Anton Aylward wrote:
Per Jessen said the following on 10/24/2008 03:58 AM: [snip]
I completely fail to see any security issue in having a postfix MTA listening on localhost:25 on a desktop machine.
If you want to make this a security issue then the whole thing of applications sending out alerts by mail is the security issue.
I have no desire to turn this into a security issue - that topic was introduced by somebody else.
In a enterprise setting this is normally handled by a central syslog mechanism for the enterprise and there is some very sophisticated software supporting this.
In the enterprise, SNMP is by far the preferred method for real-time alerts, failing that email. The syslog is primarily for auditing and post-mortem purposes. If the syslog was really so central in enterprise real-time monitoring of Linux systems, it's difficult to understand why popular monitoring tools typically provide an email option, very often also an SNMP MIB, but usually no plain syslog option. (ex: mdadm, smartd, HPs Proliant Support pack tools).
I'm perfectly well aware of how to set up Postfix, and, for my sins, sendmail before that. I've been using Postfix for over a decade both on my home system and in large (> 50 server, > 1,000 users) enterprise settings as well as for ISPs. I run it on my own home network on a dedicated mail hub. However before I installed openSUSE none of my non-mail hub machines and in the specific not my laptop or desk workstation ran Postfix, exim, sendmail or other such MTA.
Which distro were you running? Maybe it was a better option for you. I'm curious though, how did you manage to receive the various systems alerts and messages without a local MTA? Did you write your own /usr/sbin/sendmail to drop the text directly into the filesystem?
But more to the point while I *can* configure Postfix, the installation process should configure the mail forwarder.
As it does too, it just assumes that no forwarding is necessary and that the enterprise admin person with a central mailserver will probably be capable of using vi to correct the single line in /etc/postfix/main.cf. It's hardly worth writing up a YaST2 module for.
Anton, I think I'm going to say "troll". No enterprise monitors events via syslog - they are far more likely to use SNMP, HP Openview, BMC Patrol, Tivoli and such tools.
Having worked in IT & Security at large banks and telcos I can assert that syslog *is* a primary central monitoring tool in large corporations.
Having done roughly the same for the last 25 years, I submit that the syslog is primarily for auditing and post-mortem purposes, and that SNMP (and/or similar) is certainly the real-time alert mechanism of choice where many Linux systems are involved. /Per -- /Per Jessen, Zürich -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org