Bug#410756: exim4 default config utterly useless for 98% of users

prosolutions at gmx.net prosolutions at gmx.net
Tue Feb 13 03:54:09 CET 2007 

Package: exim4
Version: 4.63-17


Okay, maybe not exactly 98%, but it can be guaranteed that the vast
majority of people using Exim fall into the category of people with an
ISP account who must use their ISP's mail server if they expect to be
able to send mail anywhere.

Given that this is the case, it seems like a serious problem with Exim4
that it fails to take into account the type of usage for the vast
majority of users and insists on setting up a default configuration that
is for all intents and purposes utterly worthless to them.

Here is what end user's want their mail client to do:

 - set itself up to authenticate against their ISP's mailer

 - if the mail supports TLS encryption, by all means use it

 - if the mailer supports CRAM-MD5 or other secure auth mechanism, use
   it

 - provide a simple, easy-to-find way to reconfigure Exim, ideally with
   a command that begins with "exim4" and can be found or easily
   intuited via tab-completion

A couple of other considerations:

 - the first debconf question is this question about split
   configuration.  Right off the bat the end-user gets inundated with
   something that is probably over their head and almost certainly totally
   irrelevant to them, unless they doing a serious SMTP setup in which case
   it might be irrelevant anyways.  This question only intimidates and
   probably annoys most end-users and does not help him/her achieve what 
   they want to achieve, i.e. a fucntioning mail system

 - The second option for type of mail configuration is "mail sent by
   smarthost; received via SMTP or fetchmail"   There are couple of
   problems with this: first, the terminology is not what the average
   enduser is familiar with.  Again, they are being inundated right at
   the outset when all they want is the bloody mail to work with their
   ISP's mailer.   Second, when this option is selected, the end result
   99% of the time IS NOT A CONFIGURATION THAT ACTUALLY WORKS WITH THE
   MAILER.  Again, 98% of the mailers are going to require SMTP client
   AUTH but this DOES NOT GET CONFIGURED CORRECTLY!

 - The next question after this is "System mail name".  Again, for the
   average person used to setting up Lookout or whatever to work with
   their ISP's mailer, their reaction is going to be "What?  What does
   that have to do with anything?"

 - "IP-addreses for incoming connections" - the default is 127.0.0.1, but
   the text could be more clear and say something like "Do not change
   this unless you know what you are doing.  Altering this value could
   pose a security risk to your system.  For most users, the default value
   is sufficient."

-  "Other destinations for which mail is accepted" - it could be clearer
   and say that the default is sufficient for the vast majority of
   users.

 - "IP address or host name of the outgoing smarthost."  Here the name or
   address of the smarthost is entered.  Most users would think that
   after this point that it would be configured to work with the ISP's
   mailer, but they would be wrong.

 - "Hide local mail name in outgoing mail"  Here is a problem with this:
   if a user says "No" then tries to send mail, the ISP's mailer will
   likely reject it because it will see From: <local user>@<host name>
   with a message like "Sender address does not belong to logged in
   user"   That's because the ISP's mailer expects it to be
   <user>@<isp-mailer's domain> and has no idea about the host name of the
   user's computer.  This is a huge problem.  If the user answers "Yes"
   here then what is supposed to happen?  If in the next question you
enter the ISP's domain name for "Visible domain name for local users"
its confusing what the outcome is supposed to be.  Will this mean that
mail from local user "fred" to local user "joe" will appear to be from
fred@<isp's domain>?  Does Exim4 differentiate between mail sent between
accounts on the local machine and mail sent to outside?  This question
does not help the problem and only leads to more confusion.  I can
guarantee that at this point 98% of end user's are going to be
completely lost and just assume that getting mail to work is a lost
cause.  What is sad about this is that it does not need to be the case
because Exim4 has the capacity to do exactly what he and 98% of users
need.  Cannot Exim4 be designed to install so that it will work for most
people without a huge fuss?

On a side note, I am willing to bet that were it the case that Exim4 set
up properly, there would be a huge change in popularity-contest ratings,
because it is almost guaranteed that a large majority of the reports
fail to send.

More information about the Pkg-exim4-maintainers mailing list