Bug#410756: exim4 default config utterly useless for 98% of users

[Marc Haber]

On Tue, Feb 13, 2007 at 04:33:43AM -0800, Daniel O'Neill wrote:
> > >     I do not know enough about CRAM-MD5 and the merits of using or not
> > >     using it or other auth mechanisms, only that it would of course be
> > >     preferable to have it used when TLS is not available.
> > 
> > I disagree here. Unless an unencrypted wireless LAN is used, I find it
> > much more dangerous to have the SMTP passwort stored on the client as
> > clear text.
> 
> But the fact is that almost all mailers require authentication.

No. A lot of mailers allow relaying from associate IP address ranges.
The number of mailers doing so is decreasing, but I say that they're
still the majority.

>   This is a serious problem with Exim and makes it non-functional for
>   the vast majority of users.

People who are not able to dump a password into a documented text file
should not be running an MTA in the first place. Please don't play
like things that are not available via debconf are completely
inaccessible.

> Always the same basic info is required: mailer name and login credentials.

I disagree.

> But the user using Thunderbird or kmail or whatever doesn't have this
> problem, and they are using the ISP's mailer in the same way.  Why does
> it become more complex just because Exim happens to be sending the mail?

Enough. Take this to debian-devel or to the tech ctte. I am not going
to address these issues on a short term.

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 621 72739835