
Sendmail removed from OpenBSD base - zdw
http://undeadly.org/cgi?action=article&sid=20140916084251
======
xenophonf
I wish FreeBSD would follow suit. They dropped BIND in favor of Unbound for
10.0-RELEASE, so the precedent is there. Sendmail wouldn't be so bad if it
weren't so damned arcane and broken. Like, something as simple as getting TLS
to work with older Exchange servers is impossible. Forums are filled with
people complaining about this problem for the last ten years. It's so
frustrating, especially when the workaround in other mailers is so simple
(e.g., Postfix, where one can force TLSv1 in the SMTP client TLS policy map).

~~~
ketralnis
I'd be just as happy seeing freebsd drop having an SMTP server in the base
system entirely. Having an LDA->SMTP client in base makes sense, but an entire
mailserver in the base system?

What percentage of freebsd installs are for dedicated mailservers? If that's
even less than 80% (and I presume it's below 1%), having "install it from
Ports" being the first step still makes sense.

But then I feel the same way about BIND (and now unbound)

~~~
tedunangst
I thought there was a scheme afoot to import the dragonfly mail agent into
freebsd, but I'm not up on the current status.

------
atmosx
Makes sense, since OpenSMTPd is easier to deploy and MUCH easier to configure
+ OSMTPd is an OpenBSD software... so If it ever was going to ship pre-
installed with an OS that would be definitely OBSD.

~~~
aristidb
OpenSMTPD is ridiculously pleasant to configure, without sacrificing features
like "I don't want my password in the configuration file".

~~~
__david__
Looks very simple, but I don't see things like DKIM/SPF or milters (or some
equivalent way to hook in spamassassin, for instance). Am I just missing it,
or is it deliberately missing those features?

~~~
poolpOrg
currently, the only way to achieve this is through a dkim-proxy or an
experimental filter in OpenSMTPD-extras.

we have recently finished an API for implementing filters and we're working on
stabilizing the interface before making it public.

------
krakensden
Last years fight in Fedora to do something similar:
[http://lwn.net/Articles/561494/](http://lwn.net/Articles/561494/)

~~~
nailer
Sendmail 9 is the worst, most un-Unixlike piece of software.

Want to send UUCP mail? x400 mail? Need other non-SMTP mail support? No,
because it's 2014 and most people will never, ever use these? Too bad, the
code's installed and running waiting for more exploits.

Want to configure it, in 'human readable plain text' too bad, here's a macro
language which no other daemon uses.

Sendmail 9 is rank and the authors know it - Sendmail X (/10) looks far
similar to postfix or other modular mail servers than sendmail 9 does.

~~~
vidarh
Sendmail was awful and archaic already when I first used it in 1995. It's
amazing that anyone has still been using it for the last decade.

~~~
zorked
Ah, sendmail in the 90's. So many buffer overruns you might just as well
enable telnet and change your root password to "hackme".

------
dredmorbius
Dating my own UNIX use to about the time of the Morris Worm (which exploited a
Sendmail vulnerability), this is somewhat poignant.

Though I haven't touched a Sendmail.cf in well over a decade.

------
lmedinas
RIP Sendmail! Thanks for all this years of fun and security issues :)

~~~
zippergz
A good part of my early career was built on knowing how to configure Sendmail,
so I think do owe an honest thanks. But I haven't touched a sendmail.cf in a
long time, and I can't say I miss it.

------
yellowapple
About time. Not that I'm affected at this point, since I've been using
OpenSMTPD for awhile now.

------
muhahahaehh
Don't forget :)

[http://www.openbsdfoundation.org/](http://www.openbsdfoundation.org/)

------
fiber
Curious why someone who still uses CVS in 2014 would cheer about dropping
sendmail support.

~~~
yellowapple
Because unlike sendmail, CVS _hasn 't_ been effectively broken for even _one_
decade, let alone two.

Also, because CVS meshes better with their development philosophy (something
about the fact that everything's in one repo, and CVS allows checking out
portions of a repo, whereas Git only lets you check out the whole repo).

Just because it isn't as trendy or hip as Git doesn't mean it's automatically
broken or obsolete.

~~~
wtbob
> Because unlike sendmail, CVS hasn't been effectively broken for even one
> decade, let alone two.

Well, it was publicly released in 1986, so it's been broken for almost 30
years in the same sense that Sendmail has been broken for decades.

It's had a reasonable alternative (SVN) since 2000, well over a decade ago,
which _itself_ has had a superior alternative for years now.

~~~
poolpOrg
That's not quite right.

I've had an intensive use of CVS for years, followed by an intensive use of
SVN for years.

During my CVS years, I never ran into an issue. ever. We can all agree it
lacks many useful features but it's also as easy as it can get and it does not
corrupt repositories. Calling it "broken" is far from truth.

During my SVN years, I can recall two repository corruptions which no matter
how they occurred, just should not have. I think one was related to a bug in
the db(3) backend, the other I dunno as I was not in charge of the repository.
So... "superior" is debatable.

Nowadays I mostly use Git and CVS, both for different purposes and both making
sense in their own purpose. I would not be so affirmative about technologies
because you only know so much from your experience and use-cases ;-)

