Description of problem:
Out of the box Mageia installs nail and sets up security emails to be delivered to root user. However the security emails are never delivered because nail requires /usr/lib/sendmail to deliver mails which is not included in a standard install. Undelivered mails end up in /root/dead.letter where they are never seen.
Installing any MTA provides /usr/lib/sendmail but most of them require setup before they will work. However the MTA 'dma' works Out of the box without any configuration and can deliver to both local and remote accounts so long as they resolve by DNS. If dma was installed as standard then security emails would be delivered correctly.
(I also checked out msmtp as an alternative but it requires the 'from' adddress to be configured before it will send, another alternative ssmtp is known not to work with gmail smtp)
Installing any other MTA such as Postfix will override dma in /etc/alternatives so there is no obstacle to users setting up their own mail server.
The other problem with security emails is that the Mageia installer sends them to the root user by default which will require the user to set up their mail client to read the mail spool. Novice users are not going to be familiar with mail spools and configuring an alias for root in an MTA .
I suggest the installer should disable security emails by default and let the user put in a real email address if they want to receive security emails.
Steps to Reproduce:
1. In a virgin Mageia installation start mcc in a terminal navigate to msec-gui
2. Press 'Daily Check - Run Now'
3. Observe in the terminal the message "/usr/lib/sendmail - No such file
4. Install the dma package and run again. Observe delivery message in /var/log/mail/info.log
I dug a litle deeper today and found that the installer does not force security emails to go to root user at all. The installer leaves /etc/security/msec/security.conf blank unless the user defines an email address during install. It is the security profile files in /etc/security/msec/level.* which force email alerts to be sent to root at all security levels except 'none'
If I'm not mistaken, this problem is being taken care of in bug #2255
*** This bug has been marked as a duplicate of bug 2255 ***