD_LISTEN_REMOTE is not a good idea Classification: openSUSE Product: openSUSE 11.2 Version: Final Platform: Other OS/Version: openSUSE 11.2 Status: NEW Severity: Critical Priority: P5 - None Component: Maintenance AssignedTo: maintenance@opensuse.org ReportedBy: suse-beta@cboltz.de QAContact: qa@suse.de Found By: Beta-Customer Blocker: --- The patch description of the postfix patch in the 11.2 test updates says: The value of SMTPD_LISTEN_REMOTE accidentally defaulted to 'yes'. The postfix smtp daemon therefore was reachable over the network by default. This update therefore resets the value to 'no' in /etc/sysconfig/mail. If you intentionally want postfix to listen for remote connection you need to manually set it to 'yes' again. I don't think that this is a good idea since it will also DOS several mailservers. OTOH, default installations should be protected by the default firewall settings. Please re-think the decision to change SMTPD_LISTEN_REMOTE. The new postfix %postinstall script is even more critical: if [ ! -e /var/adm/BNC-555814.fixed ] .. if [ "$CONFIG_TYPE" = "undef" ] then sed -i 's/SMTPD_LISTEN_REMOTE=.*/ ... postconf -e 'inet_interfaces = localhost' This postconf -e will break the config even on servers that have disabled automatic postfix configuration via MAIL_CREATE_CONFIG="no"! If you keep the SMTPD_LISTEN_REMOTE change, please at least attach a pop-up message to the patch (like the license dialog for flash etc.) so that the admin is aware of the change. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.