From nobody Thu Apr 18 17:24:11 2024
X-Original-To: arch@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4VL4QJ3lgtz5HFBF
	for <arch@mlmmj.nyi.freebsd.org>; Thu, 18 Apr 2024 17:24:24 +0000 (UTC)
	(envelope-from lexi@le-fay.org)
Received: from fuchsia.eden.le-Fay.ORG (fuchsia.eden.le-fay.org [81.187.47.195])
	by mx1.freebsd.org (Postfix) with ESMTP id 4VL4QH2kWrz53Cg
	for <arch@freebsd.org>; Thu, 18 Apr 2024 17:24:23 +0000 (UTC)
	(envelope-from lexi@le-fay.org)
Authentication-Results: mx1.freebsd.org;
	dkim=pass header.d=le-fay.org header.s=fuchsia header.b=hcI0Ge8U;
	dmarc=none;
	spf=pass (mx1.freebsd.org: domain of lexi@le-fay.org designates 81.187.47.195 as permitted sender) smtp.mailfrom=lexi@le-fay.org
Received: from iris.eden.le-Fay.ORG (iris.eden.le-fay.org [IPv6:2001:8b0:aab5:106:3::6])
	by fuchsia.eden.le-Fay.ORG (Postfix) with ESMTP id C7C3D907C
	for <arch@freebsd.org>; Thu, 18 Apr 2024 17:24:14 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=le-fay.org; s=fuchsia;
	t=1713461054; bh=jJzAxS23KJYtxStGB9xlBLtH0Z9kCCXxqihlsrkb/Qo=;
	h=Date:From:To:Subject;
	b=hcI0Ge8UCK68M8twAukkxVWmsbE5u6Sod5JaqIIXFYep6D3TSOvi8ccKBIPKBDXJD
	 4dz7VVVuNfakEAheBHSLzOlIFc4rQZSnHwzr2Q1dygocQrQMw5uwoLJsKze+33f2LW
	 tZICaUr2HktpD/GFTCfVbissP3aI9v/uhIv4rktk=
Received: from ilythia.eden.le-fay.org (ilythia.eden.le-fay.org [IPv6:2001:8b0:aab5:106:3::10])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384)
	(No client certificate requested)
	by iris.eden.le-Fay.ORG (Postfix) with ESMTPSA id 42A942C0416
	for <arch@freebsd.org>; Thu, 18 Apr 2024 18:24:14 +0100 (BST)
Date: Thu, 18 Apr 2024 18:24:11 +0100
From: Lexi Winter <lexi@le-fay.org>
To: arch@freebsd.org
Subject: mailwrapper behaviour if mailer.conf can't be opened
Message-ID: <ZiFXOzm_Lq65hePj@ilythia.eden.le-fay.org>
List-Id: Discussion related to FreeBSD architecture <freebsd-arch.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-arch
List-Help: <mailto:freebsd-arch+help@freebsd.org>
List-Post: <mailto:freebsd-arch@freebsd.org>
List-Subscribe: <mailto:freebsd-arch+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-arch+unsubscribe@freebsd.org>
Sender: owner-freebsd-arch@FreeBSD.org
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
	protocol="application/pgp-signature"; boundary="KN3V09NECx4TDrFV"
Content-Disposition: inline
X-Spamd-Bar: -----
X-Spamd-Result: default: False [-5.50 / 15.00];
	SIGNED_PGP(-2.00)[];
	NEURAL_HAM_MEDIUM(-1.00)[-1.000];
	NEURAL_HAM_LONG(-1.00)[-1.000];
	NEURAL_HAM_SHORT(-1.00)[-1.000];
	R_DKIM_ALLOW(-0.20)[le-fay.org:s=fuchsia];
	MIME_GOOD(-0.20)[multipart/signed,text/plain];
	R_SPF_ALLOW(-0.20)[+ip4:81.187.47.195];
	RCVD_NO_TLS_LAST(0.10)[];
	DKIM_TRACE(0.00)[le-fay.org:+];
	FROM_HAS_DN(0.00)[];
	DMARC_NA(0.00)[le-fay.org];
	TO_MATCH_ENVRCPT_ALL(0.00)[];
	ARC_NA(0.00)[];
	RCPT_COUNT_ONE(0.00)[1];
	MISSING_XM_UA(0.00)[];
	RCVD_VIA_SMTP_AUTH(0.00)[];
	MIME_TRACE(0.00)[0:+,1:+,2:~];
	RCVD_COUNT_TWO(0.00)[2];
	FROM_EQ_ENVFROM(0.00)[];
	ASN(0.00)[asn:20712, ipnet:81.187.0.0/16, country:GB];
	TO_DN_NONE(0.00)[];
	MID_RHS_MATCH_FROMTLD(0.00)[];
	PREVIOUSLY_DELIVERED(0.00)[arch@freebsd.org];
	MLMMJ_DEST(0.00)[arch@freebsd.org];
	DWL_DNSWL_NONE(0.00)[le-fay.org:dkim]
X-Rspamd-Queue-Id: 4VL4QH2kWrz53Cg


--KN3V09NECx4TDrFV
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

hello,

i submitted this change request:

https://github.com/freebsd/freebsd-src/pull/969

which was rejected for needing more discussion, so i'd like to discuss
that.

the current behaviour is that if mailwrapper cannot open mailer.conf for
any reason, it calls back to _PATH_DEFAULTMTA.  i think this behaviour
is bad, because:

- if the default MTA has not been configured, it may not be able to
  deliver mail

- if the admin has configured a different MTA, mailwrapper should not
  fall back to a different MTA because of transient errors

- this may hide mail delivery errors from applications by delivering the
  mail to the wrong MTA instead of returning a failure

with my change, mailwrapper will fall back to _PATH_DEFAULTMTA if
mailer.conf doesn't exist, which preserves mail functionality if the
admin has deleted mailer.conf for some reason.  but if mailer.conf can't
be opened for any other reason, it will exit with EX_OSERR, returning an
error to the application.

this was previously discussed on the PR:

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=25218

where the argument was made that it's better to make a 'last ditch'
attempt to deliver mail if mailer.conf can't be opened.  i disagree with
this, for the reasons above, and in addition because modern systems
generally do not rely on mail delivery to report serious errors -- they
are monitored by an external NMS.

--KN3V09NECx4TDrFV
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQGzBAABCAAdFiEEuwt6MaPcv/+Mo+ftDHqbqZ41x5kFAmYhVzkACgkQDHqbqZ41
x5n7ugv+JfAc7KEA8XQzMMBG5Xif+KeE7WehlO9ewO7BuatETsW5wgtqL74H9NwS
W1jt1UqwWxL9myFmw4fD88bLFNxXRZAahBfB5m27pm2FBxXnIqqSSwQb3fpVKhEv
jGkiI24YzWyRGmC7Da/rpW6wX0L72EvCxb+QoTzf1pp1dyEmFamPwQa72ErUr05W
tI2Teg/q/mbMzuHNGDH2cJ+TI/CIAK1Aa8bTAyFpVqvxUpyrd/Hq420YZvkDG2f6
b6cWmWIAnrJr/y3I+qAc6Yte4hXs/Zp+eUJwc8pPiBdSCOtS8DJWcGr7UYjAbBCl
Fi1HcO64yDxqSRx09zLksg2hxZXWxc89MhIBTT5kGIvki7O3sZB+4ypJIUE7Nayp
Nktr9I1f2b1pAWd0gLmV+E0QNTsMqjuX3MjGuB5D/5epBmuPV8D5KTlvX6RnnecI
gslBZVTyZIp/wJmxKEDk6sp/yTbD+K7jEdcWsZDWNzseJ/uYTEL9DBLAqYTLgFlD
S8AipxtS
=7/Im
-----END PGP SIGNATURE-----

--KN3V09NECx4TDrFV--