Per Jessen said the following on 10/24/2008 03:58 AM:
Anton Aylward wrote:
Per, you are being quite ridiculous and outrageous.
Why? I'm not proposing nor arguing anything new. Honestly, an openSUSE system _needs_ a sendmail binary in order for millions of scripts to work. The binary delivers the mail to the local MTA - if there is no local MTA, those emails are never seen. And that goes for desktops and servers alike. And for Redhat/Debian/Mandriva/Slackware/etc too. I completely fail to see any security issue in having a postfix MTA listening on localhost:25 on a desktop machine.
If you want to make this a security issue then the whole thing of applications sending out alerts by mail is the security issue. In a enterprise setting this is normally handled by a central syslog mechanism for the enterprise and there is some very sophisticated software supporting this. In a "user" setting where there isn't the IT support of larger business the GUI is the thing and as Microsoft has shown and I discuss more fully elsewhere in this thread an on-screen pop-up makes more sense. The ideas behind CRON dates from the seventies and the user at a paper or glass tty running a command line shell. Having the GUI makes those assumptions invalid.
Hopefully, Per, you man that each machine need to run a mail forwarder OR a local mail delivery agent (that has not SMTP capability)
Anton, the postfix MTA is set up to do local mail delivery by default. If you want it to do mail forwarding, you only need to configure the relay_host.
I'm perfectly well aware of how to set up Postfix, and, for my sins, sendmail before that. I've been using Postfix for over a decade both on my home system and in large (> 50 server, > 1,000 users) enterprise settings as well as for ISPs. I run it on my own home network on a dedicated mail hub. However before I installed openSUSE none of my non-mail hub machines and in the specific not my laptop or desk workstation ran Postfix, exim, sendmail or other such MTA. Given that there is archaic and inappropriate software in openSUSE that reports via email, the best argument you can make is that there is a need for a mail forwarder, and running openSUSE on a laptop or workstation this should be a lightweight one with a small footprint and no unnecessary functionality. The "small is beautiful" and "do one thing, only one thing and do it well" are not only long standing UNIX adages, they are also good advice from the security point of view, since you raised the matter of security. But more to the point while I *can* configure Postfix, the installation process should configure the mail forwarder. Personally, I still think that Microsoft have demonstrated with their "professional" and "home" editions the way that enterprise-level and personal systems should handle event notification, the former being a syslog analogue and the latter being on-screen po pups to the GUI.
So CRON sending notifications by email is inapproprite for an enterprice setting where syslog is used to consolidate & monitor events, and inappropriate for a home, SOHO or SMB "user" where a popup notifier is the expectation. Having CRON send mail is just soooo 1980s-ish.
Anton, I think I'm going to say "troll". No enterprise monitors events via syslog - they are far more likely to use SNMP, HP Openview, BMC Patrol, Tivoli and such tools.
Having worked in IT & Security at large banks and telcos I can assert that syslog *is* a primary central monitoring tool in large corporations. Quite possibly one of many, but do not deny that they are used since you would be calling me and many other people a liar, and I'd object to that. MacKinney's "JOB/SYSLOG" SyslogIT by Pointesoft PacketTrap ManageEngine's EventLog Analyzer, which has facilities for regulatory compliance monitoring and reporting. Prism Systems EventTracker And many products, open soruce and commercial, that route syslog into a database so that other database tools can be used for analysis and reporting. As I hinted above, these tools are being used in response to the pressure from regulatory compliance and to assist in DLP, which is where I encounter them in my "day job".
For those that don't have the infrastructure to support that, email is a better alternative than syslog, IMHO. And of course there are alternatives such as nagios, ganglia et al.
For those that are just running a windowing workstation with no infrastructure at all, the 'one man SOHO/SMB', a pop-up notifier is a better alternative. Most such people simply aren't interested in monitoring their networks using tools like nagios - they aren't geeks, they are users and have specific tasks in mind. -- I thought about being born again, but my mother refused. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org