Apache/2.4.10 (Debian) Server at lists.[redacted].com Port 80

 tag around the footer for the html format of email?

Regards,

--
- DongInn

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: 

From mark at msapiro.net  Tue Dec 13 01:03:36 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Mon, 12 Dec 2016 22:03:36 -0800
Subject: [Mailman-Users] footer format
In-Reply-To: 
References: 
Message-ID: <12d36645-4812-eea7-6c8e-9877c949a6af@msapiro.net>

On 12/12/2016 02:49 PM, Kim, DongInn wrote:
> Hi,
> 
> Is there a way to keep the footer format (or layout)? In the most emails, the footer format is fine but when a user uses digital signature (pgp or S/MIME), it surely breaks the format.
> It seems that it is possible that the format is broken regardless of the signature issue but I can not track down this case.
> 
> For example, the broken format looks like this:
> https://www.dropbox.com/s/hwukqz2iuqa18cg/Screenshot%202016-12-12%2017.47.16.png?dl=0
> 
> The right format looks like this:
> https://www.dropbox.com/s/7tqfdxvjb6hxqbg/Screenshot%202016-12-12%2017.48.09.png?dl=0
> 
> Maybe, can we use  tag around the footer for the html format of email?

Standard Mailman never puts the footer in an HTML message part. If the
message is a single part text/plain message, the footer is appended to
the text/plain message. Otherwise it is added as a separate text/plain part.

It could be in your case that unsigned messages are single part
text/plain messages and signatures make the message multipart/signed,
but even so, the formatting of the footer should not be changed.

The article at  has more on this. It
also has some material about non-standard (and not recommended) patches.
Is your Mailman patched in any way to deal with footers and to put them
in HTML parts?

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: 

From edward at hasbrouck.org  Mon Dec 12 18:07:46 2016
From: edward at hasbrouck.org (Edward Hasbrouck)
Date: Mon, 12 Dec 2016 15:07:46 -0800
Subject: [Mailman-Users] Spam to "-request" address generating backscatter
 spam
Message-ID: <584F2DC2.19582.11490C30@edward.hasbrouck.org>

My mail server has been blacklisted by several major e-mail providers 
because of backscatter spam generated by my Mailman installation:

(1) Spammers harvest the "listname-request at domain.com" address from a  
public Web page (presumably the Mailman admin page).

(2) Spam with forged "From:" headers is sent to 
"listname-request at domain.com".

(3) Mailman sends "subscribe confirmation" messages to the addressees in 
the forged "From" fields.

How can I stop this? I am willing to give up "subscribe to this list by 
e-mail", and require all subscriptions to be via the Web. 

I used to use, and manage, mailing lists that handled all subscribe and 
unsubscribe requests by e-mail. But now almost all genuine subscription 
requests to my lists are made through the Web interface.

(I also used to run e-mail auto-responders, for example to send an FAQ in 
response to any e-mail message sent to a special e-mail address. I have 
stopped them all, for similar reasons -- they were attracting spam with 
forged "from" addresses, thus generating spam to those "from" addresses.)

I have found several discussions of variants of this issue on this list, 
going back at least 10 years. But so far as I can tell, there is not yet a 
simple option in the Web admin (or a config file) for each Mailman list, 
"Accept subscription requests by e-mail? Yes/No".

I understand that this may take time to implement, but this problem has 
been known for a very long time. I would like to see this put on the 
feature request list, however that is done. In the meantime, I need a 
workaround if I am to continue using Mailman at all. 

I would still prefer to have e-mail confirmation of new subscriptions, but 
I don't think that would cause as much of a backscatter problem: The 
"-request" address can be harvested form the public Web, but the 
"-confirm" address would be much less likely to do so.

But if it is simpler to implement, it would be OK to require new 
subscriptions to be confirmed through the Web interface.

Temporarily, I have completely disabled the list that was attracting spam 
to its "-request" address.  This isn't a viable long-term option.

Is there any workaround, either through the Web interface or by editing 
Mailman configuration files, to disable the "-request" address or cause 
all mail to that address to be dropped without generating a reply?

FWIW, I am using Mailman through Plesk, which offers it as an option. 
Plesk knows that "-request" is already in use by Mailman, and won't let me 
create that address or alias or manage it except through Mailman.

Thanks in advance for any advice you can offer,

Edward Hasbrouck

----------------
Edward Hasbrouck

+1-415-824-0214

"The Practical Nomad: How to Travel Around the World" (5th ed., 2011)

Consultant to The Identity Project:

GnuPG/PGP public key:

fingerprint:
0B0B 8F74 CEA3 83AB 97B3 F6AF BB7E F636 165C 22F5

From turnbull.stephen.fw at u.tsukuba.ac.jp  Tue Dec 13 06:54:34 2016
From: turnbull.stephen.fw at u.tsukuba.ac.jp (Stephen J. Turnbull)
Date: Tue, 13 Dec 2016 20:54:34 +0900
Subject: [Mailman-Users] Spam to "-request" address generating backscatter
 spam
In-Reply-To: <584F2DC2.19582.11490C30@edward.hasbrouck.org>
References: <584F2DC2.19582.11490C30@edward.hasbrouck.org>
Message-ID: <22607.57722.415932.791758@turnbull.sk.tsukuba.ac.jp>

Edward Hasbrouck writes:

 > (2) Spam with forged "From:" headers is sent to 
 > "listname-request at domain.com".

 > How can I stop this? I am willing to give up "subscribe to this list by 
 > e-mail", and require all subscriptions to be via the Web.

Set Privacy Options | subscribe_policy to "Require approval".

If you don't like that because of lots of subscribes, the easiest
thing to do if you actually have control over your installation is to
remove the alias in the MTA.  How to do that in Plesk, I don't know.
Probably can't, then you have to talk to your hosting service.

Everything else I can think of requires changing code or access to the
Mailman config files.  Again you'll have to talk to your host.

 > I understand that this may take time to implement, but this problem has 
 > been known for a very long time. I would like to see this put on the 
 > feature request list, however that is done.

There is no feature request list for Mailman 2 any more.  If Mark
has time and thinks it's not too invasive, it might happen, but he's
getting more and more involved with Mailman 3.  For Mailman 3, it
would be

http://gitlab.com/mailman/mailman/issues

Use tags "wishlist" and "security" I think.  (Note, AFAIK "security"
doesn't mean "privileged info" on Gitlab's tracker, it's just a tag
for any issue with our privacy or malware mitigation stuff.)

 > Is there any workaround, either through the Web interface or by editing 
 > Mailman configuration files, to disable the "-request" address or cause 
 > all mail to that address to be dropped without generating a reply?

This really is something that should be done in the MTA.  I understand
that you probably don't have access to your MTA's configs, but that's
not our fault.  From our point of view, making this change adds to the
complexity of Mailman configuration for all our users (site admins,
list owners, and subscribers).  It's already quite confusing, and only
going to get worse as we add DKIM, SPF, DMARC, ARC, ....

 > FWIW, I am using Mailman through Plesk, which offers it as an option. 

Consider changing to a service that's more expensive but doesn't make
you unreasonable for making a support request.  Plesk (and cPanel) are
a good idea in principle, but unfortunately the spammers, phishers,
and other miscreants, malefactors, and felons put paid to that.  It
doesn't really matter what you do, if you take input from the
Internet, you need to be able to reconfigure quickly and flexibly in
response to exploits.  Those "control panels" don't offer that, and
probably cannot.

From mark at msapiro.net  Tue Dec 13 12:35:03 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Tue, 13 Dec 2016 09:35:03 -0800
Subject: [Mailman-Users] Spam to "-request" address generating
 backscatter spam
In-Reply-To: <22607.57722.415932.791758@turnbull.sk.tsukuba.ac.jp>
References: <584F2DC2.19582.11490C30@edward.hasbrouck.org>
 <22607.57722.415932.791758@turnbull.sk.tsukuba.ac.jp>
Message-ID: 

On 12/13/2016 03:54 AM, Stephen J. Turnbull wrote:
> Edward Hasbrouck writes:
> 
>  > How can I stop this? I am willing to give up "subscribe to this list by 
>  > e-mail", and require all subscriptions to be via the Web.
> 
> Set Privacy Options | subscribe_policy to "Require approval".

That won't work. The From: address still gets a 'results of your email
commands' message.

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From mark at msapiro.net  Tue Dec 13 12:35:38 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Tue, 13 Dec 2016 09:35:38 -0800
Subject: [Mailman-Users] Spam to "-request" address generating
 backscatter spam
In-Reply-To: <584F2DC2.19582.11490C30@edward.hasbrouck.org>
References: <584F2DC2.19582.11490C30@edward.hasbrouck.org>
Message-ID: <687ac64d-dda2-a543-7949-2b893caeae3c@msapiro.net>

On 12/12/2016 03:07 PM, Edward Hasbrouck wrote:
> 
> How can I stop this? I am willing to give up "subscribe to this list by 
> e-mail", and require all subscriptions to be via the Web. 

Steve has answered most of this. I just want to add a couple of things.
With respect to web subscribes, several sites including python.org have
seen mail bomb attacks via the web subscribe interface.

These are subscribes via the web UI by distributed bots that are "smart"
enough to GET the form  and delay tens of seconds before POSTing it. The
most recent attacks have been multiple subscribes to multiple lists of
some gmail.com address with various permutations of dots (ignored by
gmail) interspersed in the local part. The most recent attack on
mail.python.org subscribed addresses that matched

  '^.*s\.*u\.*n\.*i\.*b\.*e\.*e\.*s\.*t\.*a\.*r\.*s.*@gmail\.com

During the first 17 hours (before I noticed it in the daily status
report) there were 7896 pending subscribes waiting user confirmation and
417 held subscriptions waiting moderator approval (There is a script at
 to remove these).

At that point I added the above pattern to the GLOBAL_BAN_LIST (recently
implemented because of attacks like this). During the next 30+ hours
until the attacks stopped there were 4631 banned subscription attempts.

The banned attempts and held subscriptions don't send emails, but there
were still almost 8000 email confirmation requests sent to the gmail
address.

The bottom line here is that web subscribes are also vulnerable to
exploitation.

> I would still prefer to have e-mail confirmation of new subscriptions, but 
> I don't think that would cause as much of a backscatter problem: The 
> "-request" address can be harvested form the public Web, but the 
> "-confirm" address would be much less likely to do so.
> 
> But if it is simpler to implement, it would be OK to require new 
> subscriptions to be confirmed through the Web interface.

The whole point of confirmation is to verify that the entity generating
the subscribe request can actually receive and comprehend an email
message sent to that address, i.e. is the actual user whose address that
is. I don't see how that can be done without sending an email to the
address.

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From zalezny.niezalezny at gmail.com  Tue Dec 13 08:59:58 2016
From: zalezny.niezalezny at gmail.com (Zalezny Niezalezny)
Date: Tue, 13 Dec 2016 14:59:58 +0100
Subject: [Mailman-Users] Mailman - admin panel - ldap users
Message-ID: 

Hi,

I just would like to know, if its possible to connect LDAP some how with
Mailman webpanel ?
I simply would like to create a users in our AD System and give them rights
to create new maillings lists ?

Is it possible ?

With kind regards

Zalezny

From mark at msapiro.net  Tue Dec 13 13:25:49 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Tue, 13 Dec 2016 10:25:49 -0800
Subject: [Mailman-Users] Mailman - admin panel - ldap users
In-Reply-To: 
References: 
Message-ID: <82542db3-0439-356c-c054-c055108de76f@msapiro.net>

On 12/13/2016 05:59 AM, Zalezny Niezalezny wrote:
> Hi,
> 
> I just would like to know, if its possible to connect LDAP some how with
> Mailman webpanel ?
> I simply would like to create a users in our AD System and give them rights
> to create new maillings lists ?

There is an LDAP MemberAdaptor at
, but I don't think this
is what you are asking. This adaptor allows using the LDAP database as
the membership list for a list or lists.

If I understand, you want to allow people in your LDAP database to
create lists.

This could be done, but it would require modifying the
Mailman/Cgi/create.py script to somehow authenticate the person trying
to create a list against the LDAP database.

Alternatively, you could create a list whose membership is determined
from your LDAP database and use it to distribute the "list creator"
password which you would change more or less frequently depending on
turnover. Or, this wouldn't even need to be a list. Just some process to
query the LDAP database and send an or otherwise notify people.

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From dikim at indiana.edu  Tue Dec 13 16:31:44 2016
From: dikim at indiana.edu (Kim, DongInn)
Date: Tue, 13 Dec 2016 21:31:44 +0000
Subject: [Mailman-Users] footer format
In-Reply-To: <12d36645-4812-eea7-6c8e-9877c949a6af@msapiro.net>
References: 
 <12d36645-4812-eea7-6c8e-9877c949a6af@msapiro.net>
Message-ID: <320E51B7-B341-41AF-AE9E-3368AF8B6B71@indiana.edu>

Hi Mark,

Thank you very much for looking into my problem.

I do not know what is going on with the digital signature part but I am wondering if you can take a look at the full raw source of the message and see if there is any clues to debug this issue? This message was sent with my S/MIME signature.
http://www.crest.iu.edu/~dikim/mailman_footer.txt 

The raw source has the correct format of plain text footer but it is ignored and another footer seems to be displayed with the html format.
Why does it have two footer contents?

Regards,

--
- DongInn

> On Dec 13, 2016, at 1:03 AM, Mark Sapiro  wrote:
> 
> On 12/12/2016 02:49 PM, Kim, DongInn wrote:
>> Hi,
>> 
>> Is there a way to keep the footer format (or layout)? In the most emails, the footer format is fine but when a user uses digital signature (pgp or S/MIME), it surely breaks the format.
>> It seems that it is possible that the format is broken regardless of the signature issue but I can not track down this case.
>> 
>> For example, the broken format looks like this:
>> https://www.dropbox.com/s/hwukqz2iuqa18cg/Screenshot%202016-12-12%2017.47.16.png?dl=0
>> 
>> The right format looks like this:
>> https://www.dropbox.com/s/7tqfdxvjb6hxqbg/Screenshot%202016-12-12%2017.48.09.png?dl=0
>> 
>> Maybe, can we use  tag around the footer for the html format of email?
> 
> 
> Standard Mailman never puts the footer in an HTML message part. If the
> message is a single part text/plain message, the footer is appended to
> the text/plain message. Otherwise it is added as a separate text/plain part.
> 
> It could be in your case that unsigned messages are single part
> text/plain messages and signatures make the message multipart/signed,
> but even so, the formatting of the footer should not be changed.
> 
> The article at  has more on this. It
> also has some material about non-standard (and not recommended) patches.
> Is your Mailman patched in any way to deal with footers and to put them
> in HTML parts?
> 
> -- 
> Mark Sapiro         The highway is for gamblers,
> San Francisco Bay Area, California    better use your sense - B. Dylan
> 
> ------------------------------------------------------
> Mailman-Users mailing list Mailman-Users at python.org
> https://mail.python.org/mailman/listinfo/mailman-users
> Mailman FAQ: http://wiki.list.org/x/AgA3
> Security Policy: http://wiki.list.org/x/QIA9
> Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
> Unsubscribe: https://mail.python.org/mailman/options/mailman-users/dikim%40indiana.edu

From dikim at indiana.edu  Tue Dec 13 16:45:55 2016
From: dikim at indiana.edu (Kim, DongInn)
Date: Tue, 13 Dec 2016 21:45:55 +0000
Subject: [Mailman-Users] footer format
In-Reply-To: <320E51B7-B341-41AF-AE9E-3368AF8B6B71@indiana.edu>
References: 
 <12d36645-4812-eea7-6c8e-9877c949a6af@msapiro.net>
 <320E51B7-B341-41AF-AE9E-3368AF8B6B71@indiana.edu>
Message-ID: 

Mark, there is another thing that I need to mention.

This footer used to work fine with 2.1.15 (i.e., it was fine with the digital signature email) but it seems to have a problem with 2.1.23.
Maybe I did anything stupid? :-(

Regards,

--
- DongInn

> On Dec 13, 2016, at 4:31 PM, Kim, DongInn  wrote:
> 
> Hi Mark,
> 
> Thank you very much for looking into my problem.
> 
> I do not know what is going on with the digital signature part but I am wondering if you can take a look at the full raw source of the message and see if there is any clues to debug this issue? This message was sent with my S/MIME signature.
> http://www.crest.iu.edu/~dikim/mailman_footer.txt 
> 
> The raw source has the correct format of plain text footer but it is ignored and another footer seems to be displayed with the html format.
> Why does it have two footer contents?
> 
> Regards,
> 
> --
> - DongInn
> 
> 
> 
>> On Dec 13, 2016, at 1:03 AM, Mark Sapiro > wrote:
>> 
>> On 12/12/2016 02:49 PM, Kim, DongInn wrote:
>>> Hi,
>>> 
>>> Is there a way to keep the footer format (or layout)? In the most emails, the footer format is fine but when a user uses digital signature (pgp or S/MIME), it surely breaks the format.
>>> It seems that it is possible that the format is broken regardless of the signature issue but I can not track down this case.
>>> 
>>> For example, the broken format looks like this:
>>> https://www.dropbox.com/s/hwukqz2iuqa18cg/Screenshot%202016-12-12%2017.47.16.png?dl=0 
>>> 
>>> The right format looks like this:
>>> https://www.dropbox.com/s/7tqfdxvjb6hxqbg/Screenshot%202016-12-12%2017.48.09.png?dl=0
>>> 
>>> Maybe, can we use  tag around the footer for the html format of email?
>> 
>> 
>> Standard Mailman never puts the footer in an HTML message part. If the
>> message is a single part text/plain message, the footer is appended to
>> the text/plain message. Otherwise it is added as a separate text/plain part.
>> 
>> It could be in your case that unsigned messages are single part
>> text/plain messages and signatures make the message multipart/signed,
>> but even so, the formatting of the footer should not be changed.
>> 
>> The article at > has more on this. It
>> also has some material about non-standard (and not recommended) patches.
>> Is your Mailman patched in any way to deal with footers and to put them
>> in HTML parts?
>> 
>> -- 
>> Mark Sapiro >        The highway is for gamblers,
>> San Francisco Bay Area, California    better use your sense - B. Dylan
>> 
>> ------------------------------------------------------
>> Mailman-Users mailing list Mailman-Users at python.org 
>> https://mail.python.org/mailman/listinfo/mailman-users 
>> Mailman FAQ: http://wiki.list.org/x/AgA3
>> Security Policy: http://wiki.list.org/x/QIA9
>> Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
>> Unsubscribe: https://mail.python.org/mailman/options/mailman-users/dikim%40indiana.edu
> 

From mark at msapiro.net  Tue Dec 13 18:51:47 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Tue, 13 Dec 2016 15:51:47 -0800
Subject: [Mailman-Users] footer format
In-Reply-To: <320E51B7-B341-41AF-AE9E-3368AF8B6B71@indiana.edu>
References: 
 <12d36645-4812-eea7-6c8e-9877c949a6af@msapiro.net>
 <320E51B7-B341-41AF-AE9E-3368AF8B6B71@indiana.edu>
Message-ID: <40528c55-007f-9ef0-2a0a-388fb282f73b@msapiro.net>

On 12/13/2016 01:31 PM, Kim, DongInn wrote:
> 
> I do not know what is going on with the digital signature part but I am wondering if you can take a look at the full raw source of the message and see if there is any clues to debug this issue? This message was sent with my S/MIME signature.
> http://www.crest.iu.edu/~dikim/mailman_footer.txt 
> 
> The raw source has the correct format of plain text footer but it is ignored and another footer seems to be displayed with the html format.
> Why does it have two footer contents?

I don't know the answer to that, but I can tell you the Mailman 2.1.23
did not add the text/html footer. Something in the delivery chain after
Mailman converted Mailman's text/plain footer into multipart/alternative
with Mailman's original text/plain footer as the first alternative and
the garbled text/html footer as the second alternative.

A clue is whatever did that also added the web bug

It looks like the first MTA in the delivery chain is
ismtpd0003p1sjc2.sendgrid.net and that this is a "smarthost" used by
Mailman at isocpp.org for delivery as the message is relayed through
ismtpd0003p1sjc2.sendgrid.net, filter0120p1las1.sendgrid.net and
o1.30e.fshared.sendgrid.net before being delivered to the MX for
indiana.edu.

It is almost 100% certain that it is something at sendgrid.net that is
both munging the text/plain footer into the multipart/alternative and
adding the web bug to the html alternative.

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From mark at msapiro.net  Tue Dec 13 19:02:17 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Tue, 13 Dec 2016 16:02:17 -0800
Subject: [Mailman-Users] footer format
In-Reply-To: <01000158fa9c1c8b-46a1a4dd-b3aa-44f5-8d46-34b4c6ec3a0f-000000@email.amazonses.com>
References: 
 <12d36645-4812-eea7-6c8e-9877c949a6af@msapiro.net>
 <320E51B7-B341-41AF-AE9E-3368AF8B6B71@indiana.edu>
 <40528c55-007f-9ef0-2a0a-388fb282f73b@msapiro.net>
 <01000158fa9c1c8b-46a1a4dd-b3aa-44f5-8d46-34b4c6ec3a0f-000000@email.amazonses.com>
Message-ID: <2b265379-f82a-faf3-f4d3-a2fbba3ce736@msapiro.net>

On 12/13/2016 03:54 PM, Adam Goldberg wrote:
> Send grid gives you the ability to see if someone opened the email, etc. clearly it was sendgrid that added that (and that's why I don't use sendgrid).

Yes, that's what web bugs are for, but in addition to being annoying
invasions of privacy, they are totally unreliable as a means of knowing
whether someone read the mail. All they will tell you is that the
recipient 'opened' the mail which doesn't mean she read it. Also many
MUAs will not load external images in HTML mail without at least asking
first so many people may have read the mail without ever loading the
encoded image URL.

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From adam at agp-llc.com  Tue Dec 13 19:04:42 2016
From: adam at agp-llc.com (Adam Goldberg)
Date: Wed, 14 Dec 2016 00:04:42 +0000
Subject: [Mailman-Users] footer format
In-Reply-To: <2b265379-f82a-faf3-f4d3-a2fbba3ce736@msapiro.net>
References: 
 <12d36645-4812-eea7-6c8e-9877c949a6af@msapiro.net>
 <320E51B7-B341-41AF-AE9E-3368AF8B6B71@indiana.edu>
 <40528c55-007f-9ef0-2a0a-388fb282f73b@msapiro.net>
 <01000158fa9c1c8b-46a1a4dd-b3aa-44f5-8d46-34b4c6ec3a0f-000000@email.amazonses.com>,
 <2b265379-f82a-faf3-f4d3-a2fbba3ce736@msapiro.net>
Message-ID: <01000158faa53b1a-331ece7e-c88d-4723-b679-ce7db4c7a718-000000@email.amazonses.com>

That's all true, but in addition I don't want my MSA changing the body of the emails I send. For this reason (the footer problem), and others. 

Adam
adam at agp-llc.com

> On Dec 13, 2016, at 7:02 PM, Mark Sapiro  wrote:
> 
>> On 12/13/2016 03:54 PM, Adam Goldberg wrote:
>> Send grid gives you the ability to see if someone opened the email, etc. clearly it was sendgrid that added that (and that's why I don't use sendgrid).
> 
> 
> Yes, that's what web bugs are for, but in addition to being annoying
> invasions of privacy, they are totally unreliable as a means of knowing
> whether someone read the mail. All they will tell you is that the
> recipient 'opened' the mail which doesn't mean she read it. Also many
> MUAs will not load external images in HTML mail without at least asking
> first so many people may have read the mail without ever loading the
> encoded image URL.
> 
> -- 
> Mark Sapiro         The highway is for gamblers,
> San Francisco Bay Area, California    better use your sense - B. Dylan

From adam at agp-llc.com  Tue Dec 13 18:54:44 2016
From: adam at agp-llc.com (Adam Goldberg)
Date: Tue, 13 Dec 2016 23:54:44 +0000
Subject: [Mailman-Users] footer format
In-Reply-To: <40528c55-007f-9ef0-2a0a-388fb282f73b@msapiro.net>
References: 
 <12d36645-4812-eea7-6c8e-9877c949a6af@msapiro.net>
 <320E51B7-B341-41AF-AE9E-3368AF8B6B71@indiana.edu>,
 <40528c55-007f-9ef0-2a0a-388fb282f73b@msapiro.net>
Message-ID: <01000158fa9c1cd9-6cec04e1-efba-4d6b-9493-97ad21d03164-000000@email.amazonses.com>

Send grid gives you the ability to see if someone opened the email, etc. clearly it was sendgrid that added that (and that's why I don't use sendgrid).

Adam Goldberg
202-507-9900

On Tue, Dec 13, 2016 at 6:52 PM -0500, "Mark Sapiro" > wrote:

On 12/13/2016 01:31 PM, Kim, DongInn wrote:
>
> I do not know what is going on with the digital signature part but I am wondering if you can take a look at the full raw source of the message and see if there is any clues to debug this issue? This message was sent with my S/MIME signature.
> http://www.crest.iu.edu/~dikim/mailman_footer.txt 
>
> The raw source has the correct format of plain text footer but it is ignored and another footer seems to be displayed with the html format.
> Why does it have two footer contents?

I don't know the answer to that, but I can tell you the Mailman 2.1.23
did not add the text/html footer. Something in the delivery chain after
Mailman converted Mailman's text/plain footer into multipart/alternative
with Mailman's original text/plain footer as the first alternative and
the garbled text/html footer as the second alternative.

A clue is whatever did that also added the web bug

It looks like the first MTA in the delivery chain is
ismtpd0003p1sjc2.sendgrid.net and that this is a "smarthost" used by
Mailman at isocpp.org for delivery as the message is relayed through
ismtpd0003p1sjc2.sendgrid.net, filter0120p1las1.sendgrid.net and
o1.30e.fshared.sendgrid.net before being delivered to the MX for
indiana.edu.

It is almost 100% certain that it is something at sendgrid.net that is
both munging the text/plain footer into the multipart/alternative and
adding the web bug to the html alternative.

--
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan
------------------------------------------------------
Mailman-Users mailing list Mailman-Users at python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: https://mail.python.org/mailman/options/mailman-users/adam%40agp-llc.com

From mark at msapiro.net  Tue Dec 13 20:06:11 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Tue, 13 Dec 2016 17:06:11 -0800
Subject: [Mailman-Users] Root URL / vs /listinfo?
In-Reply-To: <31A9CBC9-A8D1-49F9-802F-003C9470DB5A@hotmail.com>
References: <6F0D8E31-E32B-45AA-A913-7D6D8B60B5BF@samsi.us>

 <31A9CBC9-A8D1-49F9-802F-003C9470DB5A@hotmail.com>
Message-ID: 

On 12/12/2016 02:39 PM, Caesar Samsi wrote:
> When you go to http://mail.mydomain.com/, where do you wind up? I.e.,
> whats the URL in the address bar of your browser, and is the resultant
> page an actual page or a 404?
> 
> I end up at https://mail.mydomain.com/listinfo

Which is correct, right?

> What happens if you go to https://mail.mydomain.com/?
> 
> I end up at https://mail.mydomain.com/

And you want to end up at https://mail.mydomain.com/listinfo, right.

The probable answer to that is you are doing the redirect from
http://mail.mydomain.com/ to http://mail.mydomain.com/listinfo before
the redirect from http to https.

See below.

> In /etc/apache2/sites-available I have mailman.con which contains a number of redirects as follows:
> 
> 
> ServerName mydomain.us
> ServerAdmin gigs at amydomain.com
> Redirect / https://mydomain.us/
> 

So going to http://mydomain.us/... will redirect to https://mydomain.us/...

> 
> ServerName www.mydomain.us
> ServerAdmin gigs at amydomain.com
> Redirect / https://mail.mydomain.us/
> 

And going to http://www.mydomain.us/... will redirect to
https://mail.mydomain.us/...

> 
> ServerName mail.mydomain.us
> ServerAdmin gigs at mydomain.com
> Redirect / https://mail.mydomain.us

And going to http://mail.mydomain.us/... will redirect to
https://mail.mydomain.us/...

> ErrorLog /var/log/apache2/mailman-error.log
> CustomLog /var/log/apache2/mailman-access.log combined
> 
> 
>     Options FollowSymLinks
>     AllowOverride All
>     Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
>     Require all granted
> 
> 
> 
> 
> and aliases as follows:
> 
> Alias /AUP /var/www/html/AUP
> Alias /pipermail/ /var/lib/mailman/archives/public/
> Alias /postfixadmin /var/www/html/postfixadmin
> Alias /roundcube /var/www/html/roundcube
> Alias /images/mailman/ /usr/share/images/mailman/
> ScriptAlias /admin /usr/lib/cgi-bin/mailman/admin
> ScriptAlias /admindb /usr/lib/cgi-bin/mailman/admindb
> ScriptAlias /confirm /usr/lib/cgi-bin/mailman/confirm
> ScriptAlias /create /usr/lib/cgi-bin/mailman/create
> ScriptAlias /edithtml /usr/lib/cgi-bin/mailman/edithtml
> ScriptAlias /listinfo /usr/lib/cgi-bin/mailman/listinfo
> ScriptAlias /options /usr/lib/cgi-bin/mailman/options
> ScriptAlias /private /usr/lib/cgi-bin/mailman/private
> ScriptAlias /rmlist /usr/lib/cgi-bin/mailman/rmlist
> ScriptAlias /roster /usr/lib/cgi-bin/mailman/roster
> ScriptAlias /subscribe /usr/lib/cgi-bin/mailman/subscribe
> ScriptAlias /mailman/ /usr/lib/cgi-bin/mailman/
> ScriptAlias / /usr/lib/cgi-bin/mailman/listinfo

So it appears you are relying on

ScriptAlias / /usr/lib/cgi-bin/mailman/listinfo

to get to the listinfo page from an http(s)://host/ url. Aside from the
fact that this isn't a redirect which would explain why when you go to
https://mail.mydomain.com/ the address you wind up at is still
https://mail.mydomain.com/ (but is it in fact the listinfo page?), it
seems very bad because it means that going to any URL like
http(s)://host/something, where 'something' is anything that doesn't
match one of the preceding Alias or ScripAlias directives will invoke
the script /usr/lib/cgi-bin/mailman/listinfosomething that doesn't
exist, and even if you made it

ScriptAlias / /usr/lib/cgi-bin/mailman/listinfo/

It would still invoke the script
/usr/lib/cgi-bin/mailman/listinfo/something which will probably give a
"No such list something" error on the returned listinfo page with
http(s)://host/something still in the browser's address bar.

Further, this doesn't explain how http://mail.mydomain.com/ redirects to
http://mail.mydomain.com/listinfo before redirecting to https.

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From mailinglist at samsi.us  Tue Dec 13 21:50:46 2016
From: mailinglist at samsi.us (Caesar Samsi)
Date: Tue, 13 Dec 2016 18:50:46 -0800
Subject: [Mailman-Users] Root URL / vs /listinfo?
In-Reply-To: 
References: <6F0D8E31-E32B-45AA-A913-7D6D8B60B5BF@samsi.us>

 <31A9CBC9-A8D1-49F9-802F-003C9470DB5A@hotmail.com>

Message-ID: 

[dangit had to resend, used a non-member alias]

Hmm but I want to enter http://mail.mydomain.com/  (root non SSL) and end up at https://mail.mydomain.com/  (root with SSL) but which serves up listinfo as it has been ScriptAlias?ed to

(i.e. serves up /listinfo but without the URL /listinfo)

I guess I can live with it, the intent of redirecting from root to mailman works well.

Thank you, Caesar.
> On Dec 13, 2016, at 5:06 PM, Mark Sapiro  wrote:
> 
> On 12/12/2016 02:39 PM, Caesar Samsi wrote:
>> When you go to http://mail.mydomain.com/, where do you wind up? I.e.,
>> whats the URL in the address bar of your browser, and is the resultant
>> page an actual page or a 404?
>> 
>> I end up at https://mail.mydomain.com/listinfo
> 
> 
> Which is correct, right?
> 
> 
>> What happens if you go to https://mail.mydomain.com/?
>> 
>> I end up at https://mail.mydomain.com/
> 
> 
> And you want to end up at https://mail.mydomain.com/listinfo, right.
> 
> The probable answer to that is you are doing the redirect from
> http://mail.mydomain.com/ to http://mail.mydomain.com/listinfo before
> the redirect from http to https.
> 
> See below.
> 
> 
>> In /etc/apache2/sites-available I have mailman.con which contains a number of redirects as follows:
>> 
>> 
>> ServerName mydomain.us
>> ServerAdmin gigs at amydomain.com
>> Redirect / https://mydomain.us/
>> 
> 
> 
> So going to http://mydomain.us/... will redirect to https://mydomain.us/...
> 
>> 
>> ServerName www.mydomain.us
>> ServerAdmin gigs at amydomain.com
>> Redirect / https://mail.mydomain.us/
>> 
> 
> 
> And going to http://www.mydomain.us/... will redirect to
> https://mail.mydomain.us/...
> 
> 
>> 
>> ServerName mail.mydomain.us
>> ServerAdmin gigs at mydomain.com
>> Redirect / https://mail.mydomain.us
> 
> 
> And going to http://mail.mydomain.us/... will redirect to
> https://mail.mydomain.us/...
> 
> 
>> ErrorLog /var/log/apache2/mailman-error.log
>> CustomLog /var/log/apache2/mailman-access.log combined
>> 
>> 
>>    Options FollowSymLinks
>>    AllowOverride All
>>    Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
>>    Require all granted
>> 
>> 
>> 
>> 
>> and aliases as follows:
>> 
>> Alias /AUP /var/www/html/AUP
>> Alias /pipermail/ /var/lib/mailman/archives/public/
>> Alias /postfixadmin /var/www/html/postfixadmin
>> Alias /roundcube /var/www/html/roundcube
>> Alias /images/mailman/ /usr/share/images/mailman/
>> ScriptAlias /admin /usr/lib/cgi-bin/mailman/admin
>> ScriptAlias /admindb /usr/lib/cgi-bin/mailman/admindb
>> ScriptAlias /confirm /usr/lib/cgi-bin/mailman/confirm
>> ScriptAlias /create /usr/lib/cgi-bin/mailman/create
>> ScriptAlias /edithtml /usr/lib/cgi-bin/mailman/edithtml
>> ScriptAlias /listinfo /usr/lib/cgi-bin/mailman/listinfo
>> ScriptAlias /options /usr/lib/cgi-bin/mailman/options
>> ScriptAlias /private /usr/lib/cgi-bin/mailman/private
>> ScriptAlias /rmlist /usr/lib/cgi-bin/mailman/rmlist
>> ScriptAlias /roster /usr/lib/cgi-bin/mailman/roster
>> ScriptAlias /subscribe /usr/lib/cgi-bin/mailman/subscribe
>> ScriptAlias /mailman/ /usr/lib/cgi-bin/mailman/
>> ScriptAlias / /usr/lib/cgi-bin/mailman/listinfo
> 
> So it appears you are relying on
> 
> ScriptAlias / /usr/lib/cgi-bin/mailman/listinfo
> 
> to get to the listinfo page from an http(s)://host/ url. Aside from the
> fact that this isn't a redirect which would explain why when you go to
> https://mail.mydomain.com/ the address you wind up at is still
> https://mail.mydomain.com/ (but is it in fact the listinfo page?), it
> seems very bad because it means that going to any URL like
> http(s)://host/something, where 'something' is anything that doesn't
> match one of the preceding Alias or ScripAlias directives will invoke
> the script /usr/lib/cgi-bin/mailman/listinfosomething that doesn't
> exist, and even if you made it
> 
> ScriptAlias / /usr/lib/cgi-bin/mailman/listinfo/
> 
> It would still invoke the script
> /usr/lib/cgi-bin/mailman/listinfo/something which will probably give a
> "No such list something" error on the returned listinfo page with
> http(s)://host/something still in the browser's address bar.
> 
> Further, this doesn't explain how http://mail.mydomain.com/ redirects to
> http://mail.mydomain.com/listinfo before redirecting to https.
> 
> -- 
> Mark Sapiro         The highway is for gamblers,
> San Francisco Bay Area, California    better use your sense - B. Dylan

From mailinglist at samsi.us  Tue Dec 13 23:17:49 2016
From: mailinglist at samsi.us (Caesar Samsi)
Date: Tue, 13 Dec 2016 20:17:49 -0800
Subject: [Mailman-Users] distutils is not available or incomplete when
 ./configure mailman 2.1.23?
Message-ID: <29CB1289-9ADC-4341-834C-4BB122658FF6@samsi.us>

Hi,

When I run configure like this:

./configure --prefix=/var/lib/mailman --with-username=list --with-groupname=list --with-cgi-gid=www-data --with-mail-gid=list --with-mailhost=YOUR.EMAIL.DOMAIN --with-urlhost=YOUR.WEB.DOMAIN

A few lines later I get:

? checking that Python has a working distutils... configure: error: 

***** Distutils is not available or is incomplete for /usr/bin/python
***** If you installed Python from RPM (or other package manager)
***** be sure to install the -devel package, or install Python
***** from source.  See sec. 15.1 of the Installation Manual for
***** details

What am I missing?

Thank you, Caesar.

From mark at msapiro.net  Wed Dec 14 00:12:50 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Tue, 13 Dec 2016 21:12:50 -0800
Subject: [Mailman-Users] Root URL / vs /listinfo?
In-Reply-To: 
References: <6F0D8E31-E32B-45AA-A913-7D6D8B60B5BF@samsi.us>

 <31A9CBC9-A8D1-49F9-802F-003C9470DB5A@hotmail.com>

Message-ID: 

On 12/13/2016 06:50 PM, Caesar Samsi wrote:
> [dangit had to resend, used a non-member alias]
> 
> Hmm but I want to enter http://mail.mydomain.com/ (root non SSL) and end
> up at https://mail.mydomain.com/ (root with SSL) but which serves up
> listinfo as it has been ScriptAlias?ed to
> 
> (i.e. serves up /listinfo but without the URL /listinfo)

Somewhere in some part of your apache configuration that you haven't
posted there is a redirect from http://mail.mydomain.com/ to
http://mail.mydomain.com/listinfo.

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From mark at msapiro.net  Wed Dec 14 00:15:53 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Tue, 13 Dec 2016 21:15:53 -0800
Subject: [Mailman-Users] distutils is not available or incomplete when
 ./configure mailman 2.1.23?
In-Reply-To: <29CB1289-9ADC-4341-834C-4BB122658FF6@samsi.us>
References: <29CB1289-9ADC-4341-834C-4BB122658FF6@samsi.us>
Message-ID: 

On 12/13/2016 08:17 PM, Caesar Samsi wrote:
> Hi,
> 
> When I run configure like this:
> 
> ./configure --prefix=/var/lib/mailman --with-username=list --with-groupname=list --with-cgi-gid=www-data --with-mail-gid=list --with-mailhost=YOUR.EMAIL.DOMAIN --with-urlhost=YOUR.WEB.DOMAIN
> 
> A few lines later I get:
> 
> ? checking that Python has a working distutils... configure: error: 
> 
> ***** Distutils is not available or is incomplete for /usr/bin/python
> ***** If you installed Python from RPM (or other package manager)
> ***** be sure to install the -devel package, or install Python
> ***** from source.  See sec. 15.1 of the Installation Manual for
> ***** details
> 
> What am I missing?

sudo apt-get install python-dev

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From mailinglist at samsi.us  Wed Dec 14 13:33:48 2016
From: mailinglist at samsi.us (Caesar Samsi)
Date: Wed, 14 Dec 2016 10:33:48 -0800
Subject: [Mailman-Users] distutils is not available or incomplete when
 ./configure mailman 2.1.23?
In-Reply-To: 
References: <29CB1289-9ADC-4341-834C-4BB122658FF6@samsi.us>

Message-ID: 

Ah, now it works. Would be great to see this info in the build & install doc/wiki.

Thank you, Caesar.

> On Dec 13, 2016, at 9:15 PM, Mark Sapiro  wrote:
> 
> On 12/13/2016 08:17 PM, Caesar Samsi wrote:
>> Hi,
>> 
>> When I run configure like this:
>> 
>> ./configure --prefix=/var/lib/mailman --with-username=list --with-groupname=list --with-cgi-gid=www-data --with-mail-gid=list --with-mailhost=YOUR.EMAIL.DOMAIN --with-urlhost=YOUR.WEB.DOMAIN
>> 
>> A few lines later I get:
>> 
>> ? checking that Python has a working distutils... configure: error: 
>> 
>> ***** Distutils is not available or is incomplete for /usr/bin/python
>> ***** If you installed Python from RPM (or other package manager)
>> ***** be sure to install the -devel package, or install Python
>> ***** from source.  See sec. 15.1 of the Installation Manual for
>> ***** details
>> 
>> What am I missing?
> 
> 
> sudo apt-get install python-dev
> 
> -- 
> Mark Sapiro >        The highway is for gamblers,
> San Francisco Bay Area, California    better use your sense - B. Dylan
> ------------------------------------------------------
> Mailman-Users mailing list Mailman-Users at python.org 
> https://mail.python.org/mailman/listinfo/mailman-users 
> Mailman FAQ: http://wiki.list.org/x/AgA3 
> Security Policy: http://wiki.list.org/x/QIA9 
> Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ 
> Unsubscribe: https://mail.python.org/mailman/options/mailman-users/mailinglist%40samsi.us 

From mark at msapiro.net  Wed Dec 14 14:01:30 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Wed, 14 Dec 2016 11:01:30 -0800
Subject: [Mailman-Users] distutils is not available or incomplete when
 ./configure mailman 2.1.23?
In-Reply-To: 
References: <29CB1289-9ADC-4341-834C-4BB122658FF6@samsi.us>

Message-ID: 

On 12/14/2016 10:33 AM, Caesar Samsi wrote:
> Ah, now it works. Would be great to see this info in the build & install
> doc/wiki.

It's in the installation manual, section 15.1, as it said in the message
you received.

>>> ? checking that Python has a working distutils... configure: error: 
>>>
>>> ***** Distutils is not available or is incomplete for /usr/bin/python
>>> ***** If you installed Python from RPM (or other package manager)
>>> ***** be sure to install the -devel package, or install Python
>>> ***** from source.  See sec. 15.1 of the Installation Manual for
>>> ***** details

The manual is in various formats in the doc/ subdirectory of the
directory into which you unpacked and ran ./configure. I.e.,
doc/mailman-install/index.html, doc/mailman-install.dvi,
doc/mailman-install.pdf, doc/mailman-install.ps and doc/mailman-install.txt.

It is also online. See 
for the relevant section.

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From mailinglist at samsi.us  Wed Dec 14 14:58:22 2016
From: mailinglist at samsi.us (Caesar Samsi)
Date: Wed, 14 Dec 2016 11:58:22 -0800
Subject: [Mailman-Users] distutils is not available or incomplete when
 ./configure mailman 2.1.23?
In-Reply-To: 
References: <29CB1289-9ADC-4341-834C-4BB122658FF6@samsi.us>

Message-ID: <821C7637-D632-49A5-84F4-07FC1FEBC58E@samsi.us>

Indeed it is but what tripped me up was it was not python-devel it is actually python-dev

Not quite a developer so didn?t think of trying -dev ? :-)

> On Dec 14, 2016, at 11:01 AM, Mark Sapiro  wrote:
> 
> On 12/14/2016 10:33 AM, Caesar Samsi wrote:
>> Ah, now it works. Would be great to see this info in the build & install
>> doc/wiki.
> 
> 
> It's in the installation manual, section 15.1, as it said in the message
> you received.
> 
> 
>>>> ? checking that Python has a working distutils... configure: error: 
>>>> 
>>>> ***** Distutils is not available or is incomplete for /usr/bin/python
>>>> ***** If you installed Python from RPM (or other package manager)
>>>> ***** be sure to install the -devel package, or install Python
>>>> ***** from source.  See sec. 15.1 of the Installation Manual for
>>>> ***** details
> 
> 
> The manual is in various formats in the doc/ subdirectory of the
> directory into which you unpacked and ran ./configure. I.e.,
> doc/mailman-install/index.html, doc/mailman-install.dvi,
> doc/mailman-install.pdf, doc/mailman-install.ps and doc/mailman-install.txt.
> 
> It is also online. See 
> for the relevant section.
> 
> -- 
> Mark Sapiro         The highway is for gamblers,
> San Francisco Bay Area, California    better use your sense - B. Dylan

From guest2 at sgeinc.com  Wed Dec 14 16:15:17 2016
From: guest2 at sgeinc.com (Richard Shetron)
Date: Wed, 14 Dec 2016 16:15:17 -0500
Subject: [Mailman-Users] distutils is not available or incomplete when
 ./configure mailman 2.1.23?
In-Reply-To: <821C7637-D632-49A5-84F4-07FC1FEBC58E@samsi.us>
References: <29CB1289-9ADC-4341-834C-4BB122658FF6@samsi.us>

 <821C7637-D632-49A5-84F4-07FC1FEBC58E@samsi.us>
Message-ID: 

You can always search the cache with:
apt-cache search python
or
apt-cache search python-dev
to get less noise.

On 12/14/2016 2:58 PM, Caesar Samsi wrote:
> Indeed it is but what tripped me up was it was not python-devel it is actually python-dev
>
> Not quite a developer so didn?t think of trying -dev ? :-)
>
>> On Dec 14, 2016, at 11:01 AM, Mark Sapiro  wrote:
>>
>> On 12/14/2016 10:33 AM, Caesar Samsi wrote:
>>> Ah, now it works. Would be great to see this info in the build & install
>>> doc/wiki.
>>
>>
>> It's in the installation manual, section 15.1, as it said in the message
>> you received.
>>
>>
>>>>> ? checking that Python has a working distutils... configure: error:
>>>>>
>>>>> ***** Distutils is not available or is incomplete for /usr/bin/python
>>>>> ***** If you installed Python from RPM (or other package manager)
>>>>> ***** be sure to install the -devel package, or install Python
>>>>> ***** from source.  See sec. 15.1 of the Installation Manual for
>>>>> ***** details
>>
>>
>> The manual is in various formats in the doc/ subdirectory of the
>> directory into which you unpacked and ran ./configure. I.e.,
>> doc/mailman-install/index.html, doc/mailman-install.dvi,
>> doc/mailman-install.pdf, doc/mailman-install.ps and doc/mailman-install.txt.
>>
>> It is also online. See 
>> for the relevant section.
>>
>> --
>> Mark Sapiro         The highway is for gamblers,
>> San Francisco Bay Area, California    better use your sense - B. Dylan
>
> ------------------------------------------------------
> Mailman-Users mailing list Mailman-Users at python.org
> https://mail.python.org/mailman/listinfo/mailman-users
> Mailman FAQ: http://wiki.list.org/x/AgA3
> Security Policy: http://wiki.list.org/x/QIA9
> Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
> Unsubscribe: https://mail.python.org/mailman/options/mailman-users/guest2%40sgeinc.com
>

From mailinglist at samsi.us  Wed Dec 14 16:22:48 2016
From: mailinglist at samsi.us (Caesar Samsi)
Date: Wed, 14 Dec 2016 13:22:48 -0800
Subject: [Mailman-Users] distutils is not available or incomplete when
 ./configure mailman 2.1.23?
In-Reply-To: 
References: <29CB1289-9ADC-4341-834C-4BB122658FF6@samsi.us>

 <821C7637-D632-49A5-84F4-07FC1FEBC58E@samsi.us>

Message-ID: <416D381E-5582-4A95-901F-36A69F5FBCA0@samsi.us>

In conclusion for folks searching the archives ? the distutils tool is in python-dev package.

To get it do: sudo apt-get install python-dev

> On Dec 14, 2016, at 1:15 PM, Richard Shetron  wrote:
> 
> You can always search the cache with:
> apt-cache search python
> or
> apt-cache search python-dev
> to get less noise.
> 
> On 12/14/2016 2:58 PM, Caesar Samsi wrote:
>> Indeed it is but what tripped me up was it was not python-devel it is actually python-dev
>> 
>> Not quite a developer so didn?t think of trying -dev ? :-)
>> 
>>> On Dec 14, 2016, at 11:01 AM, Mark Sapiro  wrote:
>>> 
>>> On 12/14/2016 10:33 AM, Caesar Samsi wrote:
>>>> Ah, now it works. Would be great to see this info in the build & install
>>>> doc/wiki.
>>> 
>>> 
>>> It's in the installation manual, section 15.1, as it said in the message
>>> you received.
>>> 
>>> 
>>>>>> ? checking that Python has a working distutils... configure: error:
>>>>>> 
>>>>>> ***** Distutils is not available or is incomplete for /usr/bin/python
>>>>>> ***** If you installed Python from RPM (or other package manager)
>>>>>> ***** be sure to install the -devel package, or install Python
>>>>>> ***** from source.  See sec. 15.1 of the Installation Manual for
>>>>>> ***** details
>>> 
>>> 
>>> The manual is in various formats in the doc/ subdirectory of the
>>> directory into which you unpacked and ran ./configure. I.e.,
>>> doc/mailman-install/index.html, doc/mailman-install.dvi,
>>> doc/mailman-install.pdf, doc/mailman-install.ps and doc/mailman-install.txt.
>>> 
>>> It is also online. See 
>>> for the relevant section.
>>> 
>>> --
>>> Mark Sapiro         The highway is for gamblers,
>>> San Francisco Bay Area, California    better use your sense - B. Dylan
>> 
>> ------------------------------------------------------
>> Mailman-Users mailing list Mailman-Users at python.org
>> https://mail.python.org/mailman/listinfo/mailman-users
>> Mailman FAQ: http://wiki.list.org/x/AgA3
>> Security Policy: http://wiki.list.org/x/QIA9
>> Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
>> Unsubscribe: https://mail.python.org/mailman/options/mailman-users/guest2%40sgeinc.com 

From mark at msapiro.net  Wed Dec 14 16:36:54 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Wed, 14 Dec 2016 13:36:54 -0800
Subject: [Mailman-Users] distutils is not available or incomplete when
 ./configure mailman 2.1.23?
In-Reply-To: <416D381E-5582-4A95-901F-36A69F5FBCA0@samsi.us>
References: <29CB1289-9ADC-4341-834C-4BB122658FF6@samsi.us>

 <821C7637-D632-49A5-84F4-07FC1FEBC58E@samsi.us>

 <416D381E-5582-4A95-901F-36A69F5FBCA0@samsi.us>
Message-ID: <54fb61e0-9ffa-3206-893a-769dcea49475@msapiro.net>

On 12/14/2016 01:22 PM, Caesar Samsi wrote:
> In conclusion for folks searching the archives ? the distutils tool is
> in python-dev package.
> 
> To get it do: sudo apt-get install python-dev

If your OS is Debian/Ubuntu.

For RHEL/Centos the package is python-devel installed via

sudo yum install python-devel

and for other OS's or Linux distros, it may be something else.

You can  also install docutils with

sudo pip install docutils

if you have pip installed, but this may not install other needed python
dependencies.

In short, package names and software installation methods vary widely
and trying to document all the options would probably be confusing in
addition to leaving some out.

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From mailinglist at samsi.us  Wed Dec 14 17:58:27 2016
From: mailinglist at samsi.us (Caesar Samsi)
Date: Wed, 14 Dec 2016 14:58:27 -0800
Subject: [Mailman-Users] bin/genaliases not generating aliases?
Message-ID: <91406040-CF32-4EF1-ACE3-D080A783EE80@samsi.us>

Hi Mark,

I?m attempting an install from scratch on a new server. It has virtual domain configured postfix.

I?ve completed http://www.gnu.org/software/mailman/mailman-install/node12.html  (Using Postfix server)
I?m attempting to complete http://www.gnu.org/software/mailman/mailman-install/postfix-integration.html  (Integrating Postfix and Mailman)

When I do:

Run the bin/genaliases script to initialize your aliases file.

        % cd /usr/local/mailman
        % bin/genaliases
I?m assuming the aliases would be generated in /usr/local/mailman/data, but they aren?t

What to do?

I?m running LinuxMint 18 Sarah (Ubuntu flavor).

Thanks, Caesar.

From mark at msapiro.net  Wed Dec 14 18:07:51 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Wed, 14 Dec 2016 15:07:51 -0800
Subject: [Mailman-Users] bin/genaliases not generating aliases?
In-Reply-To: <91406040-CF32-4EF1-ACE3-D080A783EE80@samsi.us>
References: <91406040-CF32-4EF1-ACE3-D080A783EE80@samsi.us>
Message-ID: 

On 12/14/2016 02:58 PM, Caesar Samsi wrote:
> 
> When I do:
> 
> Run the bin/genaliases script to initialize your aliases file.
> 
>         % cd /usr/local/mailman
>         % bin/genaliases
> I?m assuming the aliases would be generated in /usr/local/mailman/data, but they aren?t
> 
> What to do?

What's in /usr/local/mailman/Mailman/mm_cfg.py?

In particular, do you have

MTA = 'Postfix'

Have you created any lists?

We can start there, but ultimately we will probably need to see the
contents of /usr/local/mailman/Mailman/mm_cfg.py and the output from
'postconf -n'

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From cmsamsi at hotmail.com  Thu Dec 15 18:35:03 2016
From: cmsamsi at hotmail.com (Caesar Samsi)
Date: Thu, 15 Dec 2016 23:35:03 +0000
Subject: [Mailman-Users] bin/genaliases not generating aliases?
In-Reply-To: 
References: <91406040-CF32-4EF1-ACE3-D080A783EE80@samsi.us>

Message-ID: <7876204F-9EA3-4EC9-9016-34DA9167148D@hotmail.com>

I?ve attached postfix, mm_cfg.py, main.cf, and master.cf

I have created the initial list mailman (sudo bin/newlist --urlhost=www.yugi.us --emailhost=mail.yugi.us mailman)

Ran genaliases, still no aliases file in /usr/local/mailman/data.

> On Dec 14, 2016, at 3:07 PM, Mark Sapiro  wrote:
>
> On 12/14/2016 02:58 PM, Caesar Samsi wrote:
>>
>> When I do:
>>
>> Run the bin/genaliases script to initialize your aliases file.
>>
>>     % cd /usr/local/mailman
>>     % bin/genaliases
>> I?m assuming the aliases would be generated in /usr/local/mailman/data, but they aren?t
>>
>> What to do?
>
>
> What's in /usr/local/mailman/Mailman/mm_cfg.py?
>
> In particular, do you have
>
> MTA = 'Postfix'
>
> Have you created any lists?
>
> We can start there, but ultimately we will probably need to see the
> contents of /usr/local/mailman/Mailman/mm_cfg.py and the output from
> 'postconf -n'
>
> --
> Mark Sapiro         The highway is for gamblers,
> San Francisco Bay Area, California    better use your sense - B. Dylan
> ------------------------------------------------------
> Mailman-Users mailing list Mailman-Users at python.org
> https://mail.python.org/mailman/listinfo/mailman-users
> Mailman FAQ: http://wiki.list.org/x/AgA3
> Security Policy: http://wiki.list.org/x/QIA9
> Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
> Unsubscribe: https://mail.python.org/mailman/options/mailman-users/mailinglist%40samsi.us

-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: postfix.txt
URL: 

From mark at msapiro.net  Thu Dec 15 19:13:54 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Thu, 15 Dec 2016 16:13:54 -0800
Subject: [Mailman-Users] bin/genaliases not generating aliases?
In-Reply-To: <7876204F-9EA3-4EC9-9016-34DA9167148D@hotmail.com>
References: <91406040-CF32-4EF1-ACE3-D080A783EE80@samsi.us>

 <7876204F-9EA3-4EC9-9016-34DA9167148D@hotmail.com>
Message-ID: 

On 12/15/2016 03:35 PM, Caesar Samsi wrote:
> I?ve attached postfix, mm_cfg.py, main.cf, and master.cf

And the list's content filtering remove all but postfix.txt which is
just as well, because 'postconf -n' and mm_cfg.py are all I wanted to
see anyway.

> I have created the initial list mailman (sudo bin/newlist
> --urlhost=www.yugi.us --emailhost=mail.yugi.us mailman)
> 
> Ran genaliases, still no aliases file in /usr/local/mailman/data.

What happened when you ran genaliases? Did it produce any output on your
terminal? If so, what? Did you run it via sudo as root or the Mailman
user ('list' in your case I think)?

Here's the relevant parts of mm_cfg.py and postconf -n with comments

mm_cfg.py

> #-------------------------------------------------------------
> # The name of the list Mailman uses to send password reminders
> # and similar. Don't change if you want mailman-owner to be
> # a valid local part.
> MAILMAN_SITE_LIST = 'mailman'

Have you created the 'mailman' list?. It must exist before you can start
Mailman.

> ...
> #-------------------------------------------------------------
> # Default domain for email addresses of newly created MLs
> DEFAULT_EMAIL_HOST = 'mailyugi.us'

Missing a dot - 'mail.yugi.us'

> #-------------------------------------------------------------
> # Default host for web interface of newly created MLs
> DEFAULT_URL_HOST   = 'www.yugi.us'
> #-------------------------------------------------------------
> # Required when setting any of its arguments.
> #add_virtualhost(DEFAULT_URL_HOST, DEFAULT_EMAIL_HOST)
> add_virtualhost(DEFAULT_URL_HOST, DEFAULT_EMAIL_HOST)
> 
> #-------------------------------------------------------------
> # The default language for this server.
> DEFAULT_SERVER_LANGUAGE = 'en'
> 
> #-------------------------------------------------------------
> # Iirc this was used in pre 2.1, leave it for now
> USE_ENVELOPE_SENDER    = 0              # Still used?

Yes, it's used, but 0 (False) is the default anyway.

...
> #-------------------------------------------------------------
> # Uncomment if you use Postfix virtual domains (but not
> # postfix-to-mailman.py), but be sure to see
> # /usr/share/doc/mailman/README.Debian first.
> MTA='Postfix'

OK

> SMTPHOST = 'localhost'
> SMTPPORT = 25

These are defaults anyway.

...
> POSTFIX_STYLE_VIRTUAL_DOMAINS = ['yugi.us']

If you want to generate data/virtual-mailman for lists in the
mail.yugi.us email domain, this should be

POSTFIX_STYLE_VIRTUAL_DOMAINS = ['mail.yugi.us']

or

POSTFIX_STYLE_VIRTUAL_DOMAINS = ['yugi.us', 'mail.yugi.us']

if you want both.

postconf -n

> 
> alias_maps = hash:/etc/aliases,hash:/var/lib/mailman/data/aliases

OK

> mydestination = localhost
> myhostname = mail.yugi.us
> mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
> mynetworks_style = host
> myorigin = /etc/hostname
> readme_directory = no
> recipient_delimiter = +
> relay_domains = mail.yugi.us

mail.yugi.us should probably be a virtual_alias_domain, not a relay_domain.

...
> virtual_alias_domains = yugi.us

I.e., delete relay_domains and make the above

virtual_alias_domains = yugi.us, mail.yugi.us

or maybe just

virtual_alias_domains = mail.yugi.us

> virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf, mysql:/etc/postfix/mysql_virtual_alias_domainaliases_maps.cf, hash:/var/lib/mailman/data/virtual-mailman

OK.

> virtual_gid_maps = static:8
> virtual_mailbox_base = /var/vmail
> virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
> virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf, mysql:/etc/postfix/mysql_virtual_mailbox_domainaliases_maps.cf
> virtual_transport = dovecot
> virtual_uid_maps = static:150

I don't know what you are actually trying to do with mail to
*@mail.yugi.us and *@yugi.us. I.e. which domain(s) have Mailman list
addresses and which do not.

But none of this Postfix stuff affects whether genaliases created
data/aliases(.db) and data/virtual-mailman(.db).

My best guess is you are running genaliases as a user that doesn't have
permission to write in Mailman's data/ directory.
-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From mark at msapiro.net  Thu Dec 15 19:17:44 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Thu, 15 Dec 2016 16:17:44 -0800
Subject: [Mailman-Users] bin/genaliases not generating aliases?
In-Reply-To: 
References: <91406040-CF32-4EF1-ACE3-D080A783EE80@samsi.us>

 <7876204F-9EA3-4EC9-9016-34DA9167148D@hotmail.com>

Message-ID: <3d6d286b-2e4d-ea2b-db92-40052a0db417@msapiro.net>

On 12/15/2016 04:13 PM, Mark Sapiro wrote:
> On 12/15/2016 03:35 PM, Caesar Samsi wrote:
> 
>> I have created the initial list mailman (sudo bin/newlist
>> --urlhost=www.yugi.us --emailhost=mail.yugi.us mailman)

> Have you created the 'mailman' list?. It must exist before you can start
> Mailman.

Sorry. Obviously that's what the above did. I was skimming to fast.

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From cmsamsi at hotmail.com  Thu Dec 15 19:36:04 2016
From: cmsamsi at hotmail.com (Caesar Samsi)
Date: Fri, 16 Dec 2016 00:36:04 +0000
Subject: [Mailman-Users] bin/genaliases not generating aliases?
In-Reply-To: 
References: <91406040-CF32-4EF1-ACE3-D080A783EE80@samsi.us>

 <7876204F-9EA3-4EC9-9016-34DA9167148D@hotmail.com>

Message-ID: <92243D3E-EDE3-4392-A45F-45F2786F308F@hotmail.com>

I ran genalias with sudo:
caesar at mail /usr/local/mailman $ sudo bin/genaliases
To finish creating your mailing list, you must edit your /etc/aliases (or
equivalent) file by adding the following lines, and possibly running the
`newaliases' program:

## mailman mailing list
mailman:              "|/usr/local/mailman/mail/mailman post mailman"
mailman-admin:        "|/usr/local/mailman/mail/mailman admin mailman"
mailman-bounces:      "|/usr/local/mailman/mail/mailman bounces mailman"
mailman-confirm:      "|/usr/local/mailman/mail/mailman confirm mailman"
mailman-join:         "|/usr/local/mailman/mail/mailman join mailman"
mailman-leave:        "|/usr/local/mailman/mail/mailman leave mailman"
mailman-owner:        "|/usr/local/mailman/mail/mailman owner mailman"
mailman-request:      "|/usr/local/mailman/mail/mailman request mailman"
mailman-subscribe:    "|/usr/local/mailman/mail/mailman subscribe mailman"
mailman-unsubscribe:  "|/usr/local/mailman/mail/mailman unsubscribe mailman?
caesar at mail /usr/local/mailman $ ls -l data
total 24
-rw-r--r-- 1 root    mailman    10 Dec 15 13:24 last_mailman_version
-rw-rw---- 1 mailman mailman     6 Dec 15 16:25 master-qrunner.pid
-rw-r--r-- 1 root    mailman 14100 Dec 15 13:24 sitelist.cfg

On Dec 15, 2016, at 4:13 PM, Mark Sapiro > wrote:

On 12/15/2016 03:35 PM, Caesar Samsi wrote:
I?ve attached postfix, mm_cfg.py, main.cf, and master.cf

And the list's content filtering remove all but postfix.txt which is
just as well, because 'postconf -n' and mm_cfg.py are all I wanted to
see anyway.

I have created the initial list mailman (sudo bin/newlist
--urlhost=www.yugi.us --emailhost=mail.yugi.us mailman)

Ran genaliases, still no aliases file in /usr/local/mailman/data.

What happened when you ran genaliases? Did it produce any output on your
terminal? If so, what? Did you run it via sudo as root or the Mailman
user ('list' in your case I think)?

Here's the relevant parts of mm_cfg.py and postconf -n with comments

mm_cfg.py

#-------------------------------------------------------------
# The name of the list Mailman uses to send password reminders
# and similar. Don't change if you want mailman-owner to be
# a valid local part.
MAILMAN_SITE_LIST = 'mailman'

Have you created the 'mailman' list?. It must exist before you can start
Mailman.

Yes.

...
#-------------------------------------------------------------
# Default domain for email addresses of newly created MLs
DEFAULT_EMAIL_HOST = 'mailyugi.us'

Missing a dot - ?mail.yugi.us'

Fixed

#-------------------------------------------------------------
# Default host for web interface of newly created MLs
DEFAULT_URL_HOST   = 'www.yugi.us'
#-------------------------------------------------------------
# Required when setting any of its arguments.
#add_virtualhost(DEFAULT_URL_HOST, DEFAULT_EMAIL_HOST)
add_virtualhost(DEFAULT_URL_HOST, DEFAULT_EMAIL_HOST)

#-------------------------------------------------------------
# The default language for this server.
DEFAULT_SERVER_LANGUAGE = 'en'

#-------------------------------------------------------------
# Iirc this was used in pre 2.1, leave it for now
USE_ENVELOPE_SENDER    = 0              # Still used?

Yes, it's used, but 0 (False) is the default anyway.

...
#-------------------------------------------------------------
# Uncomment if you use Postfix virtual domains (but not
# postfix-to-mailman.py), but be sure to see
# /usr/share/doc/mailman/README.Debian first.
MTA='Postfix'

OK

SMTPHOST = 'localhost'
SMTPPORT = 25

These are defaults anyway.

...
POSTFIX_STYLE_VIRTUAL_DOMAINS = ['yugi.us']

If you want to generate data/virtual-mailman for lists in the
mail.yugi.us email domain, this should be

POSTFIX_STYLE_VIRTUAL_DOMAINS = ['mail.yugi.us']

or

POSTFIX_STYLE_VIRTUAL_DOMAINS = ['yugi.us', 'mail.yugi.us']

if you want both.

postconf -n

alias_maps = hash:/etc/aliases,hash:/var/lib/mailman/data/aliases

OK

mydestination = localhost
myhostname = mail.yugi.us
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mynetworks_style = host
myorigin = /etc/hostname
readme_directory = no
recipient_delimiter = +
relay_domains = mail.yugi.us

mail.yugi.us should probably be a virtual_alias_domain, not a relay_domain.

...
virtual_alias_domains = yugi.us

I.e., delete relay_domains and make the above

virtual_alias_domains = yugi.us, mail.yugi.us

or maybe just

virtual_alias_domains = mail.yugi.us

virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf, mysql:/etc/postfix/mysql_virtual_alias_domainaliases_maps.cf, hash:/var/lib/mailman/data/virtual-mailman

OK.

virtual_gid_maps = static:8
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf, mysql:/etc/postfix/mysql_virtual_mailbox_domainaliases_maps.cf
virtual_transport = dovecot
virtual_uid_maps = static:150

I don't know what you are actually trying to do with mail to
*@mail.yugi.us and *@yugi.us. I.e. which domain(s) have Mailman list
addresses and which do not.

The intent is to have yugi.us be the mailman domain. So lists would be mymailinglist at yugi.us

mail.yugi.us just happens to be the mail server name.

But none of this Postfix stuff affects whether genaliases created
data/aliases(.db) and data/virtual-mailman(.db).

My best guess is you are running genaliases as a user that doesn't have
permission to write in Mailman's data/ directory.

I?m running it sudo ? sudo bin/genaliases

Are parameters required? or must it be run in a specific directory (but from the bin/ it seems to be run from /usr/local/mailman)

--
Mark Sapiro >        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From cmsamsi at hotmail.com  Thu Dec 15 19:37:54 2016
From: cmsamsi at hotmail.com (Caesar Samsi)
Date: Fri, 16 Dec 2016 00:37:54 +0000
Subject: [Mailman-Users] bin/genaliases not generating aliases?
In-Reply-To: <92243D3E-EDE3-4392-A45F-45F2786F308F@hotmail.com>
References: <91406040-CF32-4EF1-ACE3-D080A783EE80@samsi.us>

 <7876204F-9EA3-4EC9-9016-34DA9167148D@hotmail.com>

 <92243D3E-EDE3-4392-A45F-45F2786F308F@hotmail.com>
Message-ID: 

Also:
caesar at mail /usr/local/mailman $ ls -l
total 72
drwxrwsr-x  4 root mailman 4096 Dec 15 13:24 archives
drwxrwsr-x  2 root mailman 4096 Dec 15 13:24 bin
drwxrwsr-x  2 root mailman 4096 Dec 15 13:24 cgi-bin
drwxrwsr-x  2 root mailman 4096 Dec 15 13:24 cron
drwxrwsr-x  2 root mailman 4096 Dec 15 16:25 data
drwxrwsr-x  2 root mailman 4096 Dec 15 13:24 icons
drwxrwsr-x  3 root mailman 4096 Dec 15 13:48 lists
drwxrwsr-x  2 root mailman 4096 Dec 15 16:25 locks
drwxrwsr-x  2 root mailman 4096 Dec 15 14:52 logs
drwxrwsr-x  2 root mailman 4096 Dec 15 13:24 mail
drwxrwsr-x 11 root mailman 4096 Dec 15 13:24 Mailman
drwxrwsr-x 40 root mailman 4096 Dec 15 13:24 messages
drwxrwsr-x  2 root mailman 4096 Dec 15 13:24 pythonlib
drwxrwsr-x 11 root mailman 4096 Dec 15 14:52 qfiles
drwxrwsr-x  2 root mailman 4096 Dec 15 13:24 scripts
drwxrwsr-x  2 root mailman 4096 Dec 15 13:24 spam
drwxrwsr-x 41 root mailman 4096 Dec 15 13:24 templates
drwxrwsr-x  4 root mailman 4096 Dec 15 13:24 tests
On Dec 15, 2016, at 4:36 PM, Caesar Samsi > wrote:

I ran genalias with sudo:
caesar at mail /usr/local/mailman $ sudo bin/genaliases
To finish creating your mailing list, you must edit your /etc/aliases (or
equivalent) file by adding the following lines, and possibly running the
`newaliases' program:

## mailman mailing list
mailman:              "|/usr/local/mailman/mail/mailman post mailman"
mailman-admin:        "|/usr/local/mailman/mail/mailman admin mailman"
mailman-bounces:      "|/usr/local/mailman/mail/mailman bounces mailman"
mailman-confirm:      "|/usr/local/mailman/mail/mailman confirm mailman"
mailman-join:         "|/usr/local/mailman/mail/mailman join mailman"
mailman-leave:        "|/usr/local/mailman/mail/mailman leave mailman"
mailman-owner:        "|/usr/local/mailman/mail/mailman owner mailman"
mailman-request:      "|/usr/local/mailman/mail/mailman request mailman"
mailman-subscribe:    "|/usr/local/mailman/mail/mailman subscribe mailman"
mailman-unsubscribe:  "|/usr/local/mailman/mail/mailman unsubscribe mailman?
caesar at mail /usr/local/mailman $ ls -l data
total 24
-rw-r--r-- 1 root    mailman    10 Dec 15 13:24 last_mailman_version
-rw-rw---- 1 mailman mailman     6 Dec 15 16:25 master-qrunner.pid
-rw-r--r-- 1 root    mailman 14100 Dec 15 13:24 sitelist.cfg

On Dec 15, 2016, at 4:13 PM, Mark Sapiro > wrote:

On 12/15/2016 03:35 PM, Caesar Samsi wrote:
I?ve attached postfix, mm_cfg.py, main.cf, and master.cf

And the list's content filtering remove all but postfix.txt which is
just as well, because 'postconf -n' and mm_cfg.py are all I wanted to
see anyway.

I have created the initial list mailman (sudo bin/newlist
--urlhost=www.yugi.us --emailhost=mail.yugi.us mailman)

Ran genaliases, still no aliases file in /usr/local/mailman/data.

What happened when you ran genaliases? Did it produce any output on your
terminal? If so, what? Did you run it via sudo as root or the Mailman
user ('list' in your case I think)?

Here's the relevant parts of mm_cfg.py and postconf -n with comments

mm_cfg.py

#-------------------------------------------------------------
# The name of the list Mailman uses to send password reminders
# and similar. Don't change if you want mailman-owner to be
# a valid local part.
MAILMAN_SITE_LIST = 'mailman'

Have you created the 'mailman' list?. It must exist before you can start
Mailman.

Yes.

...
#-------------------------------------------------------------
# Default domain for email addresses of newly created MLs
DEFAULT_EMAIL_HOST = 'mailyugi.us'

Missing a dot - ?mail.yugi.us'

Fixed

#-------------------------------------------------------------
# Default host for web interface of newly created MLs
DEFAULT_URL_HOST   = 'www.yugi.us'
#-------------------------------------------------------------
# Required when setting any of its arguments.
#add_virtualhost(DEFAULT_URL_HOST, DEFAULT_EMAIL_HOST)
add_virtualhost(DEFAULT_URL_HOST, DEFAULT_EMAIL_HOST)

#-------------------------------------------------------------
# The default language for this server.
DEFAULT_SERVER_LANGUAGE = 'en'

#-------------------------------------------------------------
# Iirc this was used in pre 2.1, leave it for now
USE_ENVELOPE_SENDER    = 0              # Still used?

Yes, it's used, but 0 (False) is the default anyway.

...
#-------------------------------------------------------------
# Uncomment if you use Postfix virtual domains (but not
# postfix-to-mailman.py), but be sure to see
# /usr/share/doc/mailman/README.Debian first.
MTA='Postfix'

OK

SMTPHOST = 'localhost'
SMTPPORT = 25

These are defaults anyway.

...
POSTFIX_STYLE_VIRTUAL_DOMAINS = ['yugi.us']

If you want to generate data/virtual-mailman for lists in the
mail.yugi.us email domain, this should be

POSTFIX_STYLE_VIRTUAL_DOMAINS = ['mail.yugi.us']

or

POSTFIX_STYLE_VIRTUAL_DOMAINS = ['yugi.us', 'mail.yugi.us']

if you want both.

postconf -n

alias_maps = hash:/etc/aliases,hash:/var/lib/mailman/data/aliases

OK

mydestination = localhost
myhostname = mail.yugi.us
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mynetworks_style = host
myorigin = /etc/hostname
readme_directory = no
recipient_delimiter = +
relay_domains = mail.yugi.us

mail.yugi.us should probably be a virtual_alias_domain, not a relay_domain.

...
virtual_alias_domains = yugi.us

I.e., delete relay_domains and make the above

virtual_alias_domains = yugi.us, mail.yugi.us

or maybe just

virtual_alias_domains = mail.yugi.us

virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf, mysql:/etc/postfix/mysql_virtual_alias_domainaliases_maps.cf, hash:/var/lib/mailman/data/virtual-mailman

OK.

virtual_gid_maps = static:8
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf, mysql:/etc/postfix/mysql_virtual_mailbox_domainaliases_maps.cf
virtual_transport = dovecot
virtual_uid_maps = static:150

I don't know what you are actually trying to do with mail to
*@mail.yugi.us and *@yugi.us. I.e. which domain(s) have Mailman list
addresses and which do not.

The intent is to have yugi.us be the mailman domain. So lists would be mymailinglist at yugi.us

mail.yugi.us just happens to be the mail server name.

But none of this Postfix stuff affects whether genaliases created
data/aliases(.db) and data/virtual-mailman(.db).

My best guess is you are running genaliases as a user that doesn't have
permission to write in Mailman's data/ directory.

I?m running it sudo ? sudo bin/genaliases

Are parameters required? or must it be run in a specific directory (but from the bin/ it seems to be run from /usr/local/mailman)

--
Mark Sapiro >        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From cmsamsi at hotmail.com  Thu Dec 15 19:50:38 2016
From: cmsamsi at hotmail.com (Caesar Samsi)
Date: Fri, 16 Dec 2016 00:50:38 +0000
Subject: [Mailman-Users] bin/genaliases not generating aliases?
In-Reply-To: <3d6d286b-2e4d-ea2b-db92-40052a0db417@msapiro.net>
References: <91406040-CF32-4EF1-ACE3-D080A783EE80@samsi.us>

 <7876204F-9EA3-4EC9-9016-34DA9167148D@hotmail.com>

 <3d6d286b-2e4d-ea2b-db92-40052a0db417@msapiro.net>
Message-ID: 

Additional data, I?m running Linuxmint 18 Sarah

> On Dec 15, 2016, at 4:17 PM, Mark Sapiro  wrote:
> 
> On 12/15/2016 04:13 PM, Mark Sapiro wrote:
>> On 12/15/2016 03:35 PM, Caesar Samsi wrote:
>> 
>>> I have created the initial list mailman (sudo bin/newlist
>>> --urlhost=www.yugi.us --emailhost=mail.yugi.us mailman)
> 
> 
>> Have you created the 'mailman' list?. It must exist before you can start
>> Mailman.
> 
> 
> Sorry. Obviously that's what the above did. I was skimming to fast.
> 
> -- 
> Mark Sapiro         The highway is for gamblers,
> San Francisco Bay Area, California    better use your sense - B. Dylan
> ------------------------------------------------------
> Mailman-Users mailing list Mailman-Users at python.org
> https://mail.python.org/mailman/listinfo/mailman-users
> Mailman FAQ: http://wiki.list.org/x/AgA3
> Security Policy: http://wiki.list.org/x/QIA9
> Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
> Unsubscribe: https://mail.python.org/mailman/options/mailman-users/cmsamsi%40hotmail.com

From mark at msapiro.net  Thu Dec 15 20:04:15 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Thu, 15 Dec 2016 17:04:15 -0800
Subject: [Mailman-Users] bin/genaliases not generating aliases?
In-Reply-To: <92243D3E-EDE3-4392-A45F-45F2786F308F@hotmail.com>
References: <91406040-CF32-4EF1-ACE3-D080A783EE80@samsi.us>

 <7876204F-9EA3-4EC9-9016-34DA9167148D@hotmail.com>

 <92243D3E-EDE3-4392-A45F-45F2786F308F@hotmail.com>
Message-ID: <5774a2a1-19fa-7a0b-3e55-3f7dd023e3d9@msapiro.net>

On 12/15/2016 04:36 PM, Caesar Samsi wrote:
> I ran genalias with sudo:
> *caesar at mail* */usr/local/mailman $* sudo bin/genaliases
> To finish creating your mailing list, you must edit your /etc/aliases (or
> equivalent) file by adding the following lines, and possibly running the
> `newaliases' program:
> 
> ## mailman mailing list
> mailman:              "|/usr/local/mailman/mail/mailman post mailman"
> mailman-admin:        "|/usr/local/mailman/mail/mailman admin mailman"
> mailman-bounces:      "|/usr/local/mailman/mail/mailman bounces mailman"
> mailman-confirm:      "|/usr/local/mailman/mail/mailman confirm mailman"
> mailman-join:         "|/usr/local/mailman/mail/mailman join mailman"
> mailman-leave:        "|/usr/local/mailman/mail/mailman leave mailman"
> mailman-owner:        "|/usr/local/mailman/mail/mailman owner mailman"
> mailman-request:      "|/usr/local/mailman/mail/mailman request mailman"
> mailman-subscribe:    "|/usr/local/mailman/mail/mailman subscribe mailman"
> mailman-unsubscribe:  "|/usr/local/mailman/mail/mailman unsubscribe mailman?

And this output says there is no

MTA='Postfix'

in the mm_cfg.py that bin/genaliases is reading.

You probably have two different Mailman installations. One from the
Ubuntu package you initially installed and one from the 'scratch'
install you're trying to do now.

You are editing the mm_cfg.py from the Ubuntu package, not the one from
the source install.

It is unclear to me what you have done. In another thread, you say you
configured with --prefix=/var/lib/mailman, but you are now looking at
stuff in /usr/local/mailman.

You need to figure out what you are installing where and remove all
other residual Mailman stuff. In particular, nothing in /var/lib/mailman
or /usr/lib/mailman is relevant to this install which looks like it was
done with a straight './configure', not with

./configure --prefix=/var/lib/mailman --with-username=list
--with-groupname=list ...

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From cmsamsi at hotmail.com  Thu Dec 15 21:52:52 2016
From: cmsamsi at hotmail.com (Caesar Samsi)
Date: Fri, 16 Dec 2016 02:52:52 +0000
Subject: [Mailman-Users] bin/genaliases not generating aliases?
In-Reply-To: <5774a2a1-19fa-7a0b-3e55-3f7dd023e3d9@msapiro.net>
References: <91406040-CF32-4EF1-ACE3-D080A783EE80@samsi.us>

 <7876204F-9EA3-4EC9-9016-34DA9167148D@hotmail.com>

 <92243D3E-EDE3-4392-A45F-45F2786F308F@hotmail.com>
 <5774a2a1-19fa-7a0b-3e55-3f7dd023e3d9@msapiro.net>
Message-ID: <793DABDB-EEF0-4A81-BD2D-7114C7373FB9@hotmail.com>

The earlier attempt was to use a ubuntu package style ?prefix with ./configure. I?ve abandoned that and am now just using the mailman 2.1.23 tgz plain and simple:
./configure
make
sudo make install

The previously attached mm_cfg.py has MTA=Postfix ?

MTA='Postfix'
SMTPHOST = 'localhost'
SMTPPORT = 25

I?ve also searched (whereis and locate) the disk for virtual-mailman and virtual-mailman.db and did not find any.

Ah but if bin/genaliases is not reading my /etc/mailman/mm_cfg.py then what could it be reading?

Is there a debug output switch?

> On Dec 15, 2016, at 5:04 PM, Mark Sapiro  wrote:
> 
> On 12/15/2016 04:36 PM, Caesar Samsi wrote:
>> I ran genalias with sudo:
>> *caesar at mail* */usr/local/mailman $* sudo bin/genaliases
>> To finish creating your mailing list, you must edit your /etc/aliases (or
>> equivalent) file by adding the following lines, and possibly running the
>> `newaliases' program:
>> 
>> ## mailman mailing list
>> mailman:              "|/usr/local/mailman/mail/mailman post mailman"
>> mailman-admin:        "|/usr/local/mailman/mail/mailman admin mailman"
>> mailman-bounces:      "|/usr/local/mailman/mail/mailman bounces mailman"
>> mailman-confirm:      "|/usr/local/mailman/mail/mailman confirm mailman"
>> mailman-join:         "|/usr/local/mailman/mail/mailman join mailman"
>> mailman-leave:        "|/usr/local/mailman/mail/mailman leave mailman"
>> mailman-owner:        "|/usr/local/mailman/mail/mailman owner mailman"
>> mailman-request:      "|/usr/local/mailman/mail/mailman request mailman"
>> mailman-subscribe:    "|/usr/local/mailman/mail/mailman subscribe mailman"
>> mailman-unsubscribe:  "|/usr/local/mailman/mail/mailman unsubscribe mailman?
> 
> 
> And this output says there is no
> 
> MTA='Postfix'
> 
> in the mm_cfg.py that bin/genaliases is reading.
> 
> You probably have two different Mailman installations. One from the
> Ubuntu package you initially installed and one from the 'scratch'
> install you're trying to do now.
> 
> You are editing the mm_cfg.py from the Ubuntu package, not the one from
> the source install.
> 
> It is unclear to me what you have done. In another thread, you say you
> configured with --prefix=/var/lib/mailman, but you are now looking at
> stuff in /usr/local/mailman.
> 
> You need to figure out what you are installing where and remove all
> other residual Mailman stuff. In particular, nothing in /var/lib/mailman
> or /usr/lib/mailman is relevant to this install which looks like it was
> done with a straight './configure', not with
> 
> ./configure --prefix=/var/lib/mailman --with-username=list
> --with-groupname=list ...
> 
> -- 
> Mark Sapiro         The highway is for gamblers,
> San Francisco Bay Area, California    better use your sense - B. Dylan

From mark at msapiro.net  Thu Dec 15 23:01:33 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Thu, 15 Dec 2016 20:01:33 -0800
Subject: [Mailman-Users] bin/genaliases not generating aliases?
In-Reply-To: <793DABDB-EEF0-4A81-BD2D-7114C7373FB9@hotmail.com>
References: <91406040-CF32-4EF1-ACE3-D080A783EE80@samsi.us>

 <7876204F-9EA3-4EC9-9016-34DA9167148D@hotmail.com>

 <92243D3E-EDE3-4392-A45F-45F2786F308F@hotmail.com>
 <5774a2a1-19fa-7a0b-3e55-3f7dd023e3d9@msapiro.net>
 <793DABDB-EEF0-4A81-BD2D-7114C7373FB9@hotmail.com>
Message-ID: 

On 12/15/2016 06:52 PM, Caesar Samsi wrote:
> The earlier attempt was to use a ubuntu package style ?prefix with ./configure. I?ve abandoned that and am now just using the mailman 2.1.23 tgz plain and simple:
> ./configure
> make
> sudo make install
> 
> The previously attached mm_cfg.py has MTA=Postfix ?
> 
> MTA='Postfix'

Yes, but is that in /usr/local/mailman/Mailman/mm_cfg.py, or somewhere else?

> SMTPHOST = 'localhost'
> SMTPPORT = 25
> 
> I?ve also searched (whereis and locate) the disk for virtual-mailman and virtual-mailman.db and did not find any.

When genaliases creates them, which it hasn't, they will be in
/usr/local/mailman/data/.

> Ah but if bin/genaliases is not reading my /etc/mailman/mm_cfg.py then what could it be reading?

It is reading /usr/local/mailman/Mailman/mm_cfg.py. Is that the one
you're looking at?

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From cmsamsi at hotmail.com  Thu Dec 15 23:26:13 2016
From: cmsamsi at hotmail.com (Caesar Samsi)
Date: Fri, 16 Dec 2016 04:26:13 +0000
Subject: [Mailman-Users] bin/genaliases not generating aliases?
In-Reply-To: 
References: <91406040-CF32-4EF1-ACE3-D080A783EE80@samsi.us>

 <7876204F-9EA3-4EC9-9016-34DA9167148D@hotmail.com>

 <92243D3E-EDE3-4392-A45F-45F2786F308F@hotmail.com>
 <5774a2a1-19fa-7a0b-3e55-3f7dd023e3d9@msapiro.net>
 <793DABDB-EEF0-4A81-BD2D-7114C7373FB9@hotmail.com>

Message-ID: <6364A344-CFB7-429A-800B-56C8057E2098@hotmail.com>

The mm_cfg.py is in /etc/mailman

> On Dec 15, 2016, at 8:01 PM, Mark Sapiro  wrote:
> 
> On 12/15/2016 06:52 PM, Caesar Samsi wrote:
>> The earlier attempt was to use a ubuntu package style ?prefix with ./configure. I?ve abandoned that and am now just using the mailman 2.1.23 tgz plain and simple:
>> ./configure
>> make
>> sudo make install
>> 
>> The previously attached mm_cfg.py has MTA=Postfix ?
>> 
>> MTA='Postfix'
> 
> Yes, but is that in /usr/local/mailman/Mailman/mm_cfg.py, or somewhere else?
> 
> 
>> SMTPHOST = 'localhost'
>> SMTPPORT = 25
>> 
>> I?ve also searched (whereis and locate) the disk for virtual-mailman and virtual-mailman.db and did not find any.
> 
> 
> When genaliases creates them, which it hasn't, they will be in
> /usr/local/mailman/data/.
> 
> 
>> Ah but if bin/genaliases is not reading my /etc/mailman/mm_cfg.py then what could it be reading?
> 
> 
> It is reading /usr/local/mailman/Mailman/mm_cfg.py. Is that the one
> you're looking at?
> 
> -- 
> Mark Sapiro         The highway is for gamblers,
> San Francisco Bay Area, California    better use your sense - B. Dylan

From mark at msapiro.net  Thu Dec 15 23:31:25 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Thu, 15 Dec 2016 20:31:25 -0800
Subject: [Mailman-Users] bin/genaliases not generating aliases?
In-Reply-To: <6364A344-CFB7-429A-800B-56C8057E2098@hotmail.com>
References: <91406040-CF32-4EF1-ACE3-D080A783EE80@samsi.us>

 <7876204F-9EA3-4EC9-9016-34DA9167148D@hotmail.com>

 <92243D3E-EDE3-4392-A45F-45F2786F308F@hotmail.com>
 <5774a2a1-19fa-7a0b-3e55-3f7dd023e3d9@msapiro.net>
 <793DABDB-EEF0-4A81-BD2D-7114C7373FB9@hotmail.com>

 <6364A344-CFB7-429A-800B-56C8057E2098@hotmail.com>
Message-ID: <4504ef96-3187-5729-c84e-d9625f14344b@msapiro.net>

On 12/15/2016 08:26 PM, Caesar Samsi wrote:
> The mm_cfg.py is in /etc/mailman

Which is the one from the Debian/Ubuntu package, not the one that your
latest install is using.

The one you need to put your settings in is
/usr/local/mailman/Mailman/mm_cfg.py.

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From cmsamsi at hotmail.com  Thu Dec 15 23:33:04 2016
From: cmsamsi at hotmail.com (Caesar Samsi)
Date: Fri, 16 Dec 2016 04:33:04 +0000
Subject: [Mailman-Users] bin/genaliases not generating aliases?
In-Reply-To: <4504ef96-3187-5729-c84e-d9625f14344b@msapiro.net>
References: <91406040-CF32-4EF1-ACE3-D080A783EE80@samsi.us>

 <7876204F-9EA3-4EC9-9016-34DA9167148D@hotmail.com>

 <92243D3E-EDE3-4392-A45F-45F2786F308F@hotmail.com>
 <5774a2a1-19fa-7a0b-3e55-3f7dd023e3d9@msapiro.net>
 <793DABDB-EEF0-4A81-BD2D-7114C7373FB9@hotmail.com>

 <6364A344-CFB7-429A-800B-56C8057E2098@hotmail.com>
 <4504ef96-3187-5729-c84e-d9625f14344b@msapiro.net>
Message-ID: 

Yeah, in the ubuntu package the file was in /etc/mailman so I thought installing from scratch it would be there too!

I will try in your location now.

> On Dec 15, 2016, at 8:31 PM, Mark Sapiro  wrote:
> 
> On 12/15/2016 08:26 PM, Caesar Samsi wrote:
>> The mm_cfg.py is in /etc/mailman
> 
> 
> Which is the one from the Debian/Ubuntu package, not the one that your
> latest install is using.
> 
> The one you need to put your settings in is
> /usr/local/mailman/Mailman/mm_cfg.py.
> 
> -- 
> Mark Sapiro         The highway is for gamblers,
> San Francisco Bay Area, California    better use your sense - B. Dylan

From covici at ccs.covici.com  Fri Dec 16 01:48:58 2016
From: covici at ccs.covici.com (John Covici)
Date: Fri, 16 Dec 2016 01:48:58 -0500
Subject: [Mailman-Users] cgi wrappers not properly executing
Message-ID: 

Hi.  I am using mailman 2.1.23 on a gentoo system.  I run in to the
following problem:

When I try to do anything on the web, I get permission denied error on
/var/lib/mailman/logs/error  .  If I then make that file world
read/write, I get permission denied error on config.pck of the list I
am trying to access.

Now, everything under /var/lib/mailman is owned by mailman.mailman and
the cgi wrappers are all like the following:
-rwxr-sr-x 1 mailman mailman 10512 Nov 16 12:45
/usr/lib/mailman/cgi-bin/admin

Check_perms says no problems.

I am using apache 2.4.23 and here is what loads with mailman
ScriptAlias /mailman/ "/usr/lib/mailman/cgi-bin/"

	Options +execcgi
require all granted

Alias /pipermail/ "/var/lib/mailman/archives/public/"

	AllowOverride None
	Options ExecCGI FollowSymLinks
require all granted

#namevirtualhost lists.ccs.covici.com

DocumentRoot /var/www
ServerName lists
     ServerAlias lists.*
     UseCanonicalName Off
     ScriptAlias /mailman/ /usr/lib/mailman/cgi-bin/
     Alias /icons/ /usr/lib/mailman/icons/
     Alias /pipermail/ /var/lib/mailman/archives/public/

          Options FollowSymLinks

	Options +execcgi
require all granted

Any assistance will be greatly appreciated.

-- 
Your life is like a penny.  You're going to lose it.  The question is:
How do
you spend it?

         John Covici
         covici at ccs.covici.com

From mark at msapiro.net  Fri Dec 16 11:10:00 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Fri, 16 Dec 2016 08:10:00 -0800
Subject: [Mailman-Users] cgi wrappers not properly executing
In-Reply-To: 
References: 
Message-ID: <10a29440-cd31-8ca0-f153-d393603d79df@msapiro.net>

On 12/15/2016 10:48 PM, John Covici wrote:
> 
> When I try to do anything on the web, I get permission denied error on
> /var/lib/mailman/logs/error  .  If I then make that file world
> read/write, I get permission denied error on config.pck of the list I
> am trying to access.
> 
> Now, everything under /var/lib/mailman is owned by mailman.mailman and
> the cgi wrappers are all like the following:
> -rwxr-sr-x 1 mailman mailman 10512 Nov 16 12:45
> /usr/lib/mailman/cgi-bin/admin

Probably the file system containing /usr/lib/mailman/cgi-bin/ is mounted
with the 'nosuid' option so the SETGID bit on the wrapper is not effective.

You could work around this by changing the ownership of everything to
webuser:mailman where webuser is the user the web server runs the CGIs
as, but better to mount the filsystem suid.

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From bsfinkel at att.net  Fri Dec 16 11:52:45 2016
From: bsfinkel at att.net (Barry S. Finkel)
Date: Fri, 16 Dec 2016 10:52:45 -0600
Subject: [Mailman-Users] bin/genaliases not generating aliases?
In-Reply-To: 
References: <91406040-CF32-4EF1-ACE3-D080A783EE80@samsi.us>

 <7876204F-9EA3-4EC9-9016-34DA9167148D@hotmail.com>

 <92243D3E-EDE3-4392-A45F-45F2786F308F@hotmail.com>
 <5774a2a1-19fa-7a0b-3e55-3f7dd023e3d9@msapiro.net>
 <793DABDB-EEF0-4A81-BD2D-7114C7373FB9@hotmail.com>

 <6364A344-CFB7-429A-800B-56C8057E2098@hotmail.com>
 <4504ef96-3187-5729-c84e-d9625f14344b@msapiro.net>

Message-ID: <8973e476-b600-2b71-3756-e6494d3ef016@att.net>

>> On Dec 15, 2016, at 8:31 PM, Mark Sapiro  wrote:
>>
>> On 12/15/2016 08:26 PM, Caesar Samsi wrote:
>>> The mm_cfg.py is in /etc/mailman
>>
>>
>> Which is the one from the Debian/Ubuntu package, not the one that your
>> latest install is using.
>>
>> The one you need to put your settings in is
>> /usr/local/mailman/Mailman/mm_cfg.py.
>>
>> --
>> Mark Sapiro         The highway is for gamblers,
>> San Francisco Bay Area, California    better use your sense - B. Dylan

On 12/15/2016 10:33 PM, Caesar Samsi wrote:
 > Yeah, in the ubuntu package the file was in /etc/mailman so I thought 
installing from scratch it would be there too!
 >
 > I will try in your location now.

As I have written before, one can easily create a Debian/Ubuntu package
for Mailman 2.x based on the SourceForge source.  Contact me for
details.  This will install Mailman in the directories that
Debian/Ubuntu uses, and I assume that installing the package will
overwrite any existing Debian/Ubuntu installation.

--Barry Finkel

From covici at ccs.covici.com  Fri Dec 16 12:20:40 2016
From: covici at ccs.covici.com (John Covici)
Date: Fri, 16 Dec 2016 12:20:40 -0500
Subject: [Mailman-Users] cgi wrappers not properly executing
In-Reply-To: <10a29440-cd31-8ca0-f153-d393603d79df@msapiro.net>
References: 
 <10a29440-cd31-8ca0-f153-d393603d79df@msapiro.net>
Message-ID: 

On Fri, 16 Dec 2016 11:10:00 -0500,
Mark Sapiro wrote:
> 
> On 12/15/2016 10:48 PM, John Covici wrote:
> > 
> > When I try to do anything on the web, I get permission denied error on
> > /var/lib/mailman/logs/error  .  If I then make that file world
> > read/write, I get permission denied error on config.pck of the list I
> > am trying to access.
> > 
> > Now, everything under /var/lib/mailman is owned by mailman.mailman and
> > the cgi wrappers are all like the following:
> > -rwxr-sr-x 1 mailman mailman 10512 Nov 16 12:45
> > /usr/lib/mailman/cgi-bin/admin
> 
> 
> Probably the file system containing /usr/lib/mailman/cgi-bin/ is mounted
> with the 'nosuid' option so the SETGID bit on the wrapper is not effective.
> 
> You could work around this by changing the ownership of everything to
> webuser:mailman where webuser is the user the web server runs the CGIs
> as, but better to mount the filsystem suid.

hmmm, the file system is mounted normally like this:
rpool/usr on /usr type zfs (rw,relatime,xattr,noacl)
and I verified that its capable of setting the bit according to its
properties.

-- 
Your life is like a penny.  You're going to lose it.  The question is:
How do
you spend it?

         John Covici
         covici at ccs.covici.com

From mark at msapiro.net  Fri Dec 16 12:37:13 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Fri, 16 Dec 2016 09:37:13 -0800
Subject: [Mailman-Users] bin/genaliases not generating aliases?
In-Reply-To: <8973e476-b600-2b71-3756-e6494d3ef016@att.net>
References: <91406040-CF32-4EF1-ACE3-D080A783EE80@samsi.us>

 <7876204F-9EA3-4EC9-9016-34DA9167148D@hotmail.com>

 <92243D3E-EDE3-4392-A45F-45F2786F308F@hotmail.com>
 <5774a2a1-19fa-7a0b-3e55-3f7dd023e3d9@msapiro.net>
 <793DABDB-EEF0-4A81-BD2D-7114C7373FB9@hotmail.com>

 <6364A344-CFB7-429A-800B-56C8057E2098@hotmail.com>
 <4504ef96-3187-5729-c84e-d9625f14344b@msapiro.net>

 <8973e476-b600-2b71-3756-e6494d3ef016@att.net>
Message-ID: <9f7c233a-327a-d122-5117-4096cf5dca76@msapiro.net>

On 12/16/2016 08:52 AM, Barry S. Finkel wrote:
> 
> As I have written before, one can easily create a Debian/Ubuntu package
> for Mailman 2.x based on the SourceForge source.  Contact me for
> details.  This will install Mailman in the directories that
> Debian/Ubuntu uses, and I assume that installing the package will
> overwrite any existing Debian/Ubuntu installation.

Thanks Barry.

Also note there is an article at  that
discusses how to upgrade the Debian/Ubuntu package from source.

Also note that there is a current (2.1.23) Ubuntu Mailman package at
 with links to the .deb for
all supported architectures and similarly for Debian at
.

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From mark at msapiro.net  Fri Dec 16 13:04:50 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Fri, 16 Dec 2016 10:04:50 -0800
Subject: [Mailman-Users] cgi wrappers not properly executing
In-Reply-To: 
References: 
 <10a29440-cd31-8ca0-f153-d393603d79df@msapiro.net>

Message-ID: <2ead32b3-2032-257b-e65e-951becf288a0@msapiro.net>

On 12/16/2016 09:20 AM, John Covici wrote:
> 
> hmmm, the file system is mounted normally like this:
> rpool/usr on /usr type zfs (rw,relatime,xattr,noacl)
> and I verified that its capable of setting the bit according to its
> properties.

Then the CGIs are running as effective group mailman which should have
permission.

Is this a SELinux or other security manager issue? see

Is anything written to mailman's error log after you made it world writable?

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From cmsamsi at hotmail.com  Fri Dec 16 13:26:28 2016
From: cmsamsi at hotmail.com (Caesar Samsi)
Date: Fri, 16 Dec 2016 18:26:28 +0000
Subject: [Mailman-Users] bin/genaliases not generating aliases?
In-Reply-To: <9f7c233a-327a-d122-5117-4096cf5dca76@msapiro.net>
References: <91406040-CF32-4EF1-ACE3-D080A783EE80@samsi.us>

 <7876204F-9EA3-4EC9-9016-34DA9167148D@hotmail.com>

 <92243D3E-EDE3-4392-A45F-45F2786F308F@hotmail.com>
 <5774a2a1-19fa-7a0b-3e55-3f7dd023e3d9@msapiro.net>
 <793DABDB-EEF0-4A81-BD2D-7114C7373FB9@hotmail.com>

 <6364A344-CFB7-429A-800B-56C8057E2098@hotmail.com>
 <4504ef96-3187-5729-c84e-d9625f14344b@msapiro.net>

 <8973e476-b600-2b71-3756-e6494d3ef016@att.net>,
 <9f7c233a-327a-d122-5117-4096cf5dca76@msapiro.net>
Message-ID: 

Well this certainly might make it easier for me. I'll give the package a try.

Thank you.

Sent from my Samsung Tablet

Mark Sapiro  wrote:
On 12/16/2016 08:52 AM, Barry S. Finkel wrote:
>
> As I have written before, one can easily create a Debian/Ubuntu package
> for Mailman 2.x based on the SourceForge source.  Contact me for
> details.  This will install Mailman in the directories that
> Debian/Ubuntu uses, and I assume that installing the package will
> overwrite any existing Debian/Ubuntu installation.

Thanks Barry.

Also note there is an article at  that
discusses how to upgrade the Debian/Ubuntu package from source.

Also note that there is a current (2.1.23) Ubuntu Mailman package at
 with links to the .deb for
all supported architectures and similarly for Debian at
.

--
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan
------------------------------------------------------
Mailman-Users mailing list Mailman-Users at python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: https://mail.python.org/mailman/options/mailman-users/cmsamsi%40hotmail.com

From covici at ccs.covici.com  Fri Dec 16 14:17:08 2016
From: covici at ccs.covici.com (John Covici)
Date: Fri, 16 Dec 2016 14:17:08 -0500
Subject: [Mailman-Users] cgi wrappers not properly executing
In-Reply-To: <2ead32b3-2032-257b-e65e-951becf288a0@msapiro.net>
References: 
 <10a29440-cd31-8ca0-f153-d393603d79df@msapiro.net>

 <2ead32b3-2032-257b-e65e-951becf288a0@msapiro.net>
Message-ID: 

On Fri, 16 Dec 2016 13:04:50 -0500,
Mark Sapiro wrote:
> 
> On 12/16/2016 09:20 AM, John Covici wrote:
> > 
> > hmmm, the file system is mounted normally like this:
> > rpool/usr on /usr type zfs (rw,relatime,xattr,noacl)
> > and I verified that its capable of setting the bit according to its
> > properties.
> 
> 
> Then the CGIs are running as effective group mailman which should have
> permission.
> 
> Is this a SELinux or other security manager issue? see
> 
> 
> Is anything written to mailman's error log after you made it world writable?

When I did that, I got permission errors on the config.pck of the list
since I was doing  http://lists.ccs.covici.com/mailman/admin/
so the only way I was able to proceed was to either make the whole
tree rw, or make it owned by apache, but I was hoping for a better
solution.  I wonder if there is some apache config I have wrong which
is making the cgi's not execut properly?

-- 
Your life is like a penny.  You're going to lose it.  The question is:
How do
you spend it?

         John Covici
         covici at ccs.covici.com

From mark at msapiro.net  Fri Dec 16 15:25:04 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Fri, 16 Dec 2016 12:25:04 -0800
Subject: [Mailman-Users] cgi wrappers not properly executing
In-Reply-To: 
References: 
 <10a29440-cd31-8ca0-f153-d393603d79df@msapiro.net>

 <2ead32b3-2032-257b-e65e-951becf288a0@msapiro.net>

Message-ID: 

On 12/16/2016 11:17 AM, John Covici wrote:
> On Fri, 16 Dec 2016 13:04:50 -0500,
> Mark Sapiro wrote:
>>
>> Is anything written to mailman's error log after you made it world writable?
> 
> When I did that, I got permission errors on the config.pck of the list
> since I was doing  http://lists.ccs.covici.com/mailman/admin/

I understand that you said that. I am curious if anything was written to
Mailman's error log and if so, what?

> so the only way I was able to proceed was to either make the whole
> tree rw, or make it owned by apache, but I was hoping for a better
> solution.  I wonder if there is some apache config I have wrong which
> is making the cgi's not execut properly?

Making the whole tree owned by apache is a workaround, and I understand
you want it to work as it should, so let's keep trying.

Do you have any security manager such as SELinux enabled? If so, try
disabling it and see if that helps.

There is also a mail wrapper, probably /usr/lib/mailman/mail/mailman. It
is also group mailman and SETGID and is used by the MTA's aliases to
pipe mail to Mailman. It's tricky because depending on your MTA and how
it executes a pipe for local delivery, it may already be running the
pipe as group mailman, but if not, the SETGID functionality is required
for it to work.

So the first question is how is the MTA delivering to Mailman? E.g. if
it is Postfix and Mailman's aliases are in an alias.db file owned by
mailman, the SETGID isn't needed and successful mail delivery doesn't
prove it works for this, but otherwise successful mail delivery may
prove SETGID works for this file and the question becomes what is
different about Apache and the CGIs.

As far as Apache is concerned, All I'm aware of is suEXEC. If you have
suEXEC enabled, see ,
but as far as I know, suEXEC won't interfere with SETGID on the mailman
CGI wrappers; a suEXEC problem will just prevent the CGI wrapper from
being run at all.

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From lists at florian-berger.de  Sat Dec 17 04:31:40 2016
From: lists at florian-berger.de (Florian Berger)
Date: Sat, 17 Dec 2016 10:31:40 +0100
Subject: [Mailman-Users] Does changing MX impact Mailman 2.1 processing?
Message-ID: <1221b0a6-d082-7190-ec2f-bbf3375868cf@florian-berger.de>

Hi!

My email + mailman provider had a server crash and is migrating all mail
services to a different hardware. There is a temporary SMTP server up
collecting incoming mail, but they are held and not propagated until the
whole system runs again.

Since that timeframe is unknown, I am thinking about pointing the MX
record for the affected domain to an own cold-standby backup server.

Question: will the Mailman 2.1 on the old system, once fed with the
already accepted mails, correctly deliver these to the recipients *even*
if the list domain's MX record points somewhere else?

I.e. is Mailman 2.1 in any way dependent on DNS MX record resolving of
its own domain *after* mail has already been accepted my an MTA?

(I do not know the details of the Mailman installation, and my provider
should be the first to be asked, and I did. I'd still value a
shot-in-the-dark third opinion.)

Thanks,

    Florian

From mark at msapiro.net  Sat Dec 17 12:33:39 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Sat, 17 Dec 2016 09:33:39 -0800
Subject: [Mailman-Users] Does changing MX impact Mailman 2.1 processing?
In-Reply-To: <1221b0a6-d082-7190-ec2f-bbf3375868cf@florian-berger.de>
References: <1221b0a6-d082-7190-ec2f-bbf3375868cf@florian-berger.de>
Message-ID: <0858796c-6695-dfb7-768e-597688086fbe@msapiro.net>

On 12/17/2016 01:31 AM, Florian Berger wrote:
> 
> Question: will the Mailman 2.1 on the old system, once fed with the
> already accepted mails, correctly deliver these to the recipients *even*
> if the list domain's MX record points somewhere else?
> 
> I.e. is Mailman 2.1 in any way dependent on DNS MX record resolving of
> its own domain *after* mail has already been accepted my an MTA?

As far as Mailman itself is concerned, it is not affected by any DNS
records. If the mail gets to Mailman, it will be processed the same
regardless of how it got there.

It is possible that there will be issues with mail delivery depending on
how Mailman delivers outgoing mail. This would depend on the MTA that it
is delivering to and what mail acceptance checks that MTA does.

This is not likely to be an issue if Mailman is delivering to an MTA on
localhost.

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From geek at uniserve.com  Sat Dec 17 13:06:19 2016
From: geek at uniserve.com (Dave Stevens)
Date: Sat, 17 Dec 2016 10:06:19 -0800
Subject: [Mailman-Users] logfiles description
Message-ID: <20161217100619.130c0abc@user-Satellite-A100>

I see logfiles in /var/log/mailman/en but it isn't obvious (or not
obvious enough anyway) what they all do. The wiki doesn't appear to
describe them, can anyone refer me?

D

-- 
Reporter to Mahatma Ghandi after his tour of east London
"What do you think of western civilization, Mr. Ghandi?"
Ghandi - "I think it would be an excellent idea!"

From mark at msapiro.net  Sat Dec 17 13:54:42 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Sat, 17 Dec 2016 10:54:42 -0800
Subject: [Mailman-Users] logfiles description
In-Reply-To: <20161217100619.130c0abc@user-Satellite-A100>
References: <20161217100619.130c0abc@user-Satellite-A100>
Message-ID: <5c6e78bd-6e4c-b4b3-9df7-50bc9899e19f@msapiro.net>

On 12/17/2016 10:06 AM, Dave Stevens wrote:
> 
> I see logfiles in /var/log/mailman/en but it isn't obvious (or not
> obvious enough anyway) what they all do. The wiki doesn't appear to
> describe them, can anyone refer me?

What Mailman package is this?

In a default source install, Mailman's log files are in
/usr/local/mailman/logs/ or in logs/ in the 'var_prefix' directory.

Some packages put them in /var/log/mailman/. I've never seen them in
/var/log/mailman/en/.

The logs Mailman writes are:

bounce - information related to automated bounce processing
error - information and tracebacks from unanticipated exceptions
        and other error info.
fromusenet - information about the mail<->news gateway
locks - information about lockfile anomalies
mischief - information about unpermitted actions such as login
           failures for lists with private rosters as these can
           be attempts to fish for list membership.
post - information about delivered posts
qrunner - qrunner start/stop and other status messages
smtp - all Mailman's outgoing smtp sessions
smtp-failure - failed outgoing smtp transactions
subscribe - information about (un)subscriptions
vette - information about things held for moderator approval
        and other similar events.

I just added  to the wiki with this info.

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From geek at uniserve.com  Sat Dec 17 14:16:37 2016
From: geek at uniserve.com (Dave Stevens)
Date: Sat, 17 Dec 2016 11:16:37 -0800
Subject: [Mailman-Users] logfiles description
In-Reply-To: <5c6e78bd-6e4c-b4b3-9df7-50bc9899e19f@msapiro.net>
References: <20161217100619.130c0abc@user-Satellite-A100>
 <5c6e78bd-6e4c-b4b3-9df7-50bc9899e19f@msapiro.net>
Message-ID: <20161217111637.459dc2f3@user-Satellite-A100>

On Sat, 17 Dec 2016 10:54:42 -0800
Mark Sapiro  wrote:

> On 12/17/2016 10:06 AM, Dave Stevens wrote:
> > 
> > I see logfiles in /var/log/mailman/en but it isn't obvious (or not
> > obvious enough anyway) what they all do. The wiki doesn't appear to
> > describe them, can anyone refer me?
> 
> 
> 
> What Mailman package is this?

I'm using virtualmin pro as a site admin and mailman is implemented as
a webmin plugin. See here:

http://www.webmin.com/plugins.html

In the plugins page in Virtualmin is a config page that allows path
configuration. 

> 
> In a default source install, Mailman's log files are in
> /usr/local/mailman/logs/ or in logs/ in the 'var_prefix' directory.
> 
> Some packages put them in /var/log/mailman/. I've never seen them in
> /var/log/mailman/en/.

mea culpa, not in ../en just in /var/log/mailman as you said

> 
> The logs Mailman writes are:
> 
> bounce - information related to automated bounce processing
> error - information and tracebacks from unanticipated exceptions
>         and other error info.
> fromusenet - information about the mail<->news gateway
> locks - information about lockfile anomalies
> mischief - information about unpermitted actions such as login
>            failures for lists with private rosters as these can
>            be attempts to fish for list membership.
> post - information about delivered posts
> qrunner - qrunner start/stop and other status messages
> smtp - all Mailman's outgoing smtp sessions
> smtp-failure - failed outgoing smtp transactions
> subscribe - information about (un)subscriptions
> vette - information about things held for moderator approval
>         and other similar events.
> 
> I just added  to the wiki with this
> info.
> 

good, thanks!

D

-- 
Reporter to Mahatma Ghandi after his tour of east London
"What do you think of western civilization, Mr. Ghandi?"
Ghandi - "I think it would be an excellent idea!"

From sim at simonliebold.de  Sun Dec 18 09:12:39 2016
From: sim at simonliebold.de (Sim)
Date: Sun, 18 Dec 2016 15:12:39 +0100
Subject: [Mailman-Users] Mailman3: HTTP-500, create_http_method_map(resource,
 None, None) ?
Message-ID: 

Hello List,

I was following the
[mailman-bundler](https://gitlab.com/mailman/mailman-bundler/)
installation instructions. After starting Django for the first time
(before changes to the Postfix configuration and without any
pre-existing lists) I received an HTTP-500 from
http://127.0.0.1:8000/mailman3.

Traceback (most recent call last):
  File "/usr/lib/python3.4/wsgiref/handlers.py", line 137, in run
    self.result = application(self.environ, self.start_response)
  File
"/opt/mailman/mailman-bundler/venv-3.4/lib/python3.4/site-packages/mailman/database/transaction.py",
line 57, in wrapper
    rtn = function(*args, **kws)
  File
"/opt/mailman/mailman-bundler/venv-3.4/lib/python3.4/site-packages/mailman/rest/wsgiapp.py",
line 65, in __call__
    environ, start_response)
  File
"/opt/mailman/mailman-bundler/venv-3.4/lib/python3.4/site-packages/falcon/api.py",
line 180, in __call__
    responder, params, resource = self._get_responder(req)
  File
"/opt/mailman/mailman-bundler/venv-3.4/lib/python3.4/site-packages/mailman/rest/wsgiapp.py",
line 135, in _get_responder
    method_map = create_http_method_map(resource, None, None)
TypeError: create_http_method_map() takes 1 positional argument but 3
were given
ERROR Internal Server Error: /mailman3/

To make it work I changed In file
venv-3.4/lib/python3.4/site-packages/mailman/rest/wsgiapp.py:

method_map = create_http_method_map(resource, None, None)
into
method_map = create_http_method_map(resource)

Is this a bug or should I have created an initial list from the command
line (similar to Mailman 2) before accessing this page?

Simon

From support at aedeba.org  Sat Dec 17 11:00:57 2016
From: support at aedeba.org (support at aedeba.org)
Date: Sat, 17 Dec 2016 10:00:57 -0600
Subject: [Mailman-Users] Malfunction of our mailing list
Message-ID: 

Hello everyone.
The normal operation of our mailing list was such that when you post a 
message, you get yourself a copy of the message. Currently, when you 
post a message, you receive no copies. You do not know if the members 
got the message.
Can you help me? Please

Andre DZEUGANG

From mark at msapiro.net  Sun Dec 18 11:44:40 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Sun, 18 Dec 2016 08:44:40 -0800
Subject: [Mailman-Users] Malfunction of our mailing list
In-Reply-To: 
References: 
Message-ID: <29816d02-8fd1-3028-8abf-5fcbcf2255dc@msapiro.net>

On 12/17/2016 08:00 AM, support at aedeba.org wrote:
>
> The normal operation of our mailing list was such that when you post a
> message, you get yourself a copy of the message. Currently, when you
> post a message, you receive no copies. You do not know if the members
> got the message.

If the user's who don't receive their own posts are gmail/googlemail
users, see .

Also, I have seen cases of AOL rejecting its users own posts.

Otherwise, look at the web admin membership list to see that the
poster's 'not metoo' option is unchecked and also look at the Default
options for new members joining this list on the General Options page.

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From mark at msapiro.net  Sun Dec 18 11:50:40 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Sun, 18 Dec 2016 08:50:40 -0800
Subject: [Mailman-Users] Mailman3: HTTP-500,
 create_http_method_map(resource, None, None) ?
In-Reply-To: 
References: 
Message-ID: 

On 12/18/2016 06:12 AM, Sim via Mailman-Users wrote:
> Hello List,
> 
> I was following the
> [mailman-bundler](https://gitlab.com/mailman/mailman-bundler/)
> installation instructions.

This list is primarily for Mailman 2. Mailman 3 questions are better
directed to mailman-users at mailman3.org

or mailman-developers at python.org
.

The people most closely involved with Postorius don't follow this list.

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From glen.page at thet.net  Mon Dec 19 07:52:42 2016
From: glen.page at thet.net (Glen Page)
Date: Mon, 19 Dec 2016 07:52:42 -0500
Subject: [Mailman-Users] list mail increasingly flagged as spam
Message-ID: 

I have recently begun to see (and get complaints from some of my users) our list messages being flagged on many users end as spam messages. Wondering if there is anything that i can do on our end to decrease the likelyhood of our messages being flagged as spam. If it would help, I can send some header info from some of our messages.

TIA,

Glen Page
Director of Information Technology
ThetNet - Thetford Academy
802.785.4805.x231

Engelbart's creed: "The better we get, the better we get at getting better."

From fmouse at fmp.com  Mon Dec 19 11:01:11 2016
From: fmouse at fmp.com (Lindsay Haisley)
Date: Mon, 19 Dec 2016 10:01:11 -0600
Subject: [Mailman-Users] list mail increasingly flagged as spam
In-Reply-To: 
References: 
Message-ID: <1482163271.12209.164.camel@fmp.com>

On Mon, 2016-12-19 at 07:52 -0500, Glen Page wrote:
> I have recently begun to see (and get complaints from some of my
> users) our list messages being flagged on many users end as spam
> messages. Wondering if there is anything that i can do on our end to
> decrease the likelyhood of our messages being flagged as spam. If it
> would help, I can send some header info from some of our messages.

I'm not a Mailman maintainer, but it might be helpful if you could post
any information that would help narrow down the problem. Specifically,
are most or all of the users who have this problem using a particular
mail provider such as Gmail, or some other service? Have any of these
users posted any information to you regarding the reason their mail
service has improperly flagged these list posts?

-- 
Lindsay Haisley       | "Everything works if you let it"
FMP Computer Services |
512-259-1190          |          --- The Roadie
http://www.fmp.com    |

From mark at msapiro.net  Mon Dec 19 22:39:02 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Mon, 19 Dec 2016 19:39:02 -0800
Subject: [Mailman-Users] list mail increasingly flagged as spam
In-Reply-To: 
References: 
Message-ID: <66d534dd-abf5-5253-a1c4-94ba952968ef@msapiro.net>

On 12/19/2016 04:52 AM, Glen Page wrote:
> I have recently begun to see (and get complaints from some of my users) our list messages being flagged on many users end as spam messages. Wondering if there is anything that i can do on our end to decrease the likelyhood of our messages being flagged as spam. If it would help, I can send some header info from some of our messages.

See the article at 

Even before doing any of the things there, do all of the following.

1) Ensure your sending server has full circle DNS
. I.e. the
domain the server identifies itself as in HELO/EHLO has an A record with
the IP address of the server and rDNS lookup of that address points back
to the domain.

2) Publish SPF for the list domain authorizing the sending server.

3) DKIM sign outgoing list mail with the list domain.

These are not guarantees but they are all things that if not done make
your mail look less legitimate to at least some recipients.

Also if you are not applying DMARC mitigations to your list mail, this
can be a problem, particularly is the "spam" is mail sent From: users in
domains publishing DMARC p=quarantine. See
.

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From glen.page at thet.net  Tue Dec 20 08:11:41 2016
From: glen.page at thet.net (Glen Page)
Date: Tue, 20 Dec 2016 08:11:41 -0500
Subject: [Mailman-Users] Mailman-Users Digest, Vol 154, Issue 30
In-Reply-To: 
References: 
Message-ID: 

We are a Google Apps for Education school so most of our employees and students are using gmail but with our own thet.net  domain. We have mx records for gmails servers and for our in house mailman server. Recently edited our DNS zones due to SPF record check failures. Also, recently had to change out IP block due to changes at our ISP. Here is the header info from a message that I got from our Dean. It got flagged as Spam somewhere along the way.

It should be noted that some of the lists below are umbrella lists.

{Spam?} [TA Admin] {Spam?} [Employees] {Spam?} [Claws] {Spam?} SNOWBALL IS CANCELLED FOR	TONIGHT
To: claws at lists.thet.net students2017 at lists.thet.net 
X-Thetnet-Mailscanner-Information: Please contact the ISP for more information
Sender: admin-bounces at lists.thet.net
List-Archive: 
Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@thet-net.20150623.gappssmtp.com; spf=fail (google.com: domain of admin-bounces at lists.thet.net does not designate 104.219.98.14 as permitted sender) smtp.mailfrom=admin-bounces at lists.thet.net
X-Received: by 10.55.20.95 with SMTP id e92mr9675564qkh.54.1481993433047; Sat, 17 Dec 2016 08:50:33 -0800 (PST)
X-Received: by 10.13.204.67 with SMTP id o64mr6487069ywd.47.1481993249239; Sat, 17 Dec 2016 08:47:29 -0800 (PST)
Return-Path: 
List-Help: 
X-Original-To: admin at lists.thet.net
X-Original-To: employees at lists.thet.net
X-Original-To: claws at lists.thet.net
X-Thetnet-Mailscanner-Spamscore: sssssss, sssssss, sssss, sssss
X-Gm-Message-State: AKaTC03CGHzT3zezdGpZ3HNvRPiPVZelD2bKmhcA8Wn9WsDZT93E/DWWFFAFrbExpkGdZ0xWfYUPvqPLwJXAyg==
List-Id: Interactive mailing list for TA Administrators 
X-Mailman-Version: 2.1.12
X-Greylist: whitelisted by SQLgrey-1.7.6
X-Google-Dkim-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=8F82G0kwQs0BGWAs4rc0JlbGrQ5jSEAp9BGHHsLlJGQ=; b=XDw9OtI9GY0saYUhV9g6nVzCeS2/FHyuJUbb3YrEZtrQAg+GOI9B1chbVDYuIDm9Ip EpVs8ERwixZfcbO+hRhz21h6dmm1kRorFGHjVKUjt9fOONcqX0C3i0FPy+VHgxf4nPnT 5wzEquSIGU7I5YoUNFK7AR6pqPCRXqEaS4t9Aa0Q9njL2Y2XEh+dw1z1e3XreibJMMr6 kYmbFTM6YcxBprB6XJCHzVI4R51a9L2CmxJCHn8X+ULXsligpbAIr8vnMxT8QjAxejM6 A1kiQZG57hSs4B/8R8TQeX3jj2QpF1XULvdkLgxDlskybV2LdQP2tTpDf9aI0TnXO+bg ralw==
X-Thetnet-Mailscanner-Spamcheck: spam, SORBS-SPAM, SpamAssassin (cached, score=7.315, required 5, BAYES_00 -1.90, DNS_FROM_AHBL_RHSBL 2.70, HTML_MESSAGE 0.00, RCVD_IN_DNSWL_NONE -0.00, SORTED_RECIPS 2.50, SUBJ_ALL_CAPS 1.51, SUSPICIOUS_RECIPS 2.51), spam, SpamAssassin (cached, score=7.315,  required 5, BAYES_00 -1.90, DNS_FROM_AHBL_RHSBL 2.70, HTML_MESSAGE 0.00, RCVD_IN_DNSWL_NONE -0.00, SORTED_RECIPS 2.50, SUBJ_ALL_CAPS 1.51, SUSPICIOUS_RECIPS 2.51), spam, SpamAssassin (not cached, score=5.809,  required 5, BAYES_00 -1.90, DNS_FROM_AHBL_RHSBL 2.70, HTML_MESSAGE 0.00, RCVD_IN_DNSWL_NONE -0.00, SORTED_RECIPS 2.50, SUSPICIOUS_RECIPS 2.51), spam, SpamAssassin (not cached, score=5.809, required 5, BAYES_00 -1.90, DNS_FROM_AHBL_RHSBL 2.70, HTML_MESSAGE 0.00, RCVD_IN_DNSWL_NONE -0.00, SORTED_RECIPS 2.50, SUSPICIOUS_RECIPS 2.51)
X-Thetnet-Mailscanner: Found to be clean, Found to be clean, Found to be clean, Found to be clean
List-Post: 
Errors-To: admin-bounces at lists.thet.net
Message-Id: 
X-Spam-Status: Yes, Yes, Yes, Yes
X-Thetnet-Mailscanner-From: admin-bounces at lists.thet.net
Mime-Version: 1.0
Precedence: list
Received: by 10.80.136.105 with SMTP id c38csp743701edc; Sat, 17 Dec 2016 08:50:33 -0800 (PST)
Received: from dispatch.thet.net ([104.219.98.14]) by mx.google.com with ESMTPS id n185si342354qke.282.2016.12.17.08.50.32 (version=TLS1 cipher=AES128-SHA bits=128/128); Sat, 17 Dec 2016 08:50:32 -0800 (PST)
Received: from dispatch.thet.net (dispatch.thet.net [172.16.0.18]) by dispatch.thet.net (Postfix) with ESMTP id A1013E6103A; Sat, 17 Dec 2016 11:49:56 -0500 (EST)
Received: from dispatch.thet.net (dispatch.thet.net [172.16.0.18]) by dispatch.thet.net (Postfix) with ESMTP id BA586E61035; Sat, 17 Dec 2016 11:49:04 -0500 (EST)
Received: from dispatch.thet.net (dispatch.thet.net [172.16.0.18]) by dispatch.thet.net (Postfix) with ESMTP id 12323E60FF7; Sat, 17 Dec 2016 11:48:05 -0500 (EST)
Received: from mail-yw0-f177.google.com (mail-yw0-f177.google.com [209.85.161.177]) by dispatch.thet.net (Postfix) with ESMTPS id 0F6F3E60FF7 for ; Sat, 17 Dec 2016 11:47:29 -0500 (EST)
Received: by mail-yw0-f177.google.com with SMTP id i145so46776688ywg.2 for ; Sat, 17 Dec 2016 08:47:29 -0800 (PST)
Received: by 10.37.30.86 with HTTP; Sat, 17 Dec 2016 08:47:28 -0800 (PST)
Content-Type: multipart/mixed; boundary="===============0140925220=="
X-Thetnet-Mailscanner-Id: A1013E6103A.A0BA7
Delivered-To: glen.page at thet.net.test-google-a.com
Delivered-To: admin at lists.thet.net
Delivered-To: employees at lists.thet.net
Delivered-To: claws at lists.thet.net
X-Beenthere: claws at lists.thet.net
X-Beenthere: employees at lists.thet.net
X-Beenthere: admin at lists.thet.net
Received-Spf: fail (google.com: domain of admin-bounces at lists.thet.net does not designate 104.219.98.14 as permitted sender) client-ip=104.219.98.14;
List-Unsubscribe: 
List-Unsubscribe: 
List-Subscribe: , 
Dkim-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=thet-net.20150623.gappssmtp.com; s=20150623; h=mime-version:from:date:message-id:subject:to; bh=8F82G0kwQs0BGWAs4rc0JlbGrQ5jSEAp9BGHHsLlJGQ=; b=z4aCN7tqgI6/fqyUS0996YyJ3h9vBdciKFZDMciilUXU1d1VzpD9MPEw5iFzTvTiBk JboPNIV4zE41HWJcMRL3FIJ2A9ahgpkAD+p48PIxjqveclm4BM92Ioj3LXqrXg6lLs+Q SkqLIEl6DQLzWigaixP49UmPqbQjSbfxLvxq32MXFVldcOF7n/5Q1SfFQkErRq8S14x8 U1Keu94MZCSi2xp7bXj4ARdtdOsOOemWCRRSzrAd0nR+uqsW+aOKPHmqYZqHHz3Ct328 XH+wBOs/CUSe7sOrQCM/RlHb2IQg0rTS0t3V3jhZkYaquDF59rgTYsNyo7BEToSeXDfV QuOg==

> 
> From: Lindsay Haisley 
> Subject: Re: [Mailman-Users] list mail increasingly flagged as spam
> Date: December 19, 2016 at 11:01:11 AM EST
> To: mailman-users at python.org
> Reply-To: fmouse at fmp.com
> 
> 
> On Mon, 2016-12-19 at 07:52 -0500, Glen Page wrote:
>> I have recently begun to see (and get complaints from some of my
>> users) our list messages being flagged on many users end as spam
>> messages. Wondering if there is anything that i can do on our end to
>> decrease the likelyhood of our messages being flagged as spam. If it
>> would help, I can send some header info from some of our messages.
> 
> I'm not a Mailman maintainer, but it might be helpful if you could post
> any information that would help narrow down the problem. Specifically,
> are most or all of the users who have this problem using a particular
> mail provider such as Gmail, or some other service? Have any of these
> users posted any information to you regarding the reason their mail
> service has improperly flagged these list posts?
> 
> -- 
> Lindsay Haisley       | "Everything works if you let it"
> FMP Computer Services |
> 512-259-1190          |          --- The Roadie
> http://www.fmp.com    |
> 
> 
> 
> 
> ------------------------------------------------------
> Mailman-Users mailing list
> Mailman-Users at python.org
> https://mail.python.org/mailman/listinfo/mailman-users
> Mailman FAQ: http://wiki.list.org/x/AgA3
> Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/

Glen Page
Director of Information Technology
ThetNet - Thetford Academy
802.785.4805.x231

Every time it rains pennies from heaven, I get down on my hands and knees and try to protect my head because those things really hurt.

From turnbull.stephen.fw at u.tsukuba.ac.jp  Tue Dec 20 11:09:56 2016
From: turnbull.stephen.fw at u.tsukuba.ac.jp (Stephen J. Turnbull)
Date: Wed, 21 Dec 2016 01:09:56 +0900
Subject: [Mailman-Users] Mailman-Users Digest, Vol 154, Issue 30
In-Reply-To: 
References: 

Message-ID: <22617.22484.776606.189108@turnbull.sk.tsukuba.ac.jp>

Glen Page writes:

 > We are a Google Apps for Education school so most of our employees
 > and students are using gmail but with our own thet.net
 >  domain. We have mx records for gmails servers
 > and for our in house mailman server. Recently edited our DNS zones
 > due to SPF record check failures. Also, recently had to change out
 > IP block due to changes at our ISP. Here is the header info from a
 > message that I got from our Dean. It got flagged as Spam somewhere
 > along the way.

You've deleted a bunch of header fields, it seems.  That doesn't hurt
this time -- it seems pretty clear that a misconfigured SpamAssassin
is the problem.  But you should tell us about it, and also consider
leaving in the fields while redacting specific personal information
such as mailboxes and IP addresses if you consider them sensitive.

To the analysis.  This appears to be the subject:

 > {Spam?} [TA Admin] {Spam?} [Employees] {Spam?} [Claws] {Spam?} SNOWBALL IS CANCELLED FOR	TONIGHT

SpamAssassin ignores the parenthesized tags, and finds that the
subject is all uppercase.  1.5 spam points.  Tell your people not to
use all uppercase, especially not in the subject, but also not in the
body.  This is a very good indicator of spam.

This is your addressee list in the "To" field, right?

 > To: claws at lists.thet.net students2017 at lists.thet.net 

It happens to be sorted.  2.5 spam points, total 4.  You're already
almost busted!  If you have control over SpamAssassin, this is a
stupid rule unless you've got more than 5 addressees, and you should
be giving that a lot of points anyway.  Take that rule down to 1
point, or disable it.

 > X-Thetnet-Mailscanner-Spamcheck:
 > spam, SORBS-SPAM,

Dunno what the above line means.

 > SpamAssassin (cached, score=7.315, required 5,
 > BAYES_00 -1.90,

Content is extremely unspam-like.  Congratulate the author. :-)

 > DNS_FROM_AHBL_RHSBL 2.70,

Ouch.  Appears you are on a blacklist ... no, AHBL and RHSBL are
deprecated and may not even be operating any more, lots of "too many
false positives, how can I disable this rule?" on Google.  See this
URL:

http://www.emailquestions.com/threads/how-to-disable-dns_from_ahbl_rhsbl-rbl-envelope-sender-listed-in-dnsbl-ahbl-org.10342/

 > HTML_MESSAGE 0.00,

Yeah!  "Friends don't let friends send HTML mail."

 > RCVD_IN_DNSWL_NONE -0.00,

Good.

 > SORTED_RECIPS 2.50,
 > SUBJ_ALL_CAPS 1.51,

As mentioned above.

 > SUSPICIOUS_RECIPS 2.51),

I have no idea why you're getting that.  Maybe somebody else has an
idea, but if not you'll have to ask somebody with access to your
SpamAssassin rule base.  Anyway, the total above is already 8.2 (then
you get 1.9 back for high-value content), you're busted.

 > Received: from dispatch.thet.net ([104.219.98.14]) by mx.google.com
 >     with ESMTPS id n185si342354qke.282.2016.12.17.08.50.32
 >     (version=TLS1 cipher=AES128-SHA bits=128/128); Sat, 17 Dec 2016
 >     08:50:32 -0800 (PST)
 > Received: from dispatch.thet.net (dispatch.thet.net [172.16.0.18])
 >     by dispatch.thet.net (Postfix) with ESMTP id A1013E6103A; Sat, 17
 >     Dec 2016 11:49:56 -0500 (EST)
 > Received: from dispatch.thet.net (dispatch.thet.net [172.16.0.18])
 >     by dispatch.thet.net (Postfix) with ESMTP id BA586E61035; Sat, 17
 >     Dec 2016 11:49:04 -0500 (EST)
 > Received: from dispatch.thet.net (dispatch.thet.net [172.16.0.18])
 >     by dispatch.thet.net (Postfix) with ESMTP id 12323E60FF7; Sat, 17
 >     Dec 2016 11:48:05 -0500 (EST)

I guess this is the chain of umbrella lists.  You might want to see if
you can get the addressees put in the logs so the you can figure out
what's actually happening here.

 > Received: from mail-yw0-f177.google.com (mail-yw0-f177.google.com [209.85.161.177]) by dispatch.thet.net (Postfix) with ESMTPS id 0F6F3E60FF7 for ; Sat, 17 Dec 2016 11:47:29 -0500 (EST)
 > Received: by mail-yw0-f177.google.com with SMTP id i145so46776688ywg.2 for ; Sat, 17 Dec 2016 08:47:29 -0800 (PST)
 > Received: by 10.37.30.86 with HTTP; Sat, 17 Dec 2016 08:47:28 -0800 (PST)
 > Content-Type: multipart/mixed; boundary="===============0140925220=="
 > X-Thetnet-Mailscanner-Id: A1013E6103A.A0BA7
 > Delivered-To: glen.page at thet.net.test-google-a.com
 > Delivered-To: admin at lists.thet.net
 > Delivered-To: employees at lists.thet.net
 > Delivered-To: claws at lists.thet.net
 > X-Beenthere: claws at lists.thet.net
 > X-Beenthere: employees at lists.thet.net
 > X-Beenthere: admin at lists.thet.net
 > Received-Spf: fail (google.com: domain of admin-bounces at lists.thet.net does not designate 104.219.98.14 as permitted sender) client-ip=104.219.98.14;

This is misconfigured, I think.  lists.thet.net doesn't permit
dispatch.thet.net to send for it?

 > Dkim-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=thet-net.20150623.gappssmtp.com; s=20150623; h=mime-version:from:date:message-id:subject:to; bh=8F82G0kwQs0BGWAs4rc0JlbGrQ5jSEAp9BGHHsLlJGQ=; b=z4aCN7tqgI6/fqyUS0996YyJ3h9vBdciKFZDMciilUXU1d1VzpD9MPEw5iFzTvTiBk JboPNIV4zE41HWJcMRL3FIJ2A9ahgpkAD+p48PIxjqveclm4BM92Ioj3LXqrXg6lLs+Q SkqLIEl6DQLzWigaixP49UmPqbQjSbfxLvxq32MXFVldcOF7n/5Q1SfFQkErRq8S14x8 U1Keu94MZCSi2xp7bXj4ARdtdOsOOemWCRRSzrAd0nR+uqsW+aOKPHmqYZqHHz3Ct328 XH+wBOs/CUSe7sOrQCM/RlHb2IQg0rTS0t3V3jhZkYaquDF59rgTYsNyo7BEToSeXDfV QuOg==

This is going to fail, since the subject is signed but you're adding
tags all over the place.  This is the safest available configuration,
so it is not a problem (that you can do anything about), but you will
DoS yourself if you ever set a DMARC policy of p=quarantine or
p=reject.  Just a word to the wise for the future.

Hope this helps,

Steve

-- 
Associate Professor            Department of Policy and Planning Science
http://turnbull/sk.tsukuba.ac.jp/     Faculty of Systems and Information
Email: turnbull at sk.tsukuba.ac.jp                   University of Tsukuba
Tel: 029-853-5175                 Tennodai 1-1-1, Tsukuba 305-8573 JAPAN

From glen.page at thet.net  Tue Dec 20 11:18:47 2016
From: glen.page at thet.net (Glen Page)
Date: Tue, 20 Dec 2016 11:18:47 -0500
Subject: [Mailman-Users] Mailman-Users Digest, Vol 154, Issue 30
In-Reply-To: <22617.22484.776606.189108@turnbull.sk.tsukuba.ac.jp>
References: 

 <22617.22484.776606.189108@turnbull.sk.tsukuba.ac.jp>
Message-ID: 

Stephen,

Thanks. I am pretty sure that the only thing I deleted was the sender name so not sure which header fields you think are missing.

I will forward this info on to the consultant that built and maintains both my spam-assassin and mailman builds and see what he can figure out.

Thanks again for the help.

Glen

> On Dec 20, 2016, at 11:09 AM, Stephen J. Turnbull  wrote:
> 
> Glen Page writes:
> 
>> We are a Google Apps for Education school so most of our employees
>> and students are using gmail but with our own thet.net
>>  domain. We have mx records for gmails servers
>> and for our in house mailman server. Recently edited our DNS zones
>> due to SPF record check failures. Also, recently had to change out
>> IP block due to changes at our ISP. Here is the header info from a
>> message that I got from our Dean. It got flagged as Spam somewhere
>> along the way.
> 
> You've deleted a bunch of header fields, it seems.  That doesn't hurt
> this time -- it seems pretty clear that a misconfigured SpamAssassin
> is the problem.  But you should tell us about it, and also consider
> leaving in the fields while redacting specific personal information
> such as mailboxes and IP addresses if you consider them sensitive.
> 
> To the analysis.  This appears to be the subject:
> 
>> {Spam?} [TA Admin] {Spam?} [Employees] {Spam?} [Claws] {Spam?} SNOWBALL IS CANCELLED FOR	TONIGHT
> 
> SpamAssassin ignores the parenthesized tags, and finds that the
> subject is all uppercase.  1.5 spam points.  Tell your people not to
> use all uppercase, especially not in the subject, but also not in the
> body.  This is a very good indicator of spam.
> 
> This is your addressee list in the "To" field, right?
> 
>> To: claws at lists.thet.net students2017 at lists.thet.net 
> 
> It happens to be sorted.  2.5 spam points, total 4.  You're already
> almost busted!  If you have control over SpamAssassin, this is a
> stupid rule unless you've got more than 5 addressees, and you should
> be giving that a lot of points anyway.  Take that rule down to 1
> point, or disable it.
> 
>> X-Thetnet-Mailscanner-Spamcheck:
>> spam, SORBS-SPAM,
> 
> Dunno what the above line means.
> 
>> SpamAssassin (cached, score=7.315, required 5,
>> BAYES_00 -1.90,
> 
> Content is extremely unspam-like.  Congratulate the author. :-)
> 
>> DNS_FROM_AHBL_RHSBL 2.70,
> 
> Ouch.  Appears you are on a blacklist ... no, AHBL and RHSBL are
> deprecated and may not even be operating any more, lots of "too many
> false positives, how can I disable this rule?" on Google.  See this
> URL:
> 
> http://www.emailquestions.com/threads/how-to-disable-dns_from_ahbl_rhsbl-rbl-envelope-sender-listed-in-dnsbl-ahbl-org.10342/
> 
>> HTML_MESSAGE 0.00,
> 
> Yeah!  "Friends don't let friends send HTML mail."
> 
>> RCVD_IN_DNSWL_NONE -0.00,
> 
> Good.
> 
>> SORTED_RECIPS 2.50,
>> SUBJ_ALL_CAPS 1.51,
> 
> As mentioned above.
> 
>> SUSPICIOUS_RECIPS 2.51),
> 
> I have no idea why you're getting that.  Maybe somebody else has an
> idea, but if not you'll have to ask somebody with access to your
> SpamAssassin rule base.  Anyway, the total above is already 8.2 (then
> you get 1.9 back for high-value content), you're busted.
> 
>> Received: from dispatch.thet.net ([104.219.98.14]) by mx.google.com
>>    with ESMTPS id n185si342354qke.282.2016.12.17.08.50.32
>>    (version=TLS1 cipher=AES128-SHA bits=128/128); Sat, 17 Dec 2016
>>    08:50:32 -0800 (PST)
>> Received: from dispatch.thet.net (dispatch.thet.net [172.16.0.18])
>>    by dispatch.thet.net (Postfix) with ESMTP id A1013E6103A; Sat, 17
>>    Dec 2016 11:49:56 -0500 (EST)
>> Received: from dispatch.thet.net (dispatch.thet.net [172.16.0.18])
>>    by dispatch.thet.net (Postfix) with ESMTP id BA586E61035; Sat, 17
>>    Dec 2016 11:49:04 -0500 (EST)
>> Received: from dispatch.thet.net (dispatch.thet.net [172.16.0.18])
>>    by dispatch.thet.net (Postfix) with ESMTP id 12323E60FF7; Sat, 17
>>    Dec 2016 11:48:05 -0500 (EST)
> 
> I guess this is the chain of umbrella lists.  You might want to see if
> you can get the addressees put in the logs so the you can figure out
> what's actually happening here.
> 
>> Received: from mail-yw0-f177.google.com (mail-yw0-f177.google.com [209.85.161.177]) by dispatch.thet.net (Postfix) with ESMTPS id 0F6F3E60FF7 for ; Sat, 17 Dec 2016 11:47:29 -0500 (EST)
>> Received: by mail-yw0-f177.google.com with SMTP id i145so46776688ywg.2 for ; Sat, 17 Dec 2016 08:47:29 -0800 (PST)
>> Received: by 10.37.30.86 with HTTP; Sat, 17 Dec 2016 08:47:28 -0800 (PST)
>> Content-Type: multipart/mixed; boundary="===============0140925220=="
>> X-Thetnet-Mailscanner-Id: A1013E6103A.A0BA7
>> Delivered-To: glen.page at thet.net.test-google-a.com
>> Delivered-To: admin at lists.thet.net
>> Delivered-To: employees at lists.thet.net
>> Delivered-To: claws at lists.thet.net
>> X-Beenthere: claws at lists.thet.net
>> X-Beenthere: employees at lists.thet.net
>> X-Beenthere: admin at lists.thet.net
>> Received-Spf: fail (google.com: domain of admin-bounces at lists.thet.net does not designate 104.219.98.14 as permitted sender) client-ip=104.219.98.14;
> 
> This is misconfigured, I think.  lists.thet.net doesn't permit
> dispatch.thet.net to send for it?
> 
>> Dkim-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=thet-net.20150623.gappssmtp.com; s=20150623; h=mime-version:from:date:message-id:subject:to; bh=8F82G0kwQs0BGWAs4rc0JlbGrQ5jSEAp9BGHHsLlJGQ=; b=z4aCN7tqgI6/fqyUS0996YyJ3h9vBdciKFZDMciilUXU1d1VzpD9MPEw5iFzTvTiBk JboPNIV4zE41HWJcMRL3FIJ2A9ahgpkAD+p48PIxjqveclm4BM92Ioj3LXqrXg6lLs+Q SkqLIEl6DQLzWigaixP49UmPqbQjSbfxLvxq32MXFVldcOF7n/5Q1SfFQkErRq8S14x8 U1Keu94MZCSi2xp7bXj4ARdtdOsOOemWCRRSzrAd0nR+uqsW+aOKPHmqYZqHHz3Ct328 XH+wBOs/CUSe7sOrQCM/RlHb2IQg0rTS0t3V3jhZkYaquDF59rgTYsNyo7BEToSeXDfV QuOg==
> 
> This is going to fail, since the subject is signed but you're adding
> tags all over the place.  This is the safest available configuration,
> so it is not a problem (that you can do anything about), but you will
> DoS yourself if you ever set a DMARC policy of p=quarantine or
> p=reject.  Just a word to the wise for the future.
> 
> Hope this helps,
> 
> Steve
> 
> -- 
> Associate Professor            Department of Policy and Planning Science
> http://turnbull/sk.tsukuba.ac.jp/     Faculty of Systems and Information
> Email: turnbull at sk.tsukuba.ac.jp                   University of Tsukuba
> Tel: 029-853-5175                 Tennodai 1-1-1, Tsukuba 305-8573 JAPAN

Glen Page
Director of Information Technology
ThetNet - Thetford Academy
802.785.4805.x231

"If a guy can dream up a way to cause an explosion, it will happen." ? Newton's Seventh Corrolary of Physics 

From mark at msapiro.net  Tue Dec 20 12:54:15 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Tue, 20 Dec 2016 09:54:15 -0800
Subject: [Mailman-Users] Mailman-Users Digest, Vol 154, Issue 30
In-Reply-To: 
References: 

Message-ID: <2e8eae27-011d-5fe6-7911-a9ce9b507139@msapiro.net>

On 12/20/2016 05:11 AM, Glen Page wrote:
> Here is the header info from a message that I got from our Dean. It got flagged as Spam somewhere along the way.
...
> {Spam?} [TA Admin] {Spam?} [Employees] {Spam?} [Claws] {Spam?} SNOWBALL IS CANCELLED FOR	TONIGHT
> To: claws at lists.thet.net students2017 at lists.thet.net 
> X-Thetnet-Mailscanner-Information: Please contact the ISP for more information
> Sender: admin-bounces at lists.thet.net
> List-Archive: 
> Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@thet-net.20150623.gappssmtp.com; spf=fail (google.com: domain of admin-bounces at lists.thet.net does not designate 104.219.98.14 as permitted sender) smtp.mailfrom=admin-bounces at lists.thet.net
> X-Received: by 10.55.20.95 with SMTP id e92mr9675564qkh.54.1481993433047; Sat, 17 Dec 2016 08:50:33 -0800 (PST)
> X-Received: by 10.13.204.67 with SMTP id o64mr6487069ywd.47.1481993249239; Sat, 17 Dec 2016 08:47:29 -0800 (PST)
> Return-Path: 
> List-Help: 
> X-Original-To: admin at lists.thet.net
> X-Original-To: employees at lists.thet.net
> X-Original-To: claws at lists.thet.net
> X-Thetnet-Mailscanner-Spamscore: sssssss, sssssss, sssss, sssss
> X-Gm-Message-State: AKaTC03CGHzT3zezdGpZ3HNvRPiPVZelD2bKmhcA8Wn9WsDZT93E/DWWFFAFrbExpkGdZ0xWfYUPvqPLwJXAyg==
> List-Id: Interactive mailing list for TA Administrators 
> X-Mailman-Version: 2.1.12
> X-Greylist: whitelisted by SQLgrey-1.7.6
> X-Google-Dkim-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=8F82G0kwQs0BGWAs4rc0JlbGrQ5jSEAp9BGHHsLlJGQ=; b=XDw9OtI9GY0saYUhV9g6nVzCeS2/FHyuJUbb3YrEZtrQAg+GOI9B1chbVDYuIDm9Ip EpVs8ERwixZfcbO+hRhz21h6dmm1kRorFGHjVKUjt9fOONcqX0C3i0FPy+VHgxf4nPnT 5wzEquSIGU7I5YoUNFK7AR6pqPCRXqEaS4t9Aa0Q9njL2Y2XEh+dw1z1e3XreibJMMr6 kYmbFTM6YcxBprB6XJCHzVI4R51a9L2CmxJCHn8X+ULXsligpbAIr8vnMxT8QjAxejM6 A1kiQZG57hSs4B/8R8TQeX3jj2QpF1XULvdkLgxDlskybV2LdQP2tTpDf9aI0TnXO+bg ralw==
> X-Thetnet-Mailscanner-Spamcheck: spam, SORBS-SPAM, SpamAssassin (cached, score=7.315, required 5, BAYES_00 -1.90, DNS_FROM_AHBL_RHSBL 2.70, HTML_MESSAGE 0.00, RCVD_IN_DNSWL_NONE -0.00, SORTED_RECIPS 2.50, SUBJ_ALL_CAPS 1.51, SUSPICIOUS_RECIPS 2.51), spam, SpamAssassin (cached, score=7.315,  required 5, BAYES_00 -1.90, DNS_FROM_AHBL_RHSBL 2.70, HTML_MESSAGE 0.00, RCVD_IN_DNSWL_NONE -0.00, SORTED_RECIPS 2.50, SUBJ_ALL_CAPS 1.51, SUSPICIOUS_RECIPS 2.51), spam, SpamAssassin (not cached, score=5.809,  required 5, BAYES_00 -1.90, DNS_FROM_AHBL_RHSBL 2.70, HTML_MESSAGE 0.00, RCVD_IN_DNSWL_NONE -0.00, SORTED_RECIPS 2.50, SUSPICIOUS_RECIPS 2.51), spam, SpamAssassin (not cached, score=5.809, required 5, BAYES_00 -1.90, DNS_FROM_AHBL_RHSBL 2.70, HTML_MESSAGE 0.00, RCVD_IN_DNSWL_NONE -0.00, SORTED_RECIPS 2.50, SUSPICIOUS_RECIPS 2.51)
> X-Thetnet-Mailscanner: Found to be clean, Found to be clean, Found to be clean, Found to be clean
> List-Post: 
> Errors-To: admin-bounces at lists.thet.net
> Message-Id: 
> X-Spam-Status: Yes, Yes, Yes, Yes
> X-Thetnet-Mailscanner-From: admin-bounces at lists.thet.net
> Mime-Version: 1.0
> Precedence: list
> Received: by 10.80.136.105 with SMTP id c38csp743701edc; Sat, 17 Dec 2016 08:50:33 -0800 (PST)
> Received: from dispatch.thet.net ([104.219.98.14]) by mx.google.com with ESMTPS id n185si342354qke.282.2016.12.17.08.50.32 (version=TLS1 cipher=AES128-SHA bits=128/128); Sat, 17 Dec 2016 08:50:32 -0800 (PST)
> Received: from dispatch.thet.net (dispatch.thet.net [172.16.0.18]) by dispatch.thet.net (Postfix) with ESMTP id A1013E6103A; Sat, 17 Dec 2016 11:49:56 -0500 (EST)
> Received: from dispatch.thet.net (dispatch.thet.net [172.16.0.18]) by dispatch.thet.net (Postfix) with ESMTP id BA586E61035; Sat, 17 Dec 2016 11:49:04 -0500 (EST)
> Received: from dispatch.thet.net (dispatch.thet.net [172.16.0.18]) by dispatch.thet.net (Postfix) with ESMTP id 12323E60FF7; Sat, 17 Dec 2016 11:48:05 -0500 (EST)
> Received: from mail-yw0-f177.google.com (mail-yw0-f177.google.com [209.85.161.177]) by dispatch.thet.net (Postfix) with ESMTPS id 0F6F3E60FF7 for ; Sat, 17 Dec 2016 11:47:29 -0500 (EST)
> Received: by mail-yw0-f177.google.com with SMTP id i145so46776688ywg.2 for ; Sat, 17 Dec 2016 08:47:29 -0800 (PST)
> Received: by 10.37.30.86 with HTTP; Sat, 17 Dec 2016 08:47:28 -0800 (PST)
> Content-Type: multipart/mixed; boundary="===============0140925220=="
> X-Thetnet-Mailscanner-Id: A1013E6103A.A0BA7
> Delivered-To: glen.page at thet.net.test-google-a.com
> Delivered-To: admin at lists.thet.net
> Delivered-To: employees at lists.thet.net
> Delivered-To: claws at lists.thet.net
> X-Beenthere: claws at lists.thet.net
> X-Beenthere: employees at lists.thet.net
> X-Beenthere: admin at lists.thet.net
> Received-Spf: fail (google.com: domain of admin-bounces at lists.thet.net does not designate 104.219.98.14 as permitted sender) client-ip=104.219.98.14;
> List-Unsubscribe: 
> List-Unsubscribe: 
> List-Subscribe: , 
> Dkim-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=thet-net.20150623.gappssmtp.com; s=20150623; h=mime-version:from:date:message-id:subject:to; bh=8F82G0kwQs0BGWAs4rc0JlbGrQ5jSEAp9BGHHsLlJGQ=; b=z4aCN7tqgI6/fqyUS0996YyJ3h9vBdciKFZDMciilUXU1d1VzpD9MPEw5iFzTvTiBk JboPNIV4zE41HWJcMRL3FIJ2A9ahgpkAD+p48PIxjqveclm4BM92Ioj3LXqrXg6lLs+Q SkqLIEl6DQLzWigaixP49UmPqbQjSbfxLvxq32MXFVldcOF7n/5Q1SfFQkErRq8S14x8 U1Keu94MZCSi2xp7bXj4ARdtdOsOOemWCRRSzrAd0nR+uqsW+aOKPHmqYZqHHz3Ct328 XH+wBOs/CUSe7sOrQCM/RlHb2IQg0rTS0t3V3jhZkYaquDF59rgTYsNyo7BEToSeXDfV QuOg==

This message was scanned by MailScanner on thet.net 4 times, once before
the Claws list, once between that and the Employees list, once between
that and the TA Admin list and once on the way out.

It appears from the

X-Thetnet-Mailscanner-Spamscore: sssssss, sssssss, sssss, sssss

header that after the first two times, the score decreased.

The header

X-Thetnet-Mailscanner-Spamcheck: spam, SORBS-SPAM, SpamAssassin (cached,
score=7.315, required 5, BAYES_00 -1.90, DNS_FROM_AHBL_RHSBL 2.70,
HTML_MESSAGE 0.00, RCVD_IN_DNSWL_NONE -0.00, SORTED_RECIPS 2.50,
SUBJ_ALL_CAPS 1.51, SUSPICIOUS_RECIPS 2.51), spam, SpamAssassin (cached,
score=7.315,  required 5, BAYES_00 -1.90, DNS_FROM_AHBL_RHSBL 2.70,
HTML_MESSAGE 0.00, RCVD_IN_DNSWL_NONE -0.00, SORTED_RECIPS 2.50,
SUBJ_ALL_CAPS 1.51, SUSPICIOUS_RECIPS 2.51), spam, SpamAssassin (not
cached, score=5.809,  required 5, BAYES_00 -1.90, DNS_FROM_AHBL_RHSBL
2.70, HTML_MESSAGE 0.00, RCVD_IN_DNSWL_NONE -0.00, SORTED_RECIPS 2.50,
SUSPICIOUS_RECIPS 2.51), spam, SpamAssassin (not cached, score=5.809,
required 5, BAYES_00 -1.90, DNS_FROM_AHBL_RHSBL 2.70, HTML_MESSAGE 0.00,
RCVD_IN_DNSWL_NONE -0.00, SORTED_RECIPS 2.50, SUSPICIOUS_RECIPS 2.51)

Reflects the SpamAssassin hits from each pass. The first report is

spam, SORBS-SPAM, SpamAssassin (cached, score=7.315, required 5,
BAYES_00 -1.90, DNS_FROM_AHBL_RHSBL 2.70, HTML_MESSAGE 0.00,
RCVD_IN_DNSWL_NONE -0.00, SORTED_RECIPS 2.50, SUBJ_ALL_CAPS 1.51,
SUSPICIOUS_RECIPS 2.51)

and the last is

spam, SpamAssassin (not cached, score=5.809, required 5, BAYES_00 -1.90,
DNS_FROM_AHBL_RHSBL 2.70, HTML_MESSAGE 0.00, RCVD_IN_DNSWL_NONE -0.00,
SORTED_RECIPS 2.50, SUSPICIOUS_RECIPS 2.51)

The score dropped because after the initial passes, tags/prefixes got
added that caused SUBJ_ALL_CAPS to miss (it should have missed on the
second scan, but a cached result was used).

The big hits besides SUBJ_ALL_CAPS are DNS_FROM_AHBL_RHSBL,
SORTED_RECIPS and SUSPICIOUS_RECIPS

DNS_FROM_AHBL_RHSBL looks like a blacklist of some sort, but it is not
in my up to date spamassassin. The others are standard rules in
20_head_tests.cf described as

describe SORTED_RECIPS		Recipient list is sorted by address
describe SUSPICIOUS_RECIPS	Similar addresses in recipient list

Were it not for the DNS_FROM_AHBL_RHSBL hit, the score would have been <
5 all 4 times.

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From turnbull.stephen.fw at u.tsukuba.ac.jp  Tue Dec 20 13:20:31 2016
From: turnbull.stephen.fw at u.tsukuba.ac.jp (Stephen J. Turnbull)
Date: Wed, 21 Dec 2016 03:20:31 +0900
Subject: [Mailman-Users] Mailman-Users Digest, Vol 154, Issue 30
In-Reply-To: 
References: 

 <22617.22484.776606.189108@turnbull.sk.tsukuba.ac.jp>

Message-ID: <22617.30319.951792.622550@turnbull.sk.tsukuba.ac.jp>

Glen Page writes:

 > Thanks. I am pretty sure that the only thing I deleted was the
 > sender name so not sure which header fields you think are missing.

I thought MIME-Version was missing, but it's in your post so I must
have deleted that early, and forgot I did that.

According to Mark his up-to-date SpamAssassin doesn't have the AHBL
rule which was the one with the most spam points.  If you can keep
users from writing Subjects with all caps, updating SpamAssassin's
rule base should do the trick.  If the "sorted addresses" rule can't
be restricted to a larger number of addresses, I would recommend
decreasing its score still.

From odhiambo at gmail.com  Wed Dec 21 10:46:35 2016
From: odhiambo at gmail.com (Odhiambo Washington)
Date: Wed, 21 Dec 2016 18:46:35 +0300
Subject: [Mailman-Users] Mailman Hosting
Message-ID: 

Hi,

Does anyone know of a provider who hosts Mailman and who has a good
reputation with American ISPs - Verizon and ATT, etc? These providers
somehow have notoriety blocking mailing list emails. I'm currently hosting
with a provider based in Oz, but having some difficulties when it comes to
Verizon and ATT. AOL, Gmail, Hotmail, Outlook, Yahoo etc are all accepting
mails, but majority of the subscribers are with Verizon/ATT and that has
really affected one list that I have so I need to change.

Please recommend one.

-- 
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft."

From luscheina at yahoo.de  Wed Dec 21 10:56:36 2016
From: luscheina at yahoo.de (Christian F Buser)
Date: Wed, 21 Dec 2016 16:56:36 +0100
Subject: [Mailman-Users] Mailman Hosting
In-Reply-To: 
References: 
Message-ID: <585AA634.2030302@yahoo.de>

Hi  to East Africa

I do not have any information about their "reputation" with Verizon and
AT&T, but our organization uses digimouse.eu for mail, mailing lists and
web.

You may want to mention my name when contacting them (no,  I do not get
any compensation for my "advertising").

Christian

-- 
Christian F. Buser, Hohle Gasse 6, CH-5507 Mellingen (Switzerland)      
Hilfe f?r Strassenkinder in Ghana: http://www.chance-for-children.org

> Odhiambo Washington 
> 21. Dezember 2016 um 16:46
> Hi,
>
> Does anyone know of a provider who hosts Mailman and who has a good
> reputation with American ISPs - Verizon and ATT, etc? These providers
> somehow have notoriety blocking mailing list emails. I'm currently hosting
> with a provider based in Oz, but having some difficulties when it comes to
> Verizon and ATT. AOL, Gmail, Hotmail, Outlook, Yahoo etc are all accepting
> mails, but majority of the subscribers are with Verizon/ATT and that has
> really affected one list that I have so I need to change.
>
>
> Please recommend one.
>

From odhiambo at gmail.com  Wed Dec 21 11:11:16 2016
From: odhiambo at gmail.com (Odhiambo Washington)
Date: Wed, 21 Dec 2016 19:11:16 +0300
Subject: [Mailman-Users] Mailman Hosting
In-Reply-To: <585AA634.2030302@yahoo.de>
References: 
 <585AA634.2030302@yahoo.de>
Message-ID: 

Just for the record, I have been hosting with mailmanlists.net for the last
three or so years and I am very happy with them. The only problem is that
one of their co-lo facilities in the US closed down and they had to move to
another co-lo. This obviously involved migration of servers/ change of IP
addresses and this has not gone well for one of my mailing lists which has
so many subscribers on Verizon/ATT. It's the only reason I am looking for a
well-known hosting provider which has an already "good reputation" - that
Verizon/ATT accepts lists mail from their servers...

On 21 December 2016 at 18:56, Christian F Buser via Mailman-Users <
mailman-users at python.org> wrote:

> Hi  to East Africa
>
> I do not have any information about their "reputation" with Verizon and
> AT&T, but our organization uses digimouse.eu for mail, mailing lists and
> web.
>
> You may want to mention my name when contacting them (no,  I do not get
> any compensation for my "advertising").
>
> Christian
>
>
> --
> Christian F. Buser, Hohle Gasse 6, CH-5507 Mellingen (Switzerland)
> Hilfe f?r Strassenkinder in Ghana: http://www.chance-for-children.org
>
>
> > Odhiambo Washington 
> > 21. Dezember 2016 um 16:46
> > Hi,
> >
> > Does anyone know of a provider who hosts Mailman and who has a good
> > reputation with American ISPs - Verizon and ATT, etc? These providers
> > somehow have notoriety blocking mailing list emails. I'm currently
> hosting
> > with a provider based in Oz, but having some difficulties when it comes
> to
> > Verizon and ATT. AOL, Gmail, Hotmail, Outlook, Yahoo etc are all
> accepting
> > mails, but majority of the subscribers are with Verizon/ATT and that has
> > really affected one list that I have so I need to change.
> >
> >
> > Please recommend one.
> >
>
> ------------------------------------------------------
> Mailman-Users mailing list Mailman-Users at python.org
> https://mail.python.org/mailman/listinfo/mailman-users
> Mailman FAQ: http://wiki.list.org/x/AgA3
> Security Policy: http://wiki.list.org/x/QIA9
> Searchable Archives: http://www.mail-archive.com/ma
> ilman-users%40python.org/
> Unsubscribe: https://mail.python.org/mailman/options/mailman-users/odhiam
> bo%40gmail.com
>

-- 
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft."

From adam-mailman at amyl.org.uk  Wed Dec 21 12:09:14 2016
From: adam-mailman at amyl.org.uk (Adam McGreggor)
Date: Wed, 21 Dec 2016 17:09:14 +0000
Subject: [Mailman-Users] Mailman Hosting
In-Reply-To: 
References: 
 <585AA634.2030302@yahoo.de>

Message-ID: <20161221170914.GC4966@hendricks.amyl.org.uk>

On Wed, Dec 21, 2016 at 07:11:16PM +0300, Odhiambo Washington wrote:
> one of their co-lo facilities in the US closed down and they had to move to
> another co-lo. This obviously involved migration of servers/ change of IP
> addresses and this has not gone well for one of my mailing lists which has

An influx of mail from a new host, rather than a increase over time probably
didn't/doesn't help either.

(I've not seen any feature in Mailman that does
limiting based on destination, and wouldn't expect that to be a feature of
Mailman 2; I might even advocate it should not be a feature in MM3, either.)

-- 
Politicians are like diapers. They should be changed often,
and for the same reason.

From ddewey at cyberthugs.com  Wed Dec 21 12:36:17 2016
From: ddewey at cyberthugs.com (ddewey at cyberthugs.com)
Date: Wed, 21 Dec 2016 12:36:17 -0500
Subject: [Mailman-Users] Mailman Hosting
In-Reply-To: <20161221170914.GC4966@hendricks.amyl.org.uk>
References: 
 <585AA634.2030302@yahoo.de>

 <20161221170914.GC4966@hendricks.amyl.org.uk>
Message-ID: <20161221173617.GA919@bianchi.pissingkerosene.com>

Quoting Adam McGreggor (adam-mailman at amyl.org.uk):

> On Wed, Dec 21, 2016 at 07:11:16PM +0300, Odhiambo Washington wrote:
> > one of their co-lo facilities in the US closed down and they had to move to
> > another co-lo. This obviously involved migration of servers/ change of IP
> > addresses and this has not gone well for one of my mailing lists which has
> 
> An influx of mail from a new host, rather than a increase over time probably
> didn't/doesn't help either.
> 
> (I've not seen any feature in Mailman that does
> limiting based on destination, and wouldn't expect that to be a feature of
> Mailman 2; I might even advocate it should not be a feature in MM3, either.)

You can do this in the MTA, postfix for example. Doesn't need to be in
mailman. I have ridculously low rate limits for a couple of providers
(hello Time-Warner).

From odhiambo at gmail.com  Wed Dec 21 12:45:35 2016
From: odhiambo at gmail.com (Odhiambo Washington)
Date: Wed, 21 Dec 2016 20:45:35 +0300
Subject: [Mailman-Users] Mailman Hosting
In-Reply-To: <20161221170914.GC4966@hendricks.amyl.org.uk>
References: 
 <585AA634.2030302@yahoo.de>

 <20161221170914.GC4966@hendricks.amyl.org.uk>
Message-ID: 

On 21 December 2016 at 20:09, Adam McGreggor 
wrote:

> On Wed, Dec 21, 2016 at 07:11:16PM +0300, Odhiambo Washington wrote:
> > one of their co-lo facilities in the US closed down and they had to move
> to
> > another co-lo. This obviously involved migration of servers/ change of IP
> > addresses and this has not gone well for one of my mailing lists which
> has
>
> An influx of mail from a new host, rather than a increase over time
> probably
> didn't/doesn't help either.
>

True. We then migrated the list to another of their servers that already
existed, but the rejections
became even more.

>
> (I've not seen any feature in Mailman that does
> limiting based on destination, and wouldn't expect that to be a feature of
> Mailman 2; I might even advocate it should not be a feature in MM3,
> either.)
>
>
In Exim (MTA) we have a way of doing that. Postfix probably has too. But
hey, I digressed just a little.

-- 
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft."

From adam-mailman at amyl.org.uk  Wed Dec 21 13:39:49 2016
From: adam-mailman at amyl.org.uk (Adam McGreggor)
Date: Wed, 21 Dec 2016 18:39:49 +0000
Subject: [Mailman-Users] Mailman Hosting
In-Reply-To: 
References: 
 <585AA634.2030302@yahoo.de>

 <20161221170914.GC4966@hendricks.amyl.org.uk>

Message-ID: <20161221183949.GD4966@hendricks.amyl.org.uk>

On Wed, Dec 21, 2016 at 08:45:35PM +0300, Odhiambo Washington wrote:
> True. We then migrated the list to another of their servers that already
> existed, but the rejections
> became even more.

I'd still do a gradual ramp-up to N recipients with the 'standard' type of
messages/headers/patterns for each new sending pattern, nowadays, rather than
just "these IPs have been used before?".

-- 
"I would nationalise Elizabeth Hurley and allow each of us to claim
 our share."
    ? JG Ballard ('lost' NS interview, mid 1990s)

From minxmertzmomo at gmail.com  Wed Dec 21 22:02:59 2016
From: minxmertzmomo at gmail.com (Matt Morgan)
Date: Wed, 21 Dec 2016 22:02:59 -0500
Subject: [Mailman-Users] Configure options not known
In-Reply-To: <7d0f7f16-f521-f68a-7f75-ca81451ffaa0@msapiro.net>
References: 
 <95bf3563-2255-6bfd-d81e-0fd57d79d2d6@msapiro.net>

 <7d0f7f16-f521-f68a-7f75-ca81451ffaa0@msapiro.net>
Message-ID: 

On Fri, Dec 9, 2016 at 6:41 PM, Mark Sapiro  wrote:

> On 12/09/2016 02:27 PM, Matt Morgan wrote:
> >
> > Thanks. --prefix is the standard, but there's nothing in /var apart from
> > mailman's crontab. What's an example of a file that I could 'locate' to
> > figure out what mailman is using instead of /var? Or is there another
> > way to determine what it is?
>
>
> Where are the archives/, data/, lists/, locks/, logs/, qfiles/ and
> spam/ directories. If they are in the same directory as the bin/, cron/,
> icons/, mail/,  Mailman/,  messages/, pythonlib/, scripts/ and tests/
> directories, then you don't need --with-var-prefix at all because it is
> the same as $prefix. If different, then the containing directory is what
> you need for --with-var-prefix.
>
> If the bin/, cron/, icons/, mail/,  Mailman/,  messages/, pythonlib/,
> scripts/ and tests/ directories are all in /usr/local/mailman, you don't
> need --prefix because that's the default.
>
> Finally, if the cgi-bin/ directory is in $prefix, you don't need
> --exec-prefix. Otherwise, --exec-prefix is the path that contains the
> cgi-bin/ directory.

(snipping a lot of that)

configure and make install seemed to work. I got a CGI error and corrected
it, just like you said would happen.

Unfortunately, local delivery is failing for all (as far as I can tell)
list addresses. What have I done? Any advice welcome.

Thanks,
Matt

From minxmertzmomo at gmail.com  Wed Dec 21 22:14:22 2016
From: minxmertzmomo at gmail.com (Matt Morgan)
Date: Wed, 21 Dec 2016 22:14:22 -0500
Subject: [Mailman-Users] Configure options not known
In-Reply-To: 
References: 
 <95bf3563-2255-6bfd-d81e-0fd57d79d2d6@msapiro.net>

 <7d0f7f16-f521-f68a-7f75-ca81451ffaa0@msapiro.net>

Message-ID: 

On Wed, Dec 21, 2016 at 10:02 PM, Matt Morgan 
wrote:

> On Fri, Dec 9, 2016 at 6:41 PM, Mark Sapiro  wrote:
>
>> On 12/09/2016 02:27 PM, Matt Morgan wrote:
>> >
>> > Thanks. --prefix is the standard, but there's nothing in /var apart from
>> > mailman's crontab. What's an example of a file that I could 'locate' to
>> > figure out what mailman is using instead of /var? Or is there another
>> > way to determine what it is?
>>
>>
>> Where are the archives/, data/, lists/, locks/, logs/, qfiles/ and
>> spam/ directories. If they are in the same directory as the bin/, cron/,
>> icons/, mail/,  Mailman/,  messages/, pythonlib/, scripts/ and tests/
>> directories, then you don't need --with-var-prefix at all because it is
>> the same as $prefix. If different, then the containing directory is what
>> you need for --with-var-prefix.
>>
>> If the bin/, cron/, icons/, mail/,  Mailman/,  messages/, pythonlib/,
>> scripts/ and tests/ directories are all in /usr/local/mailman, you don't
>> need --prefix because that's the default.
>>
>> Finally, if the cgi-bin/ directory is in $prefix, you don't need
>> --exec-prefix. Otherwise, --exec-prefix is the path that contains the
>> cgi-bin/ directory.
>
>
> (snipping a lot of that)
>
> configure and make install seemed to work. I got a CGI error and corrected
> it, just like you said would happen.
>
> Unfortunately, local delivery is failing for all (as far as I can tell)
> list addresses. What have I done? Any advice welcome.
>
> Thanks,
> Matt
>

Looks like I need --with-mail-gid=mail. Working on that now.

From turnbull.stephen.fw at u.tsukuba.ac.jp  Wed Dec 21 23:18:47 2016
From: turnbull.stephen.fw at u.tsukuba.ac.jp (Stephen J. Turnbull)
Date: Thu, 22 Dec 2016 13:18:47 +0900
Subject: [Mailman-Users]  Mailman Hosting
In-Reply-To: 
References: 
Message-ID: <22619.21543.169543.409739@turnbull.sk.tsukuba.ac.jp>

Odhiambo Washington writes:

 > mails, but majority of the subscribers are with Verizon/ATT and that has
 > really affected one list that I have so I need to change.

Do you have a reason to think a change will help?  As you say, they're
notorious for blocking list emails.  I doubt their criteria are so
heavily weighted toward which hosting service you use as to make a big
difference here.  Rather (as others have suggested) probably any
change that involves significant flows of duplicate message-ids from a
new source will get blocked.  Other than that negative effect,
reputation is something that you build over time.  Trying to buy it in
an instant is not a good bet.

The first thing would be to check that your IPs aren't on any of the
RBLs.  Seems unlikely since you don't have problems with other
providers, but Verizon may have poor taste in RBLs (as they do in so
many other ways).  If you're on one, you'll be better off if you can
get off rather than moving.

Do you know and conform to their acceptable use policies?  Have you
talked to their support staff?  They're the only ones who know what
criteria they actually use to decide what to block.  I wouldn't be
surprised if they just brush you off, but that's the second thing you
should try.

Can you get your subscribers to complain?  That often has more effect
than complaints from a third party.

Steve

From mark at mailmanlists.net  Wed Dec 21 23:42:28 2016
From: mark at mailmanlists.net (Mark Dale)
Date: Thu, 22 Dec 2016 15:42:28 +1100
Subject: [Mailman-Users] Mailman Hosting
In-Reply-To: <22619.21543.169543.409739@turnbull.sk.tsukuba.ac.jp>
References: 
 <22619.21543.169543.409739@turnbull.sk.tsukuba.ac.jp>
Message-ID: <387ce2c8-1a53-37b1-83ae-0e658c986e04@mailmanlists.net>

Hi Odhiambo and Steve,

I'm one of the co-owners of MailmanLists.net that is mentioned in this post.

As Odhiambo said, we've recently moved one of the servers that hosted 
Odhiambo's list. This involved a change of IP address, and at the same 
time the problem with Verizon kicked into play.

All the DNS records (inc SPF, DKIM) are in place, the server is on no 
RBLs, con-current connections to the recieving mail servers is set at 2 
in Postfix. In short, all the right boxes are ticked as far as we can see.

Point noted about the time needed to build a good IP reputation. In 
light of that, we moved the list to our old established server in 
Europe. It has a SenderScore of 99, and of course all the same boxes are 
ticked. Verizon still rejected list mail.

As they have been somewhat resistant to address the issue in any real 
way, I do agree with Steven that they may listen to loud complaints from 
their own customers. However, that doesn't help Odhiambo right now.

We haven't brushed Odhiambo off, but rather have worked with him on this 
problem trying to fix it. However, right now all our best intents are 
not helping - so any suggestions for a workaround on this would be truly 
appreciated.

His list has around 400 members, with 70 or so being Verizon customers.

Regards,
Mark

========================================
  MailmanLists - hosted discussion lists
  Canberra, Australia
  Tel: +61 .2 61003121
  http://www.mailmanlists.net
=======================================

On 22/12/16 15:18, Stephen J. Turnbull wrote:
> Odhiambo Washington writes:
>
>  > mails, but majority of the subscribers are with Verizon/ATT and that has
>  > really affected one list that I have so I need to change.
>
> Do you have a reason to think a change will help?  As you say, they're
> notorious for blocking list emails.  I doubt their criteria are so
> heavily weighted toward which hosting service you use as to make a big
> difference here.  Rather (as others have suggested) probably any
> change that involves significant flows of duplicate message-ids from a
> new source will get blocked.  Other than that negative effect,
> reputation is something that you build over time.  Trying to buy it in
> an instant is not a good bet.
>
> The first thing would be to check that your IPs aren't on any of the
> RBLs.  Seems unlikely since you don't have problems with other
> providers, but Verizon may have poor taste in RBLs (as they do in so
> many other ways).  If you're on one, you'll be better off if you can
> get off rather than moving.
>
> Do you know and conform to their acceptable use policies?  Have you
> talked to their support staff?  They're the only ones who know what
> criteria they actually use to decide what to block.  I wouldn't be
> surprised if they just brush you off, but that's the second thing you
> should try.
>
> Can you get your subscribers to complain?  That often has more effect
> than complaints from a third party.
>
> Steve
>
> ------------------------------------------------------
> Mailman-Users mailing list Mailman-Users at python.org
> https://mail.python.org/mailman/listinfo/mailman-users
> Mailman FAQ: http://wiki.list.org/x/AgA3
> Security Policy: http://wiki.list.org/x/QIA9
> Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
> Unsubscribe: https://mail.python.org/mailman/options/mailman-users/mark%40mailmanlists.net
>
>

From jimpop at gmail.com  Thu Dec 22 00:15:06 2016
From: jimpop at gmail.com (Jim Popovitch)
Date: Thu, 22 Dec 2016 00:15:06 -0500
Subject: [Mailman-Users] Mailman Hosting
In-Reply-To: <387ce2c8-1a53-37b1-83ae-0e658c986e04@mailmanlists.net>
References: 
 <22619.21543.169543.409739@turnbull.sk.tsukuba.ac.jp>
 <387ce2c8-1a53-37b1-83ae-0e658c986e04@mailmanlists.net>
Message-ID: 

On Wed, Dec 21, 2016 at 11:42 PM, Mark Dale  wrote:
> Hi Odhiambo and Steve,
>
> I'm one of the co-owners of MailmanLists.net that is mentioned in this post.
>
> As Odhiambo said, we've recently moved one of the servers that hosted
> Odhiambo's list. This involved a change of IP address, and at the same time
> the problem with Verizon kicked into play.
>
> All the DNS records (inc SPF, DKIM) are in place, the server is on no RBLs,
> con-current connections to the recieving mail servers is set at 2 in
> Postfix. In short, all the right boxes are ticked as far as we can see.
>
> Point noted about the time needed to build a good IP reputation. In light of
> that, we moved the list to our old established server in Europe. It has a
> SenderScore of 99, and of course all the same boxes are ticked. Verizon
> still rejected list mail.
>
> As they have been somewhat resistant to address the issue in any real way, I
> do agree with Steven that they may listen to loud complaints from their own
> customers. However, that doesn't help Odhiambo right now.
>
> We haven't brushed Odhiambo off, but rather have worked with him on this
> problem trying to fix it. However, right now all our best intents are not
> helping - so any suggestions for a workaround on this would be truly
> appreciated.
>

A good place to start is on the mailop list, explain your company and
sign-up practices/filtering, etc.  Be open and ask for specific reps
to contact you offline if necessary.  You may get some awesome help,
although this close to the holidays your message may not hit the right
people until next year.

https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

-Jim P.

From mark at msapiro.net  Thu Dec 22 00:54:43 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Wed, 21 Dec 2016 21:54:43 -0800
Subject: [Mailman-Users] Configure options not known
In-Reply-To: 
References: 
 <95bf3563-2255-6bfd-d81e-0fd57d79d2d6@msapiro.net>

 <7d0f7f16-f521-f68a-7f75-ca81451ffaa0@msapiro.net>

Message-ID: 

On 12/21/2016 07:14 PM, Matt Morgan wrote:
> On Wed, Dec 21, 2016 at 10:02 PM, Matt Morgan 
> wrote:
>>
>> Unfortunately, local delivery is failing for all (as far as I can tell)
>> list addresses. What have I done? Any advice welcome.
>>
>> Thanks,
>> Matt
>>
> 
> Looks like I need --with-mail-gid=mail. Working on that now.

I'm guessing from these that you determined that delivery to list
addresses was failing because of group mismatch error from the mail
wrapper and you are addressing that.

Let us know if you need further help.

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From turnbull.stephen.fw at u.tsukuba.ac.jp  Thu Dec 22 01:29:19 2016
From: turnbull.stephen.fw at u.tsukuba.ac.jp (Stephen J. Turnbull)
Date: Thu, 22 Dec 2016 15:29:19 +0900
Subject: [Mailman-Users] Mailman Hosting
In-Reply-To: <387ce2c8-1a53-37b1-83ae-0e658c986e04@mailmanlists.net>
References: 
 <22619.21543.169543.409739@turnbull.sk.tsukuba.ac.jp>
 <387ce2c8-1a53-37b1-83ae-0e658c986e04@mailmanlists.net>
Message-ID: <22619.29375.489296.994974@turnbull.sk.tsukuba.ac.jp>

Mark Dale writes:

 > We haven't brushed Odhiambo off, but rather have worked with him on this 
 > problem trying to fix it. However,

I'm sorry if I gave the impression that you did, everything Odhiambo
wrote indicates that you have been very helpful, and I took that for
granted.  By support staff, I meant at Verizon, and I meant that the
large services (all of them, not just Verizon) often do brush off
issues presented by mailing lists, claiming that the mailing lists do
not conform to accepted practice (when it's the large services who
came in late and helped wreck the party :-( ).

Steve

From minxmertzmomo at gmail.com  Thu Dec 22 07:47:13 2016
From: minxmertzmomo at gmail.com (Matt Morgan)
Date: Thu, 22 Dec 2016 07:47:13 -0500
Subject: [Mailman-Users] Configure options not known
In-Reply-To: 
References: 
 <95bf3563-2255-6bfd-d81e-0fd57d79d2d6@msapiro.net>

 <7d0f7f16-f521-f68a-7f75-ca81451ffaa0@msapiro.net>

Message-ID: 

Thanks, yes, I looked at the maillog and it was clear about what I needed
to do.

I'm going to put that configure command with all its options in the org's
keepass now :-).

Overall I'm really happy with how humane (fast, straightforward,
understandable) this upgrade method is. Thanks!

On Thu, Dec 22, 2016 at 12:54 AM, Mark Sapiro  wrote:

> On 12/21/2016 07:14 PM, Matt Morgan wrote:
> > On Wed, Dec 21, 2016 at 10:02 PM, Matt Morgan 
> > wrote:
> >>
> >> Unfortunately, local delivery is failing for all (as far as I can tell)
> >> list addresses. What have I done? Any advice welcome.
> >>
> >> Thanks,
> >> Matt
> >>
> >
> > Looks like I need --with-mail-gid=mail. Working on that now.
>
>
> I'm guessing from these that you determined that delivery to list
> addresses was failing because of group mismatch error from the mail
> wrapper and you are addressing that.
>
> Let us know if you need further help.
>
> --
> Mark Sapiro         The highway is for gamblers,
> San Francisco Bay Area, California    better use your sense - B. Dylan
> ------------------------------------------------------
> Mailman-Users mailing list Mailman-Users at python.org
> https://mail.python.org/mailman/listinfo/mailman-users
> Mailman FAQ: http://wiki.list.org/x/AgA3
> Security Policy: http://wiki.list.org/x/QIA9
> Searchable Archives: http://www.mail-archive.com/
> mailman-users%40python.org/
> Unsubscribe: https://mail.python.org/mailman/options/mailman-users/
> minxmertzmomo%40gmail.com
>

From mark at msapiro.net  Thu Dec 22 12:28:56 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Thu, 22 Dec 2016 09:28:56 -0800
Subject: [Mailman-Users] Configure options not known
In-Reply-To: 
References: 
 <95bf3563-2255-6bfd-d81e-0fd57d79d2d6@msapiro.net>

 <7d0f7f16-f521-f68a-7f75-ca81451ffaa0@msapiro.net>

Message-ID: <4b1f98f1-0c25-f381-37bf-976547d163f0@msapiro.net>

On 12/22/2016 04:47 AM, Matt Morgan wrote:
> 
> I'm going to put that configure command with all its options in the
> org's keepass now :-).

Also, if you keep the source directory, the config command is recorded
in the config.log file.

> Overall I'm really happy with how humane (fast, straightforward,
> understandable) this upgrade method is. Thanks!

I'm glad it worked well for you.

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From cmsamsi at hotmail.com  Thu Dec 22 13:19:35 2016
From: cmsamsi at hotmail.com (Caesar Samsi)
Date: Thu, 22 Dec 2016 18:19:35 +0000
Subject: [Mailman-Users] Fwd: Installing
 http://packages.ubuntu.com/zesty/mailman, stuck at "Temporary failure"
References: 
Message-ID: 

[resending from right email address]

Hi Mark,

I?m starting from scratch but with the 2.1.23 mailman package found here: http://packages.ubuntu.com/zesty/mailman I took the amd64 .deb package http://packages.ubuntu.com/zesty/amd64/mailman/download.

I have done the following steps:
- Linuxmint 18 Sarah (Ubuntu 16 flavor)
- LAMP with PHP7 (stock install)
- Postfix and Dovecot (stock install)
- Updated Postfix and Dovecot config file to serve virtual domains (e.g. yogi.us and samson.us)
- Downloaded and installed the 2.1.23 mailman package
- Edited /etc/mailman/mm_cfg.py and enabled MTA=Postfix
- Copied /etc/mailman/apache.conf to /etc/apache2/sites-available/mailman.conf
- Used this instead what was in apache.con:

Options +ExecCGI
AddHandler cgi-script .cgi
Options FollowSymLinks
Require all granted

- Enable apache2 cgi module (was not enabled on stock install)
sudo a2enmod cgi
sudo service apache2 restart

http://mail.yugi.us/cgi-bin/mailman/listinfo now produces a nice mailman webpage

Note that Postfix services virtual domain.

Now I follow: https://www.gnu.org/software/mailman/mailman-install/postfix-virtual.html
I use:
virtual_alias_maps = ,
         hash:/var/lib/mailman/data/virtual-mailman
instead of the /usr/local/mailman ? as that?s not where the mailman package is installed.

I now run /var/lib/mailman/genaliases and voila /var/lib/mailman/data/virtualman and virtualman.db are generated!

I added, from one of my previous install I had a file called /etc/postfix/transport with the content of:
mail.yugi.us    mailman:

I sudo reboot just in case.

I send an email to mailman at yugi.us, it arrives in postfix and mail.log looks like:
Dec 22 09:50:05 mail amavis[5567]: (05567-08) Passed CLEAN {RelayedOutbound}, LOCAL [192.168.1.1]:56325 > -> >, Queue-ID: 6C0733FC22, Message-ID: <9035407C-0F0F-4EC1-8E0B-791645C68E4F at samsi.us>, mail_id: 50j8MooSZtlh, Hits: -0.002, size: 307, queued_as: DCB473FC72, 2500 ms

Dec 22 09:50:05 mail postfix/smtp[6025]: 6C0733FC22: to=>, relay=127.0.0.1[127.0.0.1]:10024, delay=2.6, delays=0.1/0.03/0.01/2.5, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as DCB473FC72)

Dec 22 09:50:05 mail postfix/qmgr[5982]: 6C0733FC22: removed

Dec 22 09:50:05 mail postfix/smtp[6031]: DCB473FC72: to=>, relay=yugi.us[216.9.1.153]:25, delay=0.52, delays=0.06/0.03/0.07/0.35, dsn=4.3.0, status=deferred (host yugi.us[216.9.1.153] said: 451 4.3.0 >: Temporary lookup failure (in reply to RCPT TO command))

Nothing happens after "Temporary lookup" failure.

What to do?

Thank you, Caesar.

On Dec 16, 2016, at 10:26 AM, Caesar Samsi > wrote:

Well this certainly might make it easier for me. I'll give the package a try.

Thank you.

Sent from my Samsung Tablet

Mark Sapiro > wrote:
On 12/16/2016 08:52 AM, Barry S. Finkel wrote:

As I have written before, one can easily create a Debian/Ubuntu package
for Mailman 2.x based on the SourceForge source.  Contact me for
details.  This will install Mailman in the directories that
Debian/Ubuntu uses, and I assume that installing the package will
overwrite any existing Debian/Ubuntu installation.

Thanks Barry.

Also note there is an article at  that
discusses how to upgrade the Debian/Ubuntu package from source.

Also note that there is a current (2.1.23) Ubuntu Mailman package at
 with links to the .deb for
all supported architectures and similarly for Debian at
.

--
Mark Sapiro >        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan
------------------------------------------------------
Mailman-Users mailing list Mailman-Users at python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: https://mail.python.org/mailman/options/mailman-users/cmsamsi%40hotmail.com
------------------------------------------------------
Mailman-Users mailing list Mailman-Users at python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: https://mail.python.org/mailman/options/mailman-users/cmsamsi%40hotmail.com

From cmsamsi at hotmail.com  Thu Dec 22 13:47:50 2016
From: cmsamsi at hotmail.com (Caesar Samsi)
Date: Thu, 22 Dec 2016 18:47:50 +0000
Subject: [Mailman-Users] Installing
 http://packages.ubuntu.com/zesty/mailman, stuck at "Temporary failure"
In-Reply-To: 
References: 

Message-ID: 

OK debugging further it turns out /var/lib/mailman/data/virtualman and virtualman.db is no longer there ?

Dec 22 10:42:24 localhost postfix/trivial-rewrite[4960]: warning: virtual_alias_
domains: hash:/var/lib/mailman/data/virtual-mailman: table lookup problem

Running /var/lib/mailman/bin/genaliases doesn?t create them.

On Dec 22, 2016, at 10:19 AM, Caesar Samsi > wrote:

[resending from right email address]

Hi Mark,

I?m starting from scratch but with the 2.1.23 mailman package found here: http://packages.ubuntu.com/zesty/mailman I took the amd64 .deb package http://packages.ubuntu.com/zesty/amd64/mailman/download.

I have done the following steps:
- Linuxmint 18 Sarah (Ubuntu 16 flavor)
- LAMP with PHP7 (stock install)
- Postfix and Dovecot (stock install)
- Updated Postfix and Dovecot config file to serve virtual domains (e.g. yogi.us and samson.us)
- Downloaded and installed the 2.1.23 mailman package
- Edited /etc/mailman/mm_cfg.py and enabled MTA=Postfix
- Copied /etc/mailman/apache.conf to /etc/apache2/sites-available/mailman.conf
- Used this instead what was in apache.con:

Options +ExecCGI
AddHandler cgi-script .cgi
Options FollowSymLinks
Require all granted

- Enable apache2 cgi module (was not enabled on stock install)
sudo a2enmod cgi
sudo service apache2 restart

http://mail.yugi.us/cgi-bin/mailman/listinfo now produces a nice mailman webpage

Note that Postfix services virtual domain.

Now I follow: https://www.gnu.org/software/mailman/mailman-install/postfix-virtual.html
I use:
virtual_alias_maps = ,
         hash:/var/lib/mailman/data/virtual-mailman
instead of the /usr/local/mailman ? as that?s not where the mailman package is installed.

I now run /var/lib/mailman/genaliases and voila /var/lib/mailman/data/virtualman and virtualman.db are generated!

I added, from one of my previous install I had a file called /etc/postfix/transport with the content of:
mail.yugi.us    mailman:

I sudo reboot just in case.

I send an email to mailman at yugi.us, it arrives in postfix and mail.log looks like:
Dec 22 09:50:05 mail amavis[5567]: (05567-08) Passed CLEAN {RelayedOutbound}, LOCAL [192.168.1.1]:56325 > -> >, Queue-ID: 6C0733FC22, Message-ID: <9035407C-0F0F-4EC1-8E0B-791645C68E4F at samsi.us>, mail_id: 50j8MooSZtlh, Hits: -0.002, size: 307, queued_as: DCB473FC72, 2500 ms

Dec 22 09:50:05 mail postfix/smtp[6025]: 6C0733FC22: to=>, relay=127.0.0.1[127.0.0.1]:10024, delay=2.6, delays=0.1/0.03/0.01/2.5, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as DCB473FC72)

Dec 22 09:50:05 mail postfix/qmgr[5982]: 6C0733FC22: removed

Dec 22 09:50:05 mail postfix/smtp[6031]: DCB473FC72: to=>, relay=yugi.us[216.9.1.153]:25, delay=0.52, delays=0.06/0.03/0.07/0.35, dsn=4.3.0, status=deferred (host yugi.us[216.9.1.153] said: 451 4.3.0 >: Temporary lookup failure (in reply to RCPT TO command))

Nothing happens after "Temporary lookup" failure.

What to do?

Thank you, Caesar.

On Dec 16, 2016, at 10:26 AM, Caesar Samsi > wrote:

Well this certainly might make it easier for me. I'll give the package a try.

Thank you.

Sent from my Samsung Tablet

Mark Sapiro > wrote:
On 12/16/2016 08:52 AM, Barry S. Finkel wrote:

As I have written before, one can easily create a Debian/Ubuntu package
for Mailman 2.x based on the SourceForge source.  Contact me for
details.  This will install Mailman in the directories that
Debian/Ubuntu uses, and I assume that installing the package will
overwrite any existing Debian/Ubuntu installation.

Thanks Barry.

Also note there is an article at  that
discusses how to upgrade the Debian/Ubuntu package from source.

Also note that there is a current (2.1.23) Ubuntu Mailman package at
 with links to the .deb for
all supported architectures and similarly for Debian at
.

--
Mark Sapiro >        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan
------------------------------------------------------
Mailman-Users mailing list Mailman-Users at python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: https://mail.python.org/mailman/options/mailman-users/cmsamsi%40hotmail.com
------------------------------------------------------
Mailman-Users mailing list Mailman-Users at python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: https://mail.python.org/mailman/options/mailman-users/cmsamsi%40hotmail.com

From mark at msapiro.net  Thu Dec 22 14:09:12 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Thu, 22 Dec 2016 11:09:12 -0800
Subject: [Mailman-Users] Fwd: Installing
 http://packages.ubuntu.com/zesty/mailman, stuck at "Temporary failure"
In-Reply-To: 
References: 

Message-ID: <653fc892-6d54-8cb3-bd6c-ed966bbf912a@msapiro.net>

On 12/22/2016 10:19 AM, Caesar Samsi wrote:
> 
> I?m starting from scratch but with the 2.1.23 mailman package found
> here: http://packages.ubuntu.com/zesty/mailman I took the amd64 .deb
> package http://packages.ubuntu.com/zesty/amd64/mailman/download.
...
> Note that Postfix services virtual domain. 
> 
> Now I
> follow: https://www.gnu.org/software/mailman/mailman-install/postfix-virtual.html

This is for a source install. While some of it is relevant, your package
also installed a bunch of things in /usr/share/doc/mailman/, in
particular, /usr/share/doc/mailman/README.Debian. Have you read that?

...
> I added, from one of my previous install I had a file called
> /etc/postfix/transport with the content of:
> mail.yugi.us     mailman:

This is for postfix_to_mailman.py. See .

...
>> Dec 22 09:50:05 mail postfix/smtp[6025]: 6C0733FC22:
>> to=,
>> relay=127.0.0.1[127.0.0.1]:10024, delay=2.6, delays=0.1/0.03/0.01/2.5,
>> dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025):
>> 250 2.0.0 Ok: queued as DCB473FC72)
> 
>> Dec 22 09:50:05 mail postfix/qmgr[5982]: 6C0733FC22: removed
>>
>> Dec 22 09:50:05 mail postfix/smtp[6031]: DCB473FC72:
>> to=, relay=yugi.us
>> [216.9.1.153]:25, delay=0.52,
>> delays=0.06/0.03/0.07/0.35, dsn=4.3.0, status=deferred (host yugi.us
>> [216.9.1.153] said: 451 4.3.0 :
>> Temporary lookup failure (in reply to RCPT
>> TO command))

I'm a bit confused here. The initial entry above says the message to
mailman at yugi.us was relayed via some service (amavis ?) at
127.0.0.1[127.0.0.1]:10024 which queued the message as DCB473FC72. Then
the next entry processing that queue ID says the message to
mailman at yugi.us is deferred because of a failure looking up
caesar at samsi.us which is the sender. It looks like Postfix is trying to
do some sort of sender verification which fails.

To say more, I'd need to see the output of 'postconf -n', but please
note that this list is not the primary support resource for either
Postfix or the Debian/Ubuntu Mailman package. See
.

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From mark at msapiro.net  Thu Dec 22 14:17:29 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Thu, 22 Dec 2016 11:17:29 -0800
Subject: [Mailman-Users] Installing
 http://packages.ubuntu.com/zesty/mailman, stuck at "Temporary failure"
In-Reply-To: 
References: 

Message-ID: <8d6ace0e-6c14-dd11-447d-1a527595ab74@msapiro.net>

On 12/22/2016 10:47 AM, Caesar Samsi wrote:
> OK debugging further it turns out /var/lib/mailman/data/virtualman and
> virtualman.db is no longer there ?
> 
>     Dec 22 10:42:24 localhost postfix/trivial-rewrite[4960]: warning:
>     virtual_alias_
>     domains: hash:/var/lib/mailman/data/virtual-mailman: table lookup
>     problem

What's in mm_cfg.py? (Make sure you're looking at the correct one.)

What is the value of the list's host_name attribute (near the bottom of
the list's web admin General Options page).

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From cmsamsi at hotmail.com  Thu Dec 22 14:24:50 2016
From: cmsamsi at hotmail.com (Caesar Samsi)
Date: Thu, 22 Dec 2016 19:24:50 +0000
Subject: [Mailman-Users] Installing
 http://packages.ubuntu.com/zesty/mailman, stuck at "Temporary failure"
In-Reply-To: <8d6ace0e-6c14-dd11-447d-1a527595ab74@msapiro.net>
References: 

 <8d6ace0e-6c14-dd11-447d-1a527595ab74@msapiro.net>
Message-ID: <45923E50-B139-42DE-B9E7-A8F90E1362D8@hotmail.com>

What is the value of the list's host_name attribute (near the bottom of
the list's web admin General Options page).

Overview of all yugi.us mailing lists

What's in mm_cfg.py? (Make sure you're looking at the correct one.)

/etc/mailman/mm_cfg.py (installed by the package), there is no /usr/local/mailman directory
# -*- python -*-

# Copyright (C) 1998,1999,2000 by the Free Software Foundation, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
# 02110-1301 USA

"""This is the module which takes your site-specific settings.

From a raw distribution it should be copied to mm_cfg.py.  If you
already have an mm_cfg.py, be careful to add in only the new settings
you want.  The complete set of distributed defaults, with annotation,
are in ./Defaults.  In mm_cfg, override only those you want to
change, after the

  from Defaults import *

line (see below).

Note that these are just default settings - many can be overridden via the
admin and user interfaces on a per-list or per-user basis.

Note also that some of the settings are resolved against the active list
setting by using the value as a format string against the
list-instance-object's dictionary - see the distributed value of
DEFAULT_MSG_FOOTER for an example."""

#######################################################
#    Here's where we get the distributed defaults.    #

from Defaults import *

##############################################################
# Put YOUR site-specific configuration below, in mm_cfg.py . #
# See Defaults.py for explanations of the values.            #

#-------------------------------------------------------------
# The name of the list Mailman uses to send password reminders
# and similar. Don't change if you want mailman-owner to be
# a valid local part.
MAILMAN_SITE_LIST = 'mailman'

#-------------------------------------------------------------
# If you change these, you have to configure your http server
# accordingly (Alias and ScriptAlias directives in most httpds)
DEFAULT_URL_PATTERN = 'http://%s/cgi-bin/mailman/'
IMAGE_LOGOS         = '/images/mailman/'

#-------------------------------------------------------------
# Default domain for email addresses of newly created MLs
DEFAULT_EMAIL_HOST = 'yugi.us'
#-------------------------------------------------------------
# Default host for web interface of newly created MLs
DEFAULT_URL_HOST   = 'yugi.us'
#-------------------------------------------------------------
# Required when setting any of its arguments.
add_virtualhost(DEFAULT_URL_HOST, DEFAULT_EMAIL_HOST)

#-------------------------------------------------------------
# The default language for this server.
DEFAULT_SERVER_LANGUAGE = 'en'

#-------------------------------------------------------------
# Iirc this was used in pre 2.1, leave it for now
USE_ENVELOPE_SENDER    = 0              # Still used?

#-------------------------------------------------------------
# Unset send_reminders on newly created lists
DEFAULT_SEND_REMINDERS = 0

#-------------------------------------------------------------
# Uncomment this if you configured your MTA such that it
# automatically recognizes newly created lists.
# (see /usr/share/doc/mailman/README.Exim4.Debian or
# /usr/share/mailman/postfix-to-mailman.py)
# MTA=None   # Misnomer, suppresses alias output on newlist

#-------------------------------------------------------------
# Uncomment if you use Postfix virtual domains (but not
# postfix-to-mailman.py), but be sure to see
# /usr/share/doc/mailman/README.Debian first.
MTA='Postfix'

#-------------------------------------------------------------
# Uncomment if you want to filter mail with SpamAssassin. For
# more information please visit this website:
# http://www.jamesh.id.au/articles/mailman-spamassassin/
# GLOBAL_PIPELINE.insert(1, 'SpamAssassin')

# Note - if you're looking for something that is imported from mm_cfg, but you
# didn't find it above, it's probably in /usr/lib/mailman/Mailman/Defaults.py.

On Dec 22, 2016, at 11:17 AM, Mark Sapiro > wrote:

On 12/22/2016 10:47 AM, Caesar Samsi wrote:
OK debugging further it turns out /var/lib/mailman/data/virtualman and
virtualman.db is no longer there ?

   Dec 22 10:42:24 localhost postfix/trivial-rewrite[4960]: warning:
   virtual_alias_
   domains: hash:/var/lib/mailman/data/virtual-mailman: table lookup
   problem

--
Mark Sapiro >        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From cmsamsi at hotmail.com  Thu Dec 22 14:55:56 2016
From: cmsamsi at hotmail.com (Caesar Samsi)
Date: Thu, 22 Dec 2016 19:55:56 +0000
Subject: [Mailman-Users] Tiny itty bitty bug
Message-ID: <9387A45D-985A-411A-827D-E4946A01FD29@hotmail.com>

If you go to your mailing list?s admin page. At the very bottom, the domain name is missing the very fist dot:

Overview of all mailyugi.us mailing lists

It should be mail.yugi.us

From cmsamsi at hotmail.com  Thu Dec 22 14:57:45 2016
From: cmsamsi at hotmail.com (Caesar Samsi)
Date: Thu, 22 Dec 2016 19:57:45 +0000
Subject: [Mailman-Users] Tiny itty bitty bug
In-Reply-To: <9387A45D-985A-411A-827D-E4946A01FD29@hotmail.com>
References: <9387A45D-985A-411A-827D-E4946A01FD29@hotmail.com>
Message-ID: <2D7F0732-EA00-4A3A-B72E-672147D596FA@hotmail.com>

Actually my bug ? 

On Dec 22, 2016, at 11:55 AM, Caesar Samsi > wrote:

If you go to your mailing list?s admin page. At the very bottom, the domain name is missing the very fist dot:

Overview of all mailyugi.us mailing lists

It should be mail.yugi.us

From mark at msapiro.net  Thu Dec 22 15:00:33 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Thu, 22 Dec 2016 12:00:33 -0800
Subject: [Mailman-Users] Tiny itty bitty bug
In-Reply-To: <9387A45D-985A-411A-827D-E4946A01FD29@hotmail.com>
References: <9387A45D-985A-411A-827D-E4946A01FD29@hotmail.com>
Message-ID: <73245b3d-3c06-09b3-0062-06b6c6953be1@msapiro.net>

On 12/22/2016 11:55 AM, Caesar Samsi wrote:
> If you go to your mailing list?s admin page. At the very bottom, the domain name is missing the very fist dot:
> 
> Overview of all mailyugi.us mailing lists
> 
> It should be mail.yugi.us

This is due to a misconfiguration on your part. See

which says in part:

>> ...
>> #-------------------------------------------------------------
>> # Default domain for email addresses of newly created MLs
>> DEFAULT_EMAIL_HOST = 'mailyugi.us'
> 
> Missing a dot - 'mail.yugi.us'

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From mark at msapiro.net  Thu Dec 22 15:06:13 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Thu, 22 Dec 2016 12:06:13 -0800
Subject: [Mailman-Users] Installing
 http://packages.ubuntu.com/zesty/mailman, stuck at "Temporary failure"
In-Reply-To: <45923E50-B139-42DE-B9E7-A8F90E1362D8@hotmail.com>
References: 

 <8d6ace0e-6c14-dd11-447d-1a527595ab74@msapiro.net>
 <45923E50-B139-42DE-B9E7-A8F90E1362D8@hotmail.com>
Message-ID: <89c36d09-f51e-45b2-e75b-56d6f5e11019@msapiro.net>

On 12/22/2016 11:24 AM, Caesar Samsi wrote:
>> *What is the value of the list's host_name attribute (near the bottom of
>> the list's web admin General Options page).
>> *
> 
> Overview of all yugi.us mailing lists
> 

Go to , log in and scroll
down until you see

Host name this list prefers for email.
(Details for host_name)

(about 5 settings from the bottom).  What is that set to?

> *What's in mm_cfg.py? (Make sure you're looking at the correct one.)*
...
> #-------------------------------------------------------------
> # Default domain for email addresses of newly created MLs
> DEFAULT_EMAIL_HOST = 'yugi.us'
> #-------------------------------------------------------------
> # Default host for web interface of newly created MLs
> DEFAULT_URL_HOST   = 'yugi.us'
> #-------------------------------------------------------------
> # Required when setting any of its arguments.
> add_virtualhost(DEFAULT_URL_HOST, DEFAULT_EMAIL_HOST)

You are missing POSTFIX_STYLE_VIRTUAL_DOMAINS. See

which says in part

>> POSTFIX_STYLE_VIRTUAL_DOMAINS = ['yugi.us']
> 
> If you want to generate data/virtual-mailman for lists in the
> mail.yugi.us email domain, this should be
> 
> POSTFIX_STYLE_VIRTUAL_DOMAINS = ['mail.yugi.us']
> 
> or
> 
> POSTFIX_STYLE_VIRTUAL_DOMAINS = ['yugi.us', 'mail.yugi.us']
> 
> if you want both.

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From cmsamsi at hotmail.com  Thu Dec 22 16:21:22 2016
From: cmsamsi at hotmail.com (Caesar Samsi)
Date: Thu, 22 Dec 2016 21:21:22 +0000
Subject: [Mailman-Users] Installing
 http://packages.ubuntu.com/zesty/mailman, stuck at "Temporary failure"
In-Reply-To: 
References: 

 <8d6ace0e-6c14-dd11-447d-1a527595ab74@msapiro.net>
 <45923E50-B139-42DE-B9E7-A8F90E1362D8@hotmail.com>
 <89c36d09-f51e-45b2-e75b-56d6f5e11019@msapiro.net>

Message-ID: 

[adding list back for archive]

I?ve also added:

POSTFIX_STYLE_VIRTUAL_DOMAINS = ['yugi.us','mail.yugi.us']
VIRTUAL_MAILMAN_LOCAL_DOMAIN = ?localhost'

Restarted mailman, postfix, and apache2.

I still get in /var/log/mail.log

Dec 22 12:17:50 localhost postfix/trivial-rewrite[6456]: warning: hash:/var/lib/mailman/data/virtual-mailman is unavailable. open database /var/lib/mailman/data/virtual-mailman.db: No such file or directory

On Dec 22, 2016, at 12:10 PM, Caesar Samsi > wrote:

It?s mail.yugi.us

On Dec 22, 2016, at 12:06 PM, Mark Sapiro > wrote:

On 12/22/2016 11:24 AM, Caesar Samsi wrote:
*What is the value of the list's host_name attribute (near the bottom of
the list's web admin General Options page).
*

Overview of all yugi.us mailing lists

Go to , log in and scroll
down until you see

Host name this list prefers for email.
(Details for host_name)

(about 5 settings from the bottom).  What is that set to?

*What's in mm_cfg.py? (Make sure you're looking at the correct one.)*
...
#-------------------------------------------------------------
# Default domain for email addresses of newly created MLs
DEFAULT_EMAIL_HOST = 'yugi.us'
#-------------------------------------------------------------
# Default host for web interface of newly created MLs
DEFAULT_URL_HOST   = 'yugi.us'
#-------------------------------------------------------------
# Required when setting any of its arguments.
add_virtualhost(DEFAULT_URL_HOST, DEFAULT_EMAIL_HOST)

You are missing POSTFIX_STYLE_VIRTUAL_DOMAINS. See

which says in part

POSTFIX_STYLE_VIRTUAL_DOMAINS = ['yugi.us']

If you want to generate data/virtual-mailman for lists in the
mail.yugi.us email domain, this should be

POSTFIX_STYLE_VIRTUAL_DOMAINS = ['mail.yugi.us']

or

POSTFIX_STYLE_VIRTUAL_DOMAINS = ['yugi.us', 'mail.yugi.us']

if you want both.

--
Mark Sapiro >        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From mark at msapiro.net  Thu Dec 22 16:29:18 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Thu, 22 Dec 2016 13:29:18 -0800
Subject: [Mailman-Users] Installing
 http://packages.ubuntu.com/zesty/mailman, stuck at "Temporary failure"
In-Reply-To: 
References: 

 <8d6ace0e-6c14-dd11-447d-1a527595ab74@msapiro.net>
 <45923E50-B139-42DE-B9E7-A8F90E1362D8@hotmail.com>
 <89c36d09-f51e-45b2-e75b-56d6f5e11019@msapiro.net>

Message-ID: <8a8c576e-70f6-a055-b5d8-ec64b60aa0a6@msapiro.net>

On 12/22/2016 01:21 PM, Caesar Samsi wrote:
> 
> I?ve also added:
> 
> POSTFIX_STYLE_VIRTUAL_DOMAINS = ['yugi.us','mail.yugi.us']
> VIRTUAL_MAILMAN_LOCAL_DOMAIN = ?localhost'
> 
> Restarted mailman, postfix, and apache2.
> 
> I still get in /var/log/mail.log
> 
> Dec 22 12:17:50 localhost postfix/trivial-rewrite[6456]: warning: hash:/var/lib/mailman/data/virtual-mailman is unavailable. open database /var/lib/mailman/data/virtual-mailman.db: No such file or directory

Did you run genaliases?

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From cmsamsi at hotmail.com  Thu Dec 22 16:41:35 2016
From: cmsamsi at hotmail.com (Caesar Samsi)
Date: Thu, 22 Dec 2016 21:41:35 +0000
Subject: [Mailman-Users] Installing
 http://packages.ubuntu.com/zesty/mailman, stuck at "Temporary failure"
In-Reply-To: <8a8c576e-70f6-a055-b5d8-ec64b60aa0a6@msapiro.net>
References: 

 <8d6ace0e-6c14-dd11-447d-1a527595ab74@msapiro.net>
 <45923E50-B139-42DE-B9E7-A8F90E1362D8@hotmail.com>
 <89c36d09-f51e-45b2-e75b-56d6f5e11019@msapiro.net>

 <8a8c576e-70f6-a055-b5d8-ec64b60aa0a6@msapiro.net>
Message-ID: <74E65C0A-4AE4-40DB-989B-D0D2D505BEFB@hotmail.com>

I was missing this step from: https://help.ubuntu.com/community/Mailman#Postfix_Configuration

Associate the domain lists.example.com to the mailman transport with the transport map. Edit the file /etc/postfix/transport:

lists.example.com      mailman:

Of course I replaced list.example.com with mail.yugi.us

Got further: I ran genaliases after that and virtual-mailman and virtual-mailman.db showed up in /var/lib/mailman/data woo hoo!

I test sent to mailman at yugi.us and got in /var/log/mail.log:
Dec 22 13:39:32 localhost postfix/smtpd[3566]: NOQUEUE: reject: RCPT from 0-46.static.highlandsfibernetwork.com[216.9.0.46]: 550 5.1.1 >: Recipient address rejected: User unknown in virtual mailbox table; from=> to=> proto=ESMTP helo=>

On Dec 22, 2016, at 1:29 PM, Mark Sapiro > wrote:

On 12/22/2016 01:21 PM, Caesar Samsi wrote:

I?ve also added:

POSTFIX_STYLE_VIRTUAL_DOMAINS = ['yugi.us','mail.yugi.us']
VIRTUAL_MAILMAN_LOCAL_DOMAIN = ?localhost'

Restarted mailman, postfix, and apache2.

I still get in /var/log/mail.log

Dec 22 12:17:50 localhost postfix/trivial-rewrite[6456]: warning: hash:/var/lib/mailman/data/virtual-mailman is unavailable. open database /var/lib/mailman/data/virtual-mailman.db: No such file or directory

Did you run genaliases?

--
Mark Sapiro >        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan
------------------------------------------------------
Mailman-Users mailing list Mailman-Users at python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: https://mail.python.org/mailman/options/mailman-users/cmsamsi%40hotmail.com

From jimpop at gmail.com  Thu Dec 22 16:53:49 2016
From: jimpop at gmail.com (Jim Popovitch)
Date: Thu, 22 Dec 2016 16:53:49 -0500
Subject: [Mailman-Users] Spam to "-request" address generating
 backscatter spam
In-Reply-To: <687ac64d-dda2-a543-7949-2b893caeae3c@msapiro.net>
References: <584F2DC2.19582.11490C30@edward.hasbrouck.org>
 <687ac64d-dda2-a543-7949-2b893caeae3c@msapiro.net>
Message-ID: 

On Tue, Dec 13, 2016 at 12:35 PM, Mark Sapiro  wrote:
>
> Steve has answered most of this. I just want to add a couple of things.
> With respect to web subscribes, several sites including python.org have
> seen mail bomb attacks via the web subscribe interface.
>
> These are subscribes via the web UI by distributed bots that are "smart"
> enough to GET the form  and delay tens of seconds before POSTing it. The
> most recent attacks have been multiple subscribes to multiple lists of
> some gmail.com address with various permutations of dots (ignored by
> gmail) interspersed in the local part. The most recent attack on
> mail.python.org subscribed addresses that matched
>
>   '^.*s\.*u\.*n\.*i\.*b\.*e\.*e\.*s\.*t\.*a\.*r\.*s.*@gmail\.com

I know the GLOBAL_BAN_LIST is for email addrs, but what would it take
to implement the same (or some field validation logic) for the
"fullname" field of the subscription page.   I'm still seeing a ton of
subscribe spam attempts, and the fullname field is consistently not a
text name.

>From nginx log:

...sales at apexgolfcarts.com&fullname=58562fbb70e22...
...ellenv3 at hotmail.com&fullname=5856315b5b695...
...scottpickup2000 at gmail.com&fullname=5856372a4e2f1...
...vanessae at live.com&fullname=58563aa6664bf...
...meagan at meaganlucyphoto.con&fullname=58563ab925ac7...
...saramardambey at gmail.com&fullname=58564566dc31b...
...dotthomas717 at yahoo.com&fullname=5856456df0b96...
...scottpickup2000 at gmail.com&fullname=58564b85ccf98...

-Jim P.

From cmsamsi at hotmail.com  Thu Dec 22 17:36:22 2016
From: cmsamsi at hotmail.com (Caesar Samsi)
Date: Thu, 22 Dec 2016 22:36:22 +0000
Subject: [Mailman-Users] Installing
 http://packages.ubuntu.com/zesty/mailman, stuck at "Temporary failure"
In-Reply-To: <74E65C0A-4AE4-40DB-989B-D0D2D505BEFB@hotmail.com>
References: 

 <8d6ace0e-6c14-dd11-447d-1a527595ab74@msapiro.net>
 <45923E50-B139-42DE-B9E7-A8F90E1362D8@hotmail.com>
 <89c36d09-f51e-45b2-e75b-56d6f5e11019@msapiro.net>

 <8a8c576e-70f6-a055-b5d8-ec64b60aa0a6@msapiro.net>
 <74E65C0A-4AE4-40DB-989B-D0D2D505BEFB@hotmail.com>
Message-ID: <39B5DA93-2A85-4426-A3C2-CF4A65AD7059@hotmail.com>

Alright here is my postfix config, hope there?s something useful in there.

alias_maps = hash:/etc/aliases,hash:/var/lib/mailman/data/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
content_filter = amavis:[127.0.0.1]:10024
disable_vrfy_command = yes
dovecot_destination_recipient_limit = 1
enable_original_recipient = no
header_checks = regexp:/etc/postfix/header_checks
inet_interfaces = all
mailbox_size_limit = 0
maximal_backoff_time = 8000s
maximal_queue_lifetime = 7d
minimal_backoff_time = 1000s
mydestination =
myhostname = mail.yugi.com
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mynetworks_style = host
myorigin = /etc/hostname
readme_directory = no
recipient_delimiter = +
smtp_helo_timeout = 60s
smtp_tls_note_starttls_offer = yes
smtp_tls_security_level = may
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_client_restrictions = reject_rbl_client sbl.spamhaus.org, reject_rbl_client blackholes.easynet.nl
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_delay_reject = yes
smtpd_hard_error_limit = 12
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, warn_if_reject reject_non_fqdn_hostname, reject_invalid_hostname, permit
smtpd_recipient_limit = 16
smtpd_recipient_restrictions = reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_destination, permit
smtpd_relay_restrictions = reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_destination, permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain =
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_login_maps = mysql:/etc/postfix/mysql_virtual_sender_login_maps.cf
smtpd_sender_restrictions = permit_mynetworks, reject_authenticated_sender_login_mismatch, permit_sasl_authenticated, warn_if_reject reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauth_pipelining, permit
smtpd_soft_error_limit = 3
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_dh1024_param_file = /etc/ssl/private/dhparams.pem
smtpd_tls_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CDC3-SHA, KRB5-DE5, CBC3-SHA
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_loglevel = 1
smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 450
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf, mysql:/etc/postfix/mysql_virtual_alias_domainaliases_maps.cf, hash:/var/lib/mailman/data/virtual-mailman
virtual_gid_maps = static:8
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf, mysql:/etc/postfix/mysql_virtual_mailbox_domainaliases_maps.cf
virtual_transport = dovecot
virtual_uid_maps = static:150

> On Dec 22, 2016, at 1:41 PM, Caesar Samsi  wrote:
> 
> I was missing this step from: https://help.ubuntu.com/community/Mailman#Postfix_Configuration
> 
> 
> Associate the domain lists.example.com to the mailman transport with the transport map. Edit the file /etc/postfix/transport:
> 
> lists.example.com      mailman:
> 
> Of course I replaced list.example.com with mail.yugi.us
> 
> Got further: I ran genaliases after that and virtual-mailman and virtual-mailman.db showed up in /var/lib/mailman/data woo hoo!
> 
> I test sent to mailman at yugi.us and got in /var/log/mail.log:
> Dec 22 13:39:32 localhost postfix/smtpd[3566]: NOQUEUE: reject: RCPT from 0-46.static.highlandsfibernetwork.com[216.9.0.46]: 550 5.1.1 >: Recipient address rejected: User unknown in virtual mailbox table; from=> to=> proto=ESMTP helo=>
> 
> On Dec 22, 2016, at 1:29 PM, Mark Sapiro > wrote:
> 
> On 12/22/2016 01:21 PM, Caesar Samsi wrote:
> 
> I?ve also added:
> 
> POSTFIX_STYLE_VIRTUAL_DOMAINS = ['yugi.us','mail.yugi.us']
> VIRTUAL_MAILMAN_LOCAL_DOMAIN = ?localhost'
> 
> Restarted mailman, postfix, and apache2.
> 
> I still get in /var/log/mail.log
> 
> Dec 22 12:17:50 localhost postfix/trivial-rewrite[6456]: warning: hash:/var/lib/mailman/data/virtual-mailman is unavailable. open database /var/lib/mailman/data/virtual-mailman.db: No such file or directory
> 
> 
> Did you run genaliases?
> 
> --
> Mark Sapiro >        The highway is for gamblers,
> San Francisco Bay Area, California    better use your sense - B. Dylan
> ------------------------------------------------------
> Mailman-Users mailing list Mailman-Users at python.org
> https://mail.python.org/mailman/listinfo/mailman-users
> Mailman FAQ: http://wiki.list.org/x/AgA3
> Security Policy: http://wiki.list.org/x/QIA9
> Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
> Unsubscribe: https://mail.python.org/mailman/options/mailman-users/cmsamsi%40hotmail.com
> 
> ------------------------------------------------------
> Mailman-Users mailing list Mailman-Users at python.org
> https://mail.python.org/mailman/listinfo/mailman-users
> Mailman FAQ: http://wiki.list.org/x/AgA3
> Security Policy: http://wiki.list.org/x/QIA9
> Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
> Unsubscribe: https://mail.python.org/mailman/options/mailman-users/cmsamsi%40hotmail.com

From jimpop at gmail.com  Thu Dec 22 18:01:37 2016
From: jimpop at gmail.com (Jim Popovitch)
Date: Thu, 22 Dec 2016 18:01:37 -0500
Subject: [Mailman-Users] Spam to "-request" address generating
 backscatter spam
In-Reply-To: 
References: <584F2DC2.19582.11490C30@edward.hasbrouck.org>
 <687ac64d-dda2-a543-7949-2b893caeae3c@msapiro.net>

Message-ID: 

On Thu, Dec 22, 2016 at 4:53 PM, Jim Popovitch  wrote:
> On Tue, Dec 13, 2016 at 12:35 PM, Mark Sapiro  wrote:
>>
>> Steve has answered most of this. I just want to add a couple of things.
>> With respect to web subscribes, several sites including python.org have
>> seen mail bomb attacks via the web subscribe interface.
>>
>> These are subscribes via the web UI by distributed bots that are "smart"
>> enough to GET the form  and delay tens of seconds before POSTing it. The
>> most recent attacks have been multiple subscribes to multiple lists of
>> some gmail.com address with various permutations of dots (ignored by
>> gmail) interspersed in the local part. The most recent attack on
>> mail.python.org subscribed addresses that matched
>>
>>   '^.*s\.*u\.*n\.*i\.*b\.*e\.*e\.*s\.*t\.*a\.*r\.*s.*@gmail\.com
>
> I know the GLOBAL_BAN_LIST is for email addrs, but what would it take
> to implement the same (or some field validation logic) for the
> "fullname" field of the subscription page.   I'm still seeing a ton of
> subscribe spam attempts, and the fullname field is consistently not a
> text name.
>

I think i have a better solution, (but I'm not so sure how to do this
in Apache).  In Nginx you can use "limit_except PUT { deny  all; }"
to deny the spambot GET attempts.

-Jim P.

From cmsamsi at hotmail.com  Thu Dec 22 18:07:24 2016
From: cmsamsi at hotmail.com (Caesar Samsi)
Date: Thu, 22 Dec 2016 23:07:24 +0000
Subject: [Mailman-Users] Installing
 http://packages.ubuntu.com/zesty/mailman, stuck at "Temporary failure"
In-Reply-To: <39B5DA93-2A85-4426-A3C2-CF4A65AD7059@hotmail.com>
References: 

 <8d6ace0e-6c14-dd11-447d-1a527595ab74@msapiro.net>
 <45923E50-B139-42DE-B9E7-A8F90E1362D8@hotmail.com>
 <89c36d09-f51e-45b2-e75b-56d6f5e11019@msapiro.net>

 <8a8c576e-70f6-a055-b5d8-ec64b60aa0a6@msapiro.net>
 <74E65C0A-4AE4-40DB-989B-D0D2D505BEFB@hotmail.com>
 <39B5DA93-2A85-4426-A3C2-CF4A65AD7059@hotmail.com>
Message-ID: <7679D4E4-3914-480F-B906-2C0BD73B7859@hotmail.com>

Alright I'm stuck here now, been trolling google ? haven?t found a clue yet.

Dec 22 15:02:22 localhost postfix/smtpd[7643]: NOQUEUE: reject: RCPT from 0-46.static.highlandsfibernetwork.com[216.9.0.46]: 550 5.1.1 >: Recipient address rejected: User unknown in virtual mailbox table; from=> to=> proto=ESMTP helo=>

On Dec 22, 2016, at 2:36 PM, Caesar Samsi > wrote:

Alright here is my postfix config, hope there?s something useful in there.

alias_maps = hash:/etc/aliases,hash:/var/lib/mailman/data/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
content_filter = amavis:[127.0.0.1]:10024
disable_vrfy_command = yes
dovecot_destination_recipient_limit = 1
enable_original_recipient = no
header_checks = regexp:/etc/postfix/header_checks
inet_interfaces = all
mailbox_size_limit = 0
maximal_backoff_time = 8000s
maximal_queue_lifetime = 7d
minimal_backoff_time = 1000s
mydestination =
myhostname = mail.yugi.com
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mynetworks_style = host
myorigin = /etc/hostname
readme_directory = no
recipient_delimiter = +
smtp_helo_timeout = 60s
smtp_tls_note_starttls_offer = yes
smtp_tls_security_level = may
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_client_restrictions = reject_rbl_client sbl.spamhaus.org, reject_rbl_client blackholes.easynet.nl
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_delay_reject = yes
smtpd_hard_error_limit = 12
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, warn_if_reject reject_non_fqdn_hostname, reject_invalid_hostname, permit
smtpd_recipient_limit = 16
smtpd_recipient_restrictions = reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_destination, permit
smtpd_relay_restrictions = reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_destination, permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain =
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_login_maps = mysql:/etc/postfix/mysql_virtual_sender_login_maps.cf
smtpd_sender_restrictions = permit_mynetworks, reject_authenticated_sender_login_mismatch, permit_sasl_authenticated, warn_if_reject reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauth_pipelining, permit
smtpd_soft_error_limit = 3
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_dh1024_param_file = /etc/ssl/private/dhparams.pem
smtpd_tls_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CDC3-SHA, KRB5-DE5, CBC3-SHA
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_loglevel = 1
smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 450
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf, mysql:/etc/postfix/mysql_virtual_alias_domainaliases_maps.cf, hash:/var/lib/mailman/data/virtual-mailman
virtual_gid_maps = static:8
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf, mysql:/etc/postfix/mysql_virtual_mailbox_domainaliases_maps.cf
virtual_transport = dovecot
virtual_uid_maps = static:150

On Dec 22, 2016, at 1:41 PM, Caesar Samsi > wrote:

I was missing this step from: https://help.ubuntu.com/community/Mailman#Postfix_Configuration

Associate the domain lists.example.com to the mailman transport with the transport map. Edit the file /etc/postfix/transport:

lists.example.com      mailman:

Of course I replaced list.example.com with mail.yugi.us

Got further: I ran genaliases after that and virtual-mailman and virtual-mailman.db showed up in /var/lib/mailman/data woo hoo!

I test sent to mailman at yugi.us and got in /var/log/mail.log:
Dec 22 13:39:32 localhost postfix/smtpd[3566]: NOQUEUE: reject: RCPT from 0-46.static.highlandsfibernetwork.com[216.9.0.46]: 550 5.1.1 >: Recipient address rejected: User unknown in virtual mailbox table; from=> to=> proto=ESMTP helo=>

On Dec 22, 2016, at 1:29 PM, Mark Sapiro > wrote:

On 12/22/2016 01:21 PM, Caesar Samsi wrote:

I?ve also added:

POSTFIX_STYLE_VIRTUAL_DOMAINS = ['yugi.us','mail.yugi.us']
VIRTUAL_MAILMAN_LOCAL_DOMAIN = ?localhost'

Restarted mailman, postfix, and apache2.

I still get in /var/log/mail.log

Dec 22 12:17:50 localhost postfix/trivial-rewrite[6456]: warning: hash:/var/lib/mailman/data/virtual-mailman is unavailable. open database /var/lib/mailman/data/virtual-mailman.db: No such file or directory

Did you run genaliases?

--
Mark Sapiro >        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan
------------------------------------------------------
Mailman-Users mailing list Mailman-Users at python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: https://mail.python.org/mailman/options/mailman-users/cmsamsi%40hotmail.com

------------------------------------------------------
Mailman-Users mailing list Mailman-Users at python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: https://mail.python.org/mailman/options/mailman-users/cmsamsi%40hotmail.com

From jimpop at gmail.com  Thu Dec 22 18:19:31 2016
From: jimpop at gmail.com (Jim Popovitch)
Date: Thu, 22 Dec 2016 18:19:31 -0500
Subject: [Mailman-Users] Installing
 http://packages.ubuntu.com/zesty/mailman, stuck at "Temporary failure"
In-Reply-To: <7679D4E4-3914-480F-B906-2C0BD73B7859@hotmail.com>
References: 

 <8d6ace0e-6c14-dd11-447d-1a527595ab74@msapiro.net>
 <45923E50-B139-42DE-B9E7-A8F90E1362D8@hotmail.com>
 <89c36d09-f51e-45b2-e75b-56d6f5e11019@msapiro.net>

 <8a8c576e-70f6-a055-b5d8-ec64b60aa0a6@msapiro.net>
 <74E65C0A-4AE4-40DB-989B-D0D2D505BEFB@hotmail.com>
 <39B5DA93-2A85-4426-A3C2-CF4A65AD7059@hotmail.com>
 <7679D4E4-3914-480F-B906-2C0BD73B7859@hotmail.com>
Message-ID: 

On Thu, Dec 22, 2016 at 6:07 PM, Caesar Samsi  wrote:
> Alright I'm stuck here now, been trolling google ? haven?t found a clue yet.
>
> Dec 22 15:02:22 localhost postfix/smtpd[7643]: NOQUEUE: reject: RCPT from 0-46.static.highlandsfibernetwork.com[216.9.0.46]: 550 5.1.1 >: Recipient address rejected: User unknown in virtual mailbox table; from=> to=> proto=ESMTP helo=>

I could be wrong, but I didn't see virtual_alias_domains defined in
your main.cf.  That needs to be defined in order for
virtual_alias_maps to be relevant.

-Jim P.

From mark at msapiro.net  Thu Dec 22 18:26:57 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Thu, 22 Dec 2016 15:26:57 -0800
Subject: [Mailman-Users] Spam to "-request" address generating
 backscatter spam
In-Reply-To: 
References: <584F2DC2.19582.11490C30@edward.hasbrouck.org>
 <687ac64d-dda2-a543-7949-2b893caeae3c@msapiro.net>

Message-ID: 

On 12/22/2016 03:01 PM, Jim Popovitch wrote:
> 
> I think i have a better solution, (but I'm not so sure how to do this
> in Apache).  In Nginx you can use "limit_except PUT { deny  all; }"
> to deny the spambot GET attempts.

in apache 2.4 you would do

      Require all denied

    Require all granted

but how does this help? No one, including bots GETs the subscribe CGI,
and subscription is via POST, not PUT.

The scenario is the same for bots and humans. GET the listinfo CGI with
the hidden token and then POST the form to the subscribe CGI. I don't
see how you can block one without blocking the other.

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From jimpop at gmail.com  Thu Dec 22 18:38:56 2016
From: jimpop at gmail.com (Jim Popovitch)
Date: Thu, 22 Dec 2016 18:38:56 -0500
Subject: [Mailman-Users] Spam to "-request" address generating
 backscatter spam
In-Reply-To: 
References: <584F2DC2.19582.11490C30@edward.hasbrouck.org>
 <687ac64d-dda2-a543-7949-2b893caeae3c@msapiro.net>

Message-ID: 

On Thu, Dec 22, 2016 at 6:26 PM, Mark Sapiro  wrote:
> On 12/22/2016 03:01 PM, Jim Popovitch wrote:
>>
>> I think i have a better solution, (but I'm not so sure how to do this
>> in Apache).  In Nginx you can use "limit_except PUT { deny  all; }"
>> to deny the spambot GET attempts.
>
> in apache 2.4 you would do
>
>     
>       Require all denied
>     
>     Require all granted
>
> but how does this help? No one, including bots GETs the subscribe CGI,
> and subscription is via POST, not PUT.

Indeed, POST, not PUT.  I have POST in my config, but the docs that I
saw (which I copied to here) used PUT.

> The scenario is the same for bots and humans. GET the listinfo CGI with
> the hidden token and then POST the form to the subscribe CGI. I don't
> see how you can block one without blocking the other.

I'm seeing GET attempts like this:

77.247.181.165 - - [22/Dec/2016:23:30:10 +0000] "GET
/subscribe/users?sub_form_token=1527449307%3A44440ca6e66379d0e6e9c45b66d93d5864da4621&email=jconno2215%40gmail.com&fullname=585c61c234d98&pw=&pw-conf=&digest=1&email-button=jconno2215%40gmail.com&language=en&?sub_form_token=1527449307%3A44440ca6e66379d0e6e9c45b66d93d5864da4621&email=jconno2215%40gmail.com&fullname=585c61c234d98&pw=&pw-conf=&digest=1&email-button=jconno2215%40gmail.com&language=en&&sub_form_token=1527449307%3A44440ca6e66379d0e6e9c45b66d93d5864da4621&email=jconno2215%40gmail.com&fullname=585c61c234d98&pw=&pw-conf=&digest=1&email-button=jconno2215%40gmail.com&language=en&
HTTP/1.1" 404 162 "http://netcoolusers.org/" "Mozilla/5.0 (Windows NT
5.1; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"

Although those are failing because they are hitting /subscribe, but if
they ever tweak the bots it could get ugly fast without some
mitigation.

-Jim P.

From mark at msapiro.net  Thu Dec 22 18:43:39 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Thu, 22 Dec 2016 15:43:39 -0800
Subject: [Mailman-Users] Spam to "-request" address generating
 backscatter spam
In-Reply-To: 
References: <584F2DC2.19582.11490C30@edward.hasbrouck.org>
 <687ac64d-dda2-a543-7949-2b893caeae3c@msapiro.net>

Message-ID: <83ebed1d-23ee-f488-a47e-5b2f68e68519@msapiro.net>

On 12/22/2016 01:53 PM, Jim Popovitch wrote:
> 
> I know the GLOBAL_BAN_LIST is for email addrs, but what would it take
> to implement the same (or some field validation logic) for the
> "fullname" field of the subscription page.   I'm still seeing a ton of
> subscribe spam attempts, and the fullname field is consistently not a
> text name.
> 
>>From nginx log:
> 
> ...sales at apexgolfcarts.com&fullname=58562fbb70e22...
> ...ellenv3 at hotmail.com&fullname=5856315b5b695...
> ...scottpickup2000 at gmail.com&fullname=5856372a4e2f1...
> ...vanessae at live.com&fullname=58563aa6664bf...
> ...meagan at meaganlucyphoto.con&fullname=58563ab925ac7...
> ...saramardambey at gmail.com&fullname=58564566dc31b...
> ...dotthomas717 at yahoo.com&fullname=5856456df0b96...
> ...scottpickup2000 at gmail.com&fullname=58564b85ccf98...

If you only want to target user subscribes and not things like admin
mass subscribes and invitations, you could modify Mailman/MailList.py in
the AddMember() method around line 894

        pattern = self.GetBannedPattern(email)

change that to

        pattern = (self.GetBannedPattern(email) or
                   self.GetBannedPattern(realname))

Then you could add patterns like, e.g., '^[0-9af]{10,}' to the
GLOBAL_BAN_LIST to match those real names.

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From mark at msapiro.net  Thu Dec 22 18:55:02 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Thu, 22 Dec 2016 15:55:02 -0800
Subject: [Mailman-Users] Spam to "-request" address generating
 backscatter spam
In-Reply-To: 
References: <584F2DC2.19582.11490C30@edward.hasbrouck.org>
 <687ac64d-dda2-a543-7949-2b893caeae3c@msapiro.net>

Message-ID: <3feb704e-11a4-d13f-654f-e1fe3cc4ecb7@msapiro.net>

On 12/22/2016 03:38 PM, Jim Popovitch wrote:
> 
> I'm seeing GET attempts like this:
> 
> 77.247.181.165 - - [22/Dec/2016:23:30:10 +0000] "GET
> /subscribe/users?sub_form_token=1527449307%3A44440ca6e66379d0e6e9c45b66d93d5864da4621&email=jconno2215%40gmail.com&fullname=585c61c234d98&pw=&pw-conf=&digest=1&email-button=jconno2215%40gmail.com&language=en&?sub_form_token=1527449307%3A44440ca6e66379d0e6e9c45b66d93d5864da4621&email=jconno2215%40gmail.com&fullname=585c61c234d98&pw=&pw-conf=&digest=1&email-button=jconno2215%40gmail.com&language=en&&sub_form_token=1527449307%3A44440ca6e66379d0e6e9c45b66d93d5864da4621&email=jconno2215%40gmail.com&fullname=585c61c234d98&pw=&pw-conf=&digest=1&email-button=jconno2215%40gmail.com&language=en&
> HTTP/1.1" 404 162 "http://netcoolusers.org/" "Mozilla/5.0 (Windows NT
> 5.1; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"

OK. I see how limiting the subscribe CGI to POST requests would stop
these, but I haven't seen any attacks like this. In the ones I've seen,
the bot GETs the form via listinfo and then delays and POSTs to
subscribe as described in the part of my post in this thread you didn't
quote.

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From jimpop at gmail.com  Thu Dec 22 19:05:34 2016
From: jimpop at gmail.com (Jim Popovitch)
Date: Thu, 22 Dec 2016 19:05:34 -0500
Subject: [Mailman-Users] Spam to "-request" address generating
 backscatter spam
In-Reply-To: <3feb704e-11a4-d13f-654f-e1fe3cc4ecb7@msapiro.net>
References: <584F2DC2.19582.11490C30@edward.hasbrouck.org>
 <687ac64d-dda2-a543-7949-2b893caeae3c@msapiro.net>

 <3feb704e-11a4-d13f-654f-e1fe3cc4ecb7@msapiro.net>
Message-ID: 

On Thu, Dec 22, 2016 at 6:55 PM, Mark Sapiro  wrote:
> On 12/22/2016 03:38 PM, Jim Popovitch wrote:
>>
>> I'm seeing GET attempts like this:
>>
>> 77.247.181.165 - - [22/Dec/2016:23:30:10 +0000] "GET
>> /subscribe/users?sub_form_token=1527449307%3A44440ca6e66379d0e6e9c45b66d93d5864da4621&email=jconno2215%40gmail.com&fullname=585c61c234d98&pw=&pw-conf=&digest=1&email-button=jconno2215%40gmail.com&language=en&?sub_form_token=1527449307%3A44440ca6e66379d0e6e9c45b66d93d5864da4621&email=jconno2215%40gmail.com&fullname=585c61c234d98&pw=&pw-conf=&digest=1&email-button=jconno2215%40gmail.com&language=en&&sub_form_token=1527449307%3A44440ca6e66379d0e6e9c45b66d93d5864da4621&email=jconno2215%40gmail.com&fullname=585c61c234d98&pw=&pw-conf=&digest=1&email-button=jconno2215%40gmail.com&language=en&
>> HTTP/1.1" 404 162 "http://netcoolusers.org/" "Mozilla/5.0 (Windows NT
>> 5.1; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
>
>
> OK. I see how limiting the subscribe CGI to POST requests would stop
> these, but I haven't seen any attacks like this. In the ones I've seen,
> the bot GETs the form via listinfo and then delays and POSTs to
> subscribe as described in the part of my post in this thread you didn't
> quote.

Just to be clear, the bots are doing a GET of the listinfo page,
extracting the token, and then (mis)forming the GET URL like this:

89.32.127.178 - - [22/Dec/2016:23:53:29 +0000] "GET
/mailman/listinfo/users HTTP/1.1" 200 2866 "-" "Mozilla/5.0 (Windows
NT 5.1; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
89.32.127.178 - - [22/Dec/2016:23:53:32 +0000] "GET
/subscribe/users?sub_form_token=2351250719%3A8d5271a8d26c4cdd37040d7a7f37efb977e93d07&email=candice.cheng%40gmail.com&fullname=585c673c4eaac&pw=&pw-conf=&digest=1&email-button=candice.cheng%40gmail.com&language=en&?sub_form_token=2351250719%3A8d5271a8d26c4cdd37040d7a7f37efb977e93d07&email=candice.cheng%40gmail.com&fullname=585c673c4eaac&pw=&pw-conf=&digest=1&email-button=candice.cheng%40gmail.com&language=en&&sub_form_token=2351250719%3A8d5271a8d26c4cdd37040d7a7f37efb977e93d07&email=candice.cheng%40gmail.com&fullname=585c673c4eaac&pw=&pw-conf=&digest=1&email-button=candice.cheng%40gmail.com&language=en&
HTTP/1.1" 404 162 "http://netcoolusers.org/" "Mozilla/5.0 (Windows NT
5.1; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"

I suspect, the bot is requesting ../subscribe and that nginx is just
striping the leading dots off the request (totally not sure about this
though).

-Jim P.

From mark at msapiro.net  Thu Dec 22 19:09:54 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Thu, 22 Dec 2016 16:09:54 -0800
Subject: [Mailman-Users] Installing
 http://packages.ubuntu.com/zesty/mailman, stuck at "Temporary failure"
In-Reply-To: <7679D4E4-3914-480F-B906-2C0BD73B7859@hotmail.com>
References: 

 <8d6ace0e-6c14-dd11-447d-1a527595ab74@msapiro.net>
 <45923E50-B139-42DE-B9E7-A8F90E1362D8@hotmail.com>
 <89c36d09-f51e-45b2-e75b-56d6f5e11019@msapiro.net>

 <8a8c576e-70f6-a055-b5d8-ec64b60aa0a6@msapiro.net>
 <74E65C0A-4AE4-40DB-989B-D0D2D505BEFB@hotmail.com>
 <39B5DA93-2A85-4426-A3C2-CF4A65AD7059@hotmail.com>
 <7679D4E4-3914-480F-B906-2C0BD73B7859@hotmail.com>
Message-ID: 

On 12/22/2016 03:07 PM, Caesar Samsi wrote:
> Alright I'm stuck here now, been trolling google ? haven?t found a clue yet.
> 
> Dec 22 15:02:22 localhost postfix/smtpd[7643]: NOQUEUE: reject: RCPT from 0-46.static.highlandsfibernetwork.com[216.9.0.46]: 550 5.1.1 >: Recipient address rejected: User unknown in virtual mailbox table; from= to= proto=ESMTP helo=

As Jim P. said, you may need

virtual_alias_domains = yugi.us

in Postfix main.cf, although this may conflict with your
virtual_mailbox_domains.

You need to figure out what domains you want to use for what purposes,
and how you want to deliver to Mailman.

Also, look at your data/virtual-mailman. Is the mapping there like

test2 at yugi.us    test2 at localhost
...

or is it

test2 at mail.yugi.us    test2 at localhost

If the latter, you have to post to test2 at mail.yugi.us, not test2 at yugi.us
or fix your list's host names and rerun genaliases.

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From geek at uniserve.com  Thu Dec 22 18:51:51 2016
From: geek at uniserve.com (Dave Stevens)
Date: Thu, 22 Dec 2016 15:51:51 -0800
Subject: [Mailman-Users] edit confirmation request?
Message-ID: <20161222155151.01c421d0@user-Satellite-A100>

I have a potentially large subset of users for a new list whose
firm will make difficulties about them clicking on a link in Mailman's 
confirmation request email. 

I'd like them to only have the option to reply in order to confirm. I
don't see a way to edit the confirmation email's text or,
alternatively, to turn off the clickthrough option for new
subscriptions.

Anyone know how to do this?

D

-- 
Reporter to Mahatma Ghandi after his tour of east London
"What do you think of western civilization, Mr. Ghandi?"
Ghandi - "I think it would be an excellent idea!"

From mark at msapiro.net  Thu Dec 22 19:21:00 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Thu, 22 Dec 2016 16:21:00 -0800
Subject: [Mailman-Users] Spam to "-request" address generating
 backscatter spam
In-Reply-To: 
References: <584F2DC2.19582.11490C30@edward.hasbrouck.org>
 <687ac64d-dda2-a543-7949-2b893caeae3c@msapiro.net>

 <3feb704e-11a4-d13f-654f-e1fe3cc4ecb7@msapiro.net>

Message-ID: 

On 12/22/2016 04:05 PM, Jim Popovitch wrote:
> 
> Just to be clear, the bots are doing a GET of the listinfo page,
> extracting the token, and then (mis)forming the GET URL like this:
> 
> 89.32.127.178 - - [22/Dec/2016:23:53:29 +0000] "GET
> /mailman/listinfo/users HTTP/1.1" 200 2866 "-" "Mozilla/5.0 (Windows
> NT 5.1; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
> 89.32.127.178 - - [22/Dec/2016:23:53:32 +0000] "GET
> /subscribe/users?sub_form_token=2351250719%3A8d5271a8d26c4cdd37040d7a7f37efb977e93d07&email=candice.cheng%40gmail.com&fullname=585c673c4eaac&pw=&pw-conf=&digest=1&email-button=candice.cheng%40gmail.com&language=en&?sub_form_token=2351250719%3A8d5271a8d26c4cdd37040d7a7f37efb977e93d07&email=candice.cheng%40gmail.com&fullname=585c673c4eaac&pw=&pw-conf=&digest=1&email-button=candice.cheng%40gmail.com&language=en&&sub_form_token=2351250719%3A8d5271a8d26c4cdd37040d7a7f37efb977e93d07&email=candice.cheng%40gmail.com&fullname=585c673c4eaac&pw=&pw-conf=&digest=1&email-button=candice.cheng%40gmail.com&language=en&
> HTTP/1.1" 404 162 "http://netcoolusers.org/" "Mozilla/5.0 (Windows NT
> 5.1; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
> 
> I suspect, the bot is requesting ../subscribe and that nginx is just
> striping the leading dots off the request (totally not sure about this
> though).

I suspect that's correct. The bottom line however is that there are
already botnets out there that are smart enough the do the right things
to get past the checks of GETting the form first with the hidden token
and delaying sufficiently before POSTing to the right URL.

I can see that if your attackers get smarter, the real name check could
be useful, but I'm not ready to add that as a feature. That could change
if they successfully attack me, but that hasn't happened yet.

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From mark at msapiro.net  Thu Dec 22 19:28:07 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Thu, 22 Dec 2016 16:28:07 -0800
Subject: [Mailman-Users] edit confirmation request?
In-Reply-To: <20161222155151.01c421d0@user-Satellite-A100>
References: <20161222155151.01c421d0@user-Satellite-A100>
Message-ID: 

On 12/22/2016 03:51 PM, Dave Stevens wrote:
> 
> I'd like them to only have the option to reply in order to confirm. I
> don't see a way to edit the confirmation email's text or,
> alternatively, to turn off the clickthrough option for new
> subscriptions.

Beginning with Mailman 2.1.23, the "Request to confirm subscription"
template has been added to those that can be edited through the web
admin "Edit the public HTML pages and text files" link.

For older Mailman, you need access to the Mailan server to make a list
specific version of the verify.txt template. See
.

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From mark at mailmanlists.net  Fri Dec 23 01:40:48 2016
From: mark at mailmanlists.net (Mark Dale)
Date: Fri, 23 Dec 2016 17:40:48 +1100
Subject: [Mailman-Users] Mailman Hosting
In-Reply-To: 
References: 
 <22619.21543.169543.409739@turnbull.sk.tsukuba.ac.jp>
 <387ce2c8-1a53-37b1-83ae-0e658c986e04@mailmanlists.net>

Message-ID: <60d5a2de-539e-f3c2-07dd-3ce7d9e9e9ea@mailmanlists.net>

Thanks for the suggestion on the mailop list Jim.

Verizon began accepting mail again for lists on the European server 
about 6 hours ago.

No light was shed as to why or what changed their view. Not only Verizon 
but AT&T as well, at around the same time - a little puzzle that's 
probably best left alone.

It may be that their default position is to block all list mail 
regardless - until they get swamped with complaints.

I've subscribed to the mailop list as you suggest, and if I learn 
anything relevant to this issue I'll post it back here.

Thanks,
Mark

========================================
  MailmanLists - hosted discussion lists
  Canberra, Australia
  Tel: +61 .2 61003121
  http://www.mailmanlists.net
=======================================

On 22/12/16 16:15, Jim Popovitch wrote:
> On Wed, Dec 21, 2016 at 11:42 PM, Mark Dale  wrote:
...
>> All the DNS records (inc SPF, DKIM) are in place, the server is on no RBLs,
>> con-current connections to the recieving mail servers is set at 2 in
>> Postfix. In short, all the right boxes are ticked as far as we can see.
>>
>> Point noted about the time needed to build a good IP reputation. In light of
>> that, we moved the list to our old established server in Europe. It has a
>> SenderScore of 99, and of course all the same boxes are ticked. Verizon
>> still rejected list mail.
...
>>
>
> A good place to start is on the mailop list, explain your company and
> sign-up practices/filtering, etc.  Be open and ask for specific reps
> to contact you offline if necessary.  You may get some awesome help,
> although this close to the holidays your message may not hit the right
> people until next year.
>
> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

From guest2 at sgeinc.com  Fri Dec 23 09:36:17 2016
From: guest2 at sgeinc.com (Richard Shetron)
Date: Fri, 23 Dec 2016 09:36:17 -0500
Subject: [Mailman-Users] Mailman Hosting
In-Reply-To: <60d5a2de-539e-f3c2-07dd-3ce7d9e9e9ea@mailmanlists.net>
References: 
 <22619.21543.169543.409739@turnbull.sk.tsukuba.ac.jp>
 <387ce2c8-1a53-37b1-83ae-0e658c986e04@mailmanlists.net>

 <60d5a2de-539e-f3c2-07dd-3ce7d9e9e9ea@mailmanlists.net>
Message-ID: <2f3f4a84-cc88-2ea0-6bb1-14154952c289@sgeinc.com>

Maybe they were using some type of grey listing.

For those who don't know:
Grey listing is where the target MTA rejects with a retry error code the 
email from a new source for some period of time.  Every site can set 
their own delay.  Most spammers won't retry so it gets rid of a lot of 
spam.  Real email servers will accept the retry error (4xx) and retry 
after some prefigured time from a few seconds to an hour or more.  The 
IP addresses are tracked and if retried after the time limit are white 
listed for anywhere from a few hours to a month or more.

On 12/23/2016 1:40 AM, Mark Dale wrote:
> Thanks for the suggestion on the mailop list Jim.
>
> Verizon began accepting mail again for lists on the European server
> about 6 hours ago.
>
> No light was shed as to why or what changed their view. Not only Verizon
> but AT&T as well, at around the same time - a little puzzle that's
> probably best left alone.
>
> It may be that their default position is to block all list mail
> regardless - until they get swamped with complaints.
>
> I've subscribed to the mailop list as you suggest, and if I learn
> anything relevant to this issue I'll post it back here.
>
> Thanks,
> Mark
>
>
>
> ========================================
>  MailmanLists - hosted discussion lists
>  Canberra, Australia
>  Tel: +61 .2 61003121
>  http://www.mailmanlists.net
> =======================================
>
> On 22/12/16 16:15, Jim Popovitch wrote:
>> On Wed, Dec 21, 2016 at 11:42 PM, Mark Dale 
>> wrote:
> ...
>>> All the DNS records (inc SPF, DKIM) are in place, the server is on no
>>> RBLs,
>>> con-current connections to the recieving mail servers is set at 2 in
>>> Postfix. In short, all the right boxes are ticked as far as we can see.
>>>
>>> Point noted about the time needed to build a good IP reputation. In
>>> light of
>>> that, we moved the list to our old established server in Europe. It
>>> has a
>>> SenderScore of 99, and of course all the same boxes are ticked. Verizon
>>> still rejected list mail.
> ...
>>>
>>
>> A good place to start is on the mailop list, explain your company and
>> sign-up practices/filtering, etc.  Be open and ask for specific reps
>> to contact you offline if necessary.  You may get some awesome help,
>> although this close to the holidays your message may not hit the right
>> people until next year.
>>
>> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
>
> ------------------------------------------------------
> Mailman-Users mailing list Mailman-Users at python.org
> https://mail.python.org/mailman/listinfo/mailman-users
> Mailman FAQ: http://wiki.list.org/x/AgA3
> Security Policy: http://wiki.list.org/x/QIA9
> Searchable Archives:
> http://www.mail-archive.com/mailman-users%40python.org/
> Unsubscribe:
> https://mail.python.org/mailman/options/mailman-users/guest2%40sgeinc.com
>

From odhiambo at gmail.com  Fri Dec 23 09:50:26 2016
From: odhiambo at gmail.com (Odhiambo Washington)
Date: Fri, 23 Dec 2016 17:50:26 +0300
Subject: [Mailman-Users] Mailman Hosting
In-Reply-To: <2f3f4a84-cc88-2ea0-6bb1-14154952c289@sgeinc.com>
References: 
 <22619.21543.169543.409739@turnbull.sk.tsukuba.ac.jp>
 <387ce2c8-1a53-37b1-83ae-0e658c986e04@mailmanlists.net>

 <60d5a2de-539e-f3c2-07dd-3ce7d9e9e9ea@mailmanlists.net>
 <2f3f4a84-cc88-2ea0-6bb1-14154952c289@sgeinc.com>
Message-ID: 

On 23 December 2016 at 17:36, Richard Shetron  wrote:

> Maybe they were using some type of grey listing.
>
> For those who don't know:
> Grey listing is where the target MTA rejects with a retry error code the
> email from a new source for some period of time.  Every site can set their
> own delay.  Most spammers won't retry so it gets rid of a lot of spam.
> Real email servers will accept the retry error (4xx) and retry after some
> prefigured time from a few seconds to an hour or more.  The IP addresses
> are tracked and if retried after the time limit are white listed for
> anywhere from a few hours to a month or more.
>

I know Exim will only treat a session as a failure if it gets 5xx. Does
Postfix do the same?

-- 
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft."

From mark at msapiro.net  Fri Dec 23 12:21:40 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Fri, 23 Dec 2016 09:21:40 -0800
Subject: [Mailman-Users] Mailman Hosting
In-Reply-To: 
References: 
 <22619.21543.169543.409739@turnbull.sk.tsukuba.ac.jp>
 <387ce2c8-1a53-37b1-83ae-0e658c986e04@mailmanlists.net>

 <60d5a2de-539e-f3c2-07dd-3ce7d9e9e9ea@mailmanlists.net>
 <2f3f4a84-cc88-2ea0-6bb1-14154952c289@sgeinc.com>

Message-ID: <4accb0e8-9036-4671-e496-d0c7dacb919b@msapiro.net>

On 12/23/2016 06:50 AM, Odhiambo Washington wrote:
> 
> I know Exim will only treat a session as a failure if it gets 5xx. Does
> Postfix do the same?

Yes, mostly. Postfix treats any 4xx as retryable and retries at
configured intervals until the message is delivered or
maximal_queue_lifetime (default 5 days) expires. After
maximal_queue_lifetime the message is considered undeliverable (failure).

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From guest2 at sgeinc.com  Fri Dec 23 14:17:46 2016
From: guest2 at sgeinc.com (Richard Shetron)
Date: Fri, 23 Dec 2016 14:17:46 -0500
Subject: [Mailman-Users] Mailman Hosting
In-Reply-To: 
References: 
 <22619.21543.169543.409739@turnbull.sk.tsukuba.ac.jp>
 <387ce2c8-1a53-37b1-83ae-0e658c986e04@mailmanlists.net>

 <60d5a2de-539e-f3c2-07dd-3ce7d9e9e9ea@mailmanlists.net>
 <2f3f4a84-cc88-2ea0-6bb1-14154952c289@sgeinc.com>

Message-ID: 

Postfix is the same.  I had to install a greylisting package to add 
greylisting to postfix.

On 12/23/2016 9:50 AM, Odhiambo Washington wrote:
>
> On 23 December 2016 at 17:36, Richard Shetron  > wrote:
>
>     Maybe they were using some type of grey listing.
>
>     For those who don't know:
>     Grey listing is where the target MTA rejects with a retry error code
>     the email from a new source for some period of time.  Every site can
>     set their own delay.  Most spammers won't retry so it gets rid of a
>     lot of spam.  Real email servers will accept the retry error (4xx)
>     and retry after some prefigured time from a few seconds to an hour
>     or more.  The IP addresses are tracked and if retried after the time
>     limit are white listed for anywhere from a few hours to a month or more.
>
>
> I know Exim will only treat a session as a failure if it gets 5xx. Does
> Postfix do the same?
>
>
> --
> Best regards,
> Odhiambo WASHINGTON,
> Nairobi,KE
> +254 7 3200 0004/+254 7 2274 3223
> "Oh, the cruft."

From odhiambo at gmail.com  Fri Dec 23 14:22:35 2016
From: odhiambo at gmail.com (Odhiambo Washington)
Date: Fri, 23 Dec 2016 22:22:35 +0300
Subject: [Mailman-Users] Mailman Hosting
In-Reply-To: <4accb0e8-9036-4671-e496-d0c7dacb919b@msapiro.net>
References: 
 <22619.21543.169543.409739@turnbull.sk.tsukuba.ac.jp>
 <387ce2c8-1a53-37b1-83ae-0e658c986e04@mailmanlists.net>

 <60d5a2de-539e-f3c2-07dd-3ce7d9e9e9ea@mailmanlists.net>
 <2f3f4a84-cc88-2ea0-6bb1-14154952c289@sgeinc.com>

 <4accb0e8-9036-4671-e496-d0c7dacb919b@msapiro.net>
Message-ID: 

That's what Exim does, unless the sysadmin changes things!

On 23 December 2016 at 20:21, Mark Sapiro  wrote:

> On 12/23/2016 06:50 AM, Odhiambo Washington wrote:
> >
> > I know Exim will only treat a session as a failure if it gets 5xx. Does
> > Postfix do the same?
>
>
> Yes, mostly. Postfix treats any 4xx as retryable and retries at
> configured intervals until the message is delivered or
> maximal_queue_lifetime (default 5 days) expires. After
> maximal_queue_lifetime the message is considered undeliverable (failure).
>
> --
> Mark Sapiro         The highway is for gamblers,
> San Francisco Bay Area, California    better use your sense - B. Dylan
> ------------------------------------------------------
> Mailman-Users mailing list Mailman-Users at python.org
> https://mail.python.org/mailman/listinfo/mailman-users
> Mailman FAQ: http://wiki.list.org/x/AgA3
> Security Policy: http://wiki.list.org/x/QIA9
> Searchable Archives: http://www.mail-archive.com/
> mailman-users%40python.org/
> Unsubscribe: https://mail.python.org/mailman/options/mailman-users/
> odhiambo%40gmail.com
>

-- 
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft."

From odhiambo at gmail.com  Fri Dec 23 14:24:58 2016
From: odhiambo at gmail.com (Odhiambo Washington)
Date: Fri, 23 Dec 2016 22:24:58 +0300
Subject: [Mailman-Users] Mailman Hosting
In-Reply-To: 
References: 
 <22619.21543.169543.409739@turnbull.sk.tsukuba.ac.jp>
 <387ce2c8-1a53-37b1-83ae-0e658c986e04@mailmanlists.net>

 <60d5a2de-539e-f3c2-07dd-3ce7d9e9e9ea@mailmanlists.net>
 <2f3f4a84-cc88-2ea0-6bb1-14154952c289@sgeinc.com>

Message-ID: 

Okay, so Exim and Postfix act the same in their default configs unless one
changes it. Mark (Dale), does your Postfix act the same way? I think it
doesn't and maybe it's something you need to take a second look at??

On 23 December 2016 at 22:17, Richard Shetron  wrote:

> Postfix is the same.  I had to install a greylisting package to add
> greylisting to postfix.
>
> On 12/23/2016 9:50 AM, Odhiambo Washington wrote:
>
>>
>> On 23 December 2016 at 17:36, Richard Shetron > > wrote:
>>
>>     Maybe they were using some type of grey listing.
>>
>>     For those who don't know:
>>     Grey listing is where the target MTA rejects with a retry error code
>>     the email from a new source for some period of time.  Every site can
>>     set their own delay.  Most spammers won't retry so it gets rid of a
>>     lot of spam.  Real email servers will accept the retry error (4xx)
>>     and retry after some prefigured time from a few seconds to an hour
>>     or more.  The IP addresses are tracked and if retried after the time
>>     limit are white listed for anywhere from a few hours to a month or
>> more.
>>
>>
>> I know Exim will only treat a session as a failure if it gets 5xx. Does
>> Postfix do the same?
>>
>>
>> --
>> Best regards,
>> Odhiambo WASHINGTON,
>> Nairobi,KE
>> +254 7 3200 0004/+254 7 2274 3223
>> "Oh, the cruft."
>>
>

-- 
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft."

From mark at msapiro.net  Fri Dec 23 14:42:58 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Fri, 23 Dec 2016 11:42:58 -0800
Subject: [Mailman-Users] Mailman Hosting
In-Reply-To: 
References: 
 <22619.21543.169543.409739@turnbull.sk.tsukuba.ac.jp>
 <387ce2c8-1a53-37b1-83ae-0e658c986e04@mailmanlists.net>

 <60d5a2de-539e-f3c2-07dd-3ce7d9e9e9ea@mailmanlists.net>
 <2f3f4a84-cc88-2ea0-6bb1-14154952c289@sgeinc.com>

Message-ID: <02339bbd-8beb-02d9-6830-962df267f46b@msapiro.net>

On 12/23/2016 11:24 AM, Odhiambo Washington wrote:
> Okay, so Exim and Postfix act the same in their default configs unless one
> changes it. Mark (Dale), does your Postfix act the same way? I think it
> doesn't and maybe it's something you need to take a second look at??

Why do you think this? Other than one other poster's conjecture that
greylisting might be involved (I don't think so, but ...), I see nothing
in this thread to indicate that Postfix is not treating 4xx status as
retryable.

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From cmsamsi at hotmail.com  Fri Dec 23 16:45:45 2016
From: cmsamsi at hotmail.com (Caesar Samsi)
Date: Fri, 23 Dec 2016 21:45:45 +0000
Subject: [Mailman-Users] Installing
 http://packages.ubuntu.com/zesty/mailman, stuck at "Temporary failure"
In-Reply-To: 
References: 

 <8d6ace0e-6c14-dd11-447d-1a527595ab74@msapiro.net>
 <45923E50-B139-42DE-B9E7-A8F90E1362D8@hotmail.com>
 <89c36d09-f51e-45b2-e75b-56d6f5e11019@msapiro.net>

 <8a8c576e-70f6-a055-b5d8-ec64b60aa0a6@msapiro.net>
 <74E65C0A-4AE4-40DB-989B-D0D2D505BEFB@hotmail.com>
 <39B5DA93-2A85-4426-A3C2-CF4A65AD7059@hotmail.com>
 <7679D4E4-3914-480F-B906-2C0BD73B7859@hotmail.com>

Message-ID: <82A72B99-1C81-4792-AE8A-596117F9B6C6@hotmail.com>

I?ve chosen to use yugi.us as the email host and www.yugi.us as the url host.

1. I?ve added virtual_alias_domains = yugi.us

However that causes non mailman email addresses from receiving emails:
>: User unknown in virtual alias table
Reporting-MTA: dns; mail.yugi.us
X-Postfix-Queue-ID: 3ADAF3636B6
X-Postfix-Sender: rfc822; alerts at samsi.us
Arrival-Date: Fri, 23 Dec 2016 12:56:00 -0800 (PST)

So I?ve had to remove that setting.

2. I?ve (along with step 1 above):
- rmlist all aliases (including mailman)
- rm /var/lib/mailman/data/virtual-man*
- newlist mailman (and provided the email url hosts owner and password)
- /usr/lib/mailman/bin/genaliases (and see the proper entries in /var/lib/mailman/data/virtual-mailman

Now when I send to mailman at yugi.us I get:
: mail for localhost loops back to myself
Reporting-MTA: dns; mail.yugi.us
X-Postfix-Queue-ID: 3282E3636B6
X-Postfix-Sender: rfc822; alerts at samsi.us
Arrival-Date: Fri, 23 Dec 2016 12:58:11 -0800 (PST)

On my other working mailman server I didn?t have to specify virtual_alias_domains = yugi.us

If I send to mailman at mail.yugi.us I get relay access denied:
Final-Recipient: rfc822; mailman at mail.yugi.us
Original-Recipient: rfc822;mailman at mail.yugi.us
Action: failed
Status: 5.7.1
Remote-MTA: dns; yugi.us
Diagnostic-Code: smtp; 554 5.7.1 >: Relay access denied

I?m stumped ? still looking through google.

I?ve reread https://www.gnu.org/software/mailman/mailman-install/postfix-virtual.html too many times and followed the steps that many times too :-)

Attached is postconf -n output, master.cf, and transport.

On Dec 22, 2016, at 4:09 PM, Mark Sapiro > wrote:

On 12/22/2016 03:07 PM, Caesar Samsi wrote:
Alright I'm stuck here now, been trolling google ? haven?t found a clue yet.

Dec 22 15:02:22 localhost postfix/smtpd[7643]: NOQUEUE: reject: RCPT from 0-46.static.highlandsfibernetwork.com[216.9.0.46]: 550 5.1.1 >: Recipient address rejected: User unknown in virtual mailbox table; from=> to=> proto=ESMTP helo=>

As Jim P. said, you may need

virtual_alias_domains = yugi.us

in Postfix main.cf, although this may conflict with your
virtual_mailbox_domains.

You need to figure out what domains you want to use for what purposes,
and how you want to deliver to Mailman.

Also, look at your data/virtual-mailman. Is the mapping there like

test2 at yugi.us    test2 at localhost
...

or is it

test2 at mail.yugi.us    test2 at localhost

If the latter, you have to post to test2 at mail.yugi.us, not test2 at yugi.us
or fix your list's host names and rerun genaliases.

--
Mark Sapiro >        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan
------------------------------------------------------
Mailman-Users mailing list Mailman-Users at python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: https://mail.python.org/mailman/options/mailman-users/cmsamsi%40hotmail.com

-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: postfix.txt
URL: 

From cmsamsi at hotmail.com  Fri Dec 23 17:11:30 2016
From: cmsamsi at hotmail.com (Caesar Samsi)
Date: Fri, 23 Dec 2016 22:11:30 +0000
Subject: [Mailman-Users] Installing
 http://packages.ubuntu.com/zesty/mailman, stuck at "Temporary failure"
In-Reply-To: <82A72B99-1C81-4792-AE8A-596117F9B6C6@hotmail.com>
References: 

 <8d6ace0e-6c14-dd11-447d-1a527595ab74@msapiro.net>
 <45923E50-B139-42DE-B9E7-A8F90E1362D8@hotmail.com>
 <89c36d09-f51e-45b2-e75b-56d6f5e11019@msapiro.net>

 <8a8c576e-70f6-a055-b5d8-ec64b60aa0a6@msapiro.net>
 <74E65C0A-4AE4-40DB-989B-D0D2D505BEFB@hotmail.com>
 <39B5DA93-2A85-4426-A3C2-CF4A65AD7059@hotmail.com>
 <7679D4E4-3914-480F-B906-2C0BD73B7859@hotmail.com>

 <82A72B99-1C81-4792-AE8A-596117F9B6C6@hotmail.com>
Message-ID: 

I got it to work!

I tweaked this section, the clincher was populating mydestination.

I?m going to do a happy dance.

# ---------------------------------
# General host and delivery info
# ----------------------------------

myhostname = mail.yugi.us
mydomain=yugi.us
myorigin = /etc/hostname

# Some people see issues when setting mydestination explicitly to the server
# subdomain, while leaving it empty generally doesn't hurt. So it is left empty$
# mydestination = mail.example.com, localhost

mydestination = yugi.us, mail.yugi.us, localhost

On Dec 23, 2016, at 1:45 PM, Caesar Samsi > wrote:

I?ve chosen to use yugi.us as the email host and www.yugi.us as the url host.

1. I?ve added virtual_alias_domains = yugi.us

However that causes non mailman email addresses from receiving emails:
>: User unknown in virtual alias table
Reporting-MTA: dns; mail.yugi.us
X-Postfix-Queue-ID: 3ADAF3636B6
X-Postfix-Sender: rfc822; alerts at samsi.us
Arrival-Date: Fri, 23 Dec 2016 12:56:00 -0800 (PST)

So I?ve had to remove that setting.

2. I?ve (along with step 1 above):
- rmlist all aliases (including mailman)
- rm /var/lib/mailman/data/virtual-man*
- newlist mailman (and provided the email url hosts owner and password)
- /usr/lib/mailman/bin/genaliases (and see the proper entries in /var/lib/mailman/data/virtual-mailman

Now when I send to mailman at yugi.us I get:
: mail for localhost loops back to myself
Reporting-MTA: dns; mail.yugi.us
X-Postfix-Queue-ID: 3282E3636B6
X-Postfix-Sender: rfc822; alerts at samsi.us
Arrival-Date: Fri, 23 Dec 2016 12:58:11 -0800 (PST)

On my other working mailman server I didn?t have to specify virtual_alias_domains = yugi.us

If I send to mailman at mail.yugi.us I get relay access denied:
Final-Recipient: rfc822; mailman at mail.yugi.us
Original-Recipient: rfc822;mailman at mail.yugi.us
Action: failed
Status: 5.7.1
Remote-MTA: dns; yugi.us
Diagnostic-Code: smtp; 554 5.7.1 >: Relay access denied

I?m stumped ? still looking through google.

I?ve reread https://www.gnu.org/software/mailman/mailman-install/postfix-virtual.html too many times and followed the steps that many times too :-)

Attached is postconf -n output, master.cf, and transport.

On Dec 22, 2016, at 4:09 PM, Mark Sapiro > wrote:

On 12/22/2016 03:07 PM, Caesar Samsi wrote:
Alright I'm stuck here now, been trolling google ? haven?t found a clue yet.

Dec 22 15:02:22 localhost postfix/smtpd[7643]: NOQUEUE: reject: RCPT from 0-46.static.highlandsfibernetwork.com[216.9.0.46]: 550 5.1.1 >: Recipient address rejected: User unknown in virtual mailbox table; from=> to=> proto=ESMTP helo=>

As Jim P. said, you may need

virtual_alias_domains = yugi.us

in Postfix main.cf, although this may conflict with your
virtual_mailbox_domains.

You need to figure out what domains you want to use for what purposes,
and how you want to deliver to Mailman.

Also, look at your data/virtual-mailman. Is the mapping there like

test2 at yugi.us    test2 at localhost
...

or is it

test2 at mail.yugi.us    test2 at localhost

If the latter, you have to post to test2 at mail.yugi.us, not test2 at yugi.us
or fix your list's host names and rerun genaliases.

--
Mark Sapiro >        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan
------------------------------------------------------
Mailman-Users mailing list Mailman-Users at python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: https://mail.python.org/mailman/options/mailman-users/cmsamsi%40hotmail.com

From cmsamsi at hotmail.com  Fri Dec 23 17:16:04 2016
From: cmsamsi at hotmail.com (Caesar Samsi)
Date: Fri, 23 Dec 2016 22:16:04 +0000
Subject: [Mailman-Users] Installing
 http://packages.ubuntu.com/zesty/mailman, stuck at "Temporary failure"
In-Reply-To: 
References: 

 <8d6ace0e-6c14-dd11-447d-1a527595ab74@msapiro.net>
 <45923E50-B139-42DE-B9E7-A8F90E1362D8@hotmail.com>
 <89c36d09-f51e-45b2-e75b-56d6f5e11019@msapiro.net>

 <8a8c576e-70f6-a055-b5d8-ec64b60aa0a6@msapiro.net>
 <74E65C0A-4AE4-40DB-989B-D0D2D505BEFB@hotmail.com>
 <39B5DA93-2A85-4426-A3C2-CF4A65AD7059@hotmail.com>
 <7679D4E4-3914-480F-B906-2C0BD73B7859@hotmail.com>

 <82A72B99-1C81-4792-AE8A-596117F9B6C6@hotmail.com>

Message-ID: <34C65CFD-A363-4705-A583-E3860BD8BE44@hotmail.com>

Agg ? now mails to non list emails get rejected:

>: unknown user: "admin"
Reporting-MTA: dns; mail.yugi.us
X-Postfix-Queue-ID: 606533636B6
X-Postfix-Sender: rfc822; alerts at samsi.us
Arrival-Date: Fri, 23 Dec 2016 14:14:30 -0800 (PST)

Final-Recipient: rfc822; admin at yugi.us
Original-Recipient: rfc822;admin at yugi.us
Action: failed
Status: 5.1.1
Diagnostic-Code: X-Postfix; unknown user: ?admin"

On Dec 23, 2016, at 2:11 PM, Caesar Samsi > wrote:

I got it to work!

I tweaked this section, the clincher was populating mydestination.

I?m going to do a happy dance.

# ---------------------------------
# General host and delivery info
# ----------------------------------

myhostname = mail.yugi.us
mydomain=yugi.us
myorigin = /etc/hostname

# Some people see issues when setting mydestination explicitly to the server
# subdomain, while leaving it empty generally doesn't hurt. So it is left empty$
# mydestination = mail.example.com, localhost

mydestination = yugi.us, mail.yugi.us, localhost

On Dec 23, 2016, at 1:45 PM, Caesar Samsi > wrote:

I?ve chosen to use yugi.us as the email host and www.yugi.us as the url host.

1. I?ve added virtual_alias_domains = yugi.us

However that causes non mailman email addresses from receiving emails:
>: User unknown in virtual alias table
Reporting-MTA: dns; mail.yugi.us
X-Postfix-Queue-ID: 3ADAF3636B6
X-Postfix-Sender: rfc822; alerts at samsi.us
Arrival-Date: Fri, 23 Dec 2016 12:56:00 -0800 (PST)

So I?ve had to remove that setting.

2. I?ve (along with step 1 above):
- rmlist all aliases (including mailman)
- rm /var/lib/mailman/data/virtual-man*
- newlist mailman (and provided the email url hosts owner and password)
- /usr/lib/mailman/bin/genaliases (and see the proper entries in /var/lib/mailman/data/virtual-mailman

Now when I send to mailman at yugi.us I get:
: mail for localhost loops back to myself
Reporting-MTA: dns; mail.yugi.us
X-Postfix-Queue-ID: 3282E3636B6
X-Postfix-Sender: rfc822; alerts at samsi.us
Arrival-Date: Fri, 23 Dec 2016 12:58:11 -0800 (PST)

On my other working mailman server I didn?t have to specify virtual_alias_domains = yugi.us

If I send to mailman at mail.yugi.us I get relay access denied:
Final-Recipient: rfc822; mailman at mail.yugi.us
Original-Recipient: rfc822;mailman at mail.yugi.us
Action: failed
Status: 5.7.1
Remote-MTA: dns; yugi.us
Diagnostic-Code: smtp; 554 5.7.1 >: Relay access denied

I?m stumped ? still looking through google.

I?ve reread https://www.gnu.org/software/mailman/mailman-install/postfix-virtual.html too many times and followed the steps that many times too :-)

Attached is postconf -n output, master.cf, and transport.

On Dec 22, 2016, at 4:09 PM, Mark Sapiro > wrote:

On 12/22/2016 03:07 PM, Caesar Samsi wrote:
Alright I'm stuck here now, been trolling google ? haven?t found a clue yet.

Dec 22 15:02:22 localhost postfix/smtpd[7643]: NOQUEUE: reject: RCPT from 0-46.static.highlandsfibernetwork.com[216.9.0.46]: 550 5.1.1 >: Recipient address rejected: User unknown in virtual mailbox table; from=> to=> proto=ESMTP helo=>

As Jim P. said, you may need

virtual_alias_domains = yugi.us

in Postfix main.cf, although this may conflict with your
virtual_mailbox_domains.

You need to figure out what domains you want to use for what purposes,
and how you want to deliver to Mailman.

Also, look at your data/virtual-mailman. Is the mapping there like

test2 at yugi.us    test2 at localhost
...

or is it

test2 at mail.yugi.us    test2 at localhost

If the latter, you have to post to test2 at mail.yugi.us, not test2 at yugi.us
or fix your list's host names and rerun genaliases.

--
Mark Sapiro >        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan
------------------------------------------------------
Mailman-Users mailing list Mailman-Users at python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: https://mail.python.org/mailman/options/mailman-users/cmsamsi%40hotmail.com

From cmsamsi at hotmail.com  Fri Dec 23 17:20:35 2016
From: cmsamsi at hotmail.com (Caesar Samsi)
Date: Fri, 23 Dec 2016 22:20:35 +0000
Subject: [Mailman-Users] Installing
 http://packages.ubuntu.com/zesty/mailman, stuck at "Temporary failure"
In-Reply-To: <34C65CFD-A363-4705-A583-E3860BD8BE44@hotmail.com>
References: 

 <8d6ace0e-6c14-dd11-447d-1a527595ab74@msapiro.net>
 <45923E50-B139-42DE-B9E7-A8F90E1362D8@hotmail.com>
 <89c36d09-f51e-45b2-e75b-56d6f5e11019@msapiro.net>

 <8a8c576e-70f6-a055-b5d8-ec64b60aa0a6@msapiro.net>
 <74E65C0A-4AE4-40DB-989B-D0D2D505BEFB@hotmail.com>
 <39B5DA93-2A85-4426-A3C2-CF4A65AD7059@hotmail.com>
 <7679D4E4-3914-480F-B906-2C0BD73B7859@hotmail.com>

 <82A72B99-1C81-4792-AE8A-596117F9B6C6@hotmail.com>

 <34C65CFD-A363-4705-A583-E3860BD8BE44@hotmail.com>
Message-ID: 

Whew I think that?s it, I?m doing my dance now :-)

For mydestination I only needed to use localhost like so:
mydestination = yugi.us, mail.yugi.us, localhost

On Dec 23, 2016, at 2:16 PM, Caesar Samsi > wrote:

Agg ? now mails to non list emails get rejected:

>: unknown user: "admin"
Reporting-MTA: dns; mail.yugi.us
X-Postfix-Queue-ID: 606533636B6
X-Postfix-Sender: rfc822; alerts at samsi.us
Arrival-Date: Fri, 23 Dec 2016 14:14:30 -0800 (PST)

Final-Recipient: rfc822; admin at yugi.us
Original-Recipient: rfc822;admin at yugi.us
Action: failed
Status: 5.1.1
Diagnostic-Code: X-Postfix; unknown user: ?admin"

On Dec 23, 2016, at 2:11 PM, Caesar Samsi > wrote:

I got it to work!

I tweaked this section, the clincher was populating mydestination.

I?m going to do a happy dance.

# ---------------------------------
# General host and delivery info
# ----------------------------------

myhostname = mail.yugi.us
mydomain=yugi.us
myorigin = /etc/hostname

# Some people see issues when setting mydestination explicitly to the server
# subdomain, while leaving it empty generally doesn't hurt. So it is left empty$
# mydestination = mail.example.com, localhost

mydestination = yugi.us, mail.yugi.us, localhost

On Dec 23, 2016, at 1:45 PM, Caesar Samsi > wrote:

I?ve chosen to use yugi.us as the email host and www.yugi.us as the url host.

1. I?ve added virtual_alias_domains = yugi.us

However that causes non mailman email addresses from receiving emails:
>: User unknown in virtual alias table
Reporting-MTA: dns; mail.yugi.us
X-Postfix-Queue-ID: 3ADAF3636B6
X-Postfix-Sender: rfc822; alerts at samsi.us
Arrival-Date: Fri, 23 Dec 2016 12:56:00 -0800 (PST)

So I?ve had to remove that setting.

2. I?ve (along with step 1 above):
- rmlist all aliases (including mailman)
- rm /var/lib/mailman/data/virtual-man*
- newlist mailman (and provided the email url hosts owner and password)
- /usr/lib/mailman/bin/genaliases (and see the proper entries in /var/lib/mailman/data/virtual-mailman

Now when I send to mailman at yugi.us I get:
: mail for localhost loops back to myself
Reporting-MTA: dns; mail.yugi.us
X-Postfix-Queue-ID: 3282E3636B6
X-Postfix-Sender: rfc822; alerts at samsi.us
Arrival-Date: Fri, 23 Dec 2016 12:58:11 -0800 (PST)

On my other working mailman server I didn?t have to specify virtual_alias_domains = yugi.us

If I send to mailman at mail.yugi.us I get relay access denied:
Final-Recipient: rfc822; mailman at mail.yugi.us
Original-Recipient: rfc822;mailman at mail.yugi.us
Action: failed
Status: 5.7.1
Remote-MTA: dns; yugi.us
Diagnostic-Code: smtp; 554 5.7.1 >: Relay access denied

I?m stumped ? still looking through google.

I?ve reread https://www.gnu.org/software/mailman/mailman-install/postfix-virtual.html too many times and followed the steps that many times too :-)

Attached is postconf -n output, master.cf, and transport.

On Dec 22, 2016, at 4:09 PM, Mark Sapiro > wrote:

On 12/22/2016 03:07 PM, Caesar Samsi wrote:
Alright I'm stuck here now, been trolling google ? haven?t found a clue yet.

Dec 22 15:02:22 localhost postfix/smtpd[7643]: NOQUEUE: reject: RCPT from 0-46.static.highlandsfibernetwork.com[216.9.0.46]: 550 5.1.1 >: Recipient address rejected: User unknown in virtual mailbox table; from=> to=> proto=ESMTP helo=>

As Jim P. said, you may need

virtual_alias_domains = yugi.us

in Postfix main.cf, although this may conflict with your
virtual_mailbox_domains.

You need to figure out what domains you want to use for what purposes,
and how you want to deliver to Mailman.

Also, look at your data/virtual-mailman. Is the mapping there like

test2 at yugi.us    test2 at localhost
...

or is it

test2 at mail.yugi.us    test2 at localhost

If the latter, you have to post to test2 at mail.yugi.us, not test2 at yugi.us
or fix your list's host names and rerun genaliases.

--
Mark Sapiro >        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan
------------------------------------------------------
Mailman-Users mailing list Mailman-Users at python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: https://mail.python.org/mailman/options/mailman-users/cmsamsi%40hotmail.com

From mark at msapiro.net  Fri Dec 23 17:50:07 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Fri, 23 Dec 2016 14:50:07 -0800
Subject: [Mailman-Users] Installing
 http://packages.ubuntu.com/zesty/mailman, stuck at "Temporary failure"
In-Reply-To: <34C65CFD-A363-4705-A583-E3860BD8BE44@hotmail.com>
References: 

 <8d6ace0e-6c14-dd11-447d-1a527595ab74@msapiro.net>
 <45923E50-B139-42DE-B9E7-A8F90E1362D8@hotmail.com>
 <89c36d09-f51e-45b2-e75b-56d6f5e11019@msapiro.net>

 <8a8c576e-70f6-a055-b5d8-ec64b60aa0a6@msapiro.net>
 <74E65C0A-4AE4-40DB-989B-D0D2D505BEFB@hotmail.com>
 <39B5DA93-2A85-4426-A3C2-CF4A65AD7059@hotmail.com>
 <7679D4E4-3914-480F-B906-2C0BD73B7859@hotmail.com>

 <82A72B99-1C81-4792-AE8A-596117F9B6C6@hotmail.com>

 <34C65CFD-A363-4705-A583-E3860BD8BE44@hotmail.com>
Message-ID: 

On 12/23/2016 02:16 PM, Caesar Samsi wrote:
> Agg ? now mails to non list emails get rejected:

In case you don't yet realize it, you are way over your head here, so
I'm just going to tell you what to do.

In mm_cfg.py put

DEFAULT_EMAIL_HOST = 'yugi.us'
DEFAULT_URL_HOST = 'www.yugi.net'
add_virtualhost(DEFAULT_URL_HOST, DEFAULT_EMAIL_HOST)
MTA = 'Postfix'
POSTFIX_STYLE_VIRTUAL_DOMAINS = ['yugi.us']
VIRTUAL_MAILMAN_LOCAL_DOMAIN = 'localhost'

Then run Mailman's

bin/withlist -l -a -r fix_url

and

bin/genaliases

in that order.

Your transport file says to use the mailman transport, which master.cf
defines as postfix_to_mailman.py for mail to the mail.yugi.us domain.
You don't want this, but as long as you don't have transport_maps in
main.cf, it's OK, but it would be safe to remove the transport file.

In Postfix main.cf you want (based on what you've posted)

alias_maps = hash:/etc/aliases,hash:/var/lib/mailman/data/aliases

mydestination = localhost, localhost.localdomain

virtual_alias_maps needs to include
hash:/var/lib/mailman/data/virtual-mailman

virtual_alias_domains must not include yugi.us.

I think that should work. Let us know.

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From turnbull.stephen.fw at u.tsukuba.ac.jp  Sat Dec 24 00:14:10 2016
From: turnbull.stephen.fw at u.tsukuba.ac.jp (Stephen J. Turnbull)
Date: Sat, 24 Dec 2016 14:14:10 +0900
Subject: [Mailman-Users] Spam to "-request" address generating
 backscatter spam
In-Reply-To: 
References: <584F2DC2.19582.11490C30@edward.hasbrouck.org>
 <687ac64d-dda2-a543-7949-2b893caeae3c@msapiro.net>

 <3feb704e-11a4-d13f-654f-e1fe3cc4ecb7@msapiro.net>

Message-ID: <22622.1058.470054.850238@turnbull.sk.tsukuba.ac.jp>

Mark Sapiro writes:

 > I can see that if your attackers get smarter, the real name check could
 > be useful, but I'm not ready to add that as a feature. That could change
 > if they successfully attack me, but that hasn't happened yet.

Based on past experience, by "me" Mark means "you, too".  He's that
kinda guy. :-)

I see Mark's point, though.  Basically, these attacks amount to a DoS
on his development time, and also on real users.  Restrictions on
automated subscription as well as other list actions (posting) are
going to be list-specific, or you are going to end up denying service
to people, elves and dwarves as well as to orcs and trolls.  We don't
really know how to make those distinctions yet, let alone do it well.

From turnbull.stephen.fw at u.tsukuba.ac.jp  Sat Dec 24 00:14:17 2016
From: turnbull.stephen.fw at u.tsukuba.ac.jp (Stephen J. Turnbull)
Date: Sat, 24 Dec 2016 14:14:17 +0900
Subject: [Mailman-Users] Mailman Hosting
In-Reply-To: <60d5a2de-539e-f3c2-07dd-3ce7d9e9e9ea@mailmanlists.net>
References: 
 <22619.21543.169543.409739@turnbull.sk.tsukuba.ac.jp>
 <387ce2c8-1a53-37b1-83ae-0e658c986e04@mailmanlists.net>

 <60d5a2de-539e-f3c2-07dd-3ce7d9e9e9ea@mailmanlists.net>
Message-ID: <22622.1065.581289.891796@turnbull.sk.tsukuba.ac.jp>

Mark Dale writes:

 > Verizon began accepting mail again for lists on the European server 
 > about 6 hours ago.

Yay!  And thank you for that followup.

From turnbull.stephen.fw at u.tsukuba.ac.jp  Sat Dec 24 00:17:12 2016
From: turnbull.stephen.fw at u.tsukuba.ac.jp (Stephen J. Turnbull)
Date: Sat, 24 Dec 2016 14:17:12 +0900
Subject: [Mailman-Users] Mailman Hosting
In-Reply-To: 
References: 
 <22619.21543.169543.409739@turnbull.sk.tsukuba.ac.jp>
 <387ce2c8-1a53-37b1-83ae-0e658c986e04@mailmanlists.net>

 <60d5a2de-539e-f3c2-07dd-3ce7d9e9e9ea@mailmanlists.net>
 <2f3f4a84-cc88-2ea0-6bb1-14154952c289@sgeinc.com>

Message-ID: <22622.1240.683856.487291@turnbull.sk.tsukuba.ac.jp>

Odhiambo Washington writes:

 > Okay, so Exim and Postfix act the same in their default configs
 > unless one changes it. Mark (Dale), does your Postfix act the same
 > way? I think it doesn't and maybe it's something you need to take a
 > second look at??

Mark Dale's posts demonstrate knows his business well, so I guess
that's not a problem unless you have direct evidence otherwise.

You may as well calm down.  Your target subscriber population uses
ISPs-that-suck and MUAs-that-suck and generally technology-that-sucks.
Just plan on that basis.

Those are facts, and you (f.v.o. "you" = "all of us", including your
provider) can't do jack about those facts, except prepare workarounds
for them.  Stay close to your provider, keep him happy, and feel free
to post questions here in emergencies.

Sometimes you get lucky.  For example, on the software development
lists I manage, almost all users use Emacs-based MUAs or mutt.  That's
as close to heaven as a list owner can get.  When it comes to DMARC
and my educational mailing lists, my employer's regulator (the
Japanese Ministry of Education Et Cetera) forbids use of Yahoo!
mailboxes, so I can too.  Paradise!  When you run into such luck in
your job or business, exploit it!

But that's just pure luck I did nothing to deserve and don't know how
to regenerate.  It's not reality for most list owners, and almost
certainly I won't be so lucky in my future projects, either.

Steve

From cmsamsi at hotmail.com  Sat Dec 24 11:58:03 2016
From: cmsamsi at hotmail.com (Caesar Samsi)
Date: Sat, 24 Dec 2016 16:58:03 +0000
Subject: [Mailman-Users] Installing
 http://packages.ubuntu.com/zesty/mailman, stuck at "Temporary failure"
In-Reply-To: 
References: 

 <8d6ace0e-6c14-dd11-447d-1a527595ab74@msapiro.net>
 <45923E50-B139-42DE-B9E7-A8F90E1362D8@hotmail.com>
 <89c36d09-f51e-45b2-e75b-56d6f5e11019@msapiro.net>

 <8a8c576e-70f6-a055-b5d8-ec64b60aa0a6@msapiro.net>
 <74E65C0A-4AE4-40DB-989B-D0D2D505BEFB@hotmail.com>
 <39B5DA93-2A85-4426-A3C2-CF4A65AD7059@hotmail.com>
 <7679D4E4-3914-480F-B906-2C0BD73B7859@hotmail.com>

 <82A72B99-1C81-4792-AE8A-596117F9B6C6@hotmail.com>

 <34C65CFD-A363-4705-A583-E3860BD8BE44@hotmail.com>

Message-ID: <3030E8B5-BCDC-49AC-A799-AC16AD7F4BCD@hotmail.com>

It WORKS :-D

AFAIK or googled, there isn?t a cookbook to do this with the package. I?m going to try and write one up and test it.

Least I can do for the you & the list.

Thank you! Caesar.

On Dec 23, 2016, at 2:20 PM, Caesar Samsi > wrote:

Whew I think that?s it, I?m doing my dance now :-)

For mydestination I only needed to use localhost like so:
mydestination = yugi.us, mail.yugi.us, localhost

On Dec 23, 2016, at 2:16 PM, Caesar Samsi > wrote:

Agg ? now mails to non list emails get rejected:

>: unknown user: "admin"
Reporting-MTA: dns; mail.yugi.us
X-Postfix-Queue-ID: 606533636B6
X-Postfix-Sender: rfc822; alerts at samsi.us
Arrival-Date: Fri, 23 Dec 2016 14:14:30 -0800 (PST)

Final-Recipient: rfc822; admin at yugi.us
Original-Recipient: rfc822;admin at yugi.us
Action: failed
Status: 5.1.1
Diagnostic-Code: X-Postfix; unknown user: ?admin"

On Dec 23, 2016, at 2:11 PM, Caesar Samsi > wrote:

I got it to work!

I tweaked this section, the clincher was populating mydestination.

I?m going to do a happy dance.

# ---------------------------------
# General host and delivery info
# ----------------------------------

myhostname = mail.yugi.us
mydomain=yugi.us
myorigin = /etc/hostname

# Some people see issues when setting mydestination explicitly to the server
# subdomain, while leaving it empty generally doesn't hurt. So it is left empty$
# mydestination = mail.example.com, localhost

mydestination = yugi.us, mail.yugi.us, localhost

On Dec 23, 2016, at 1:45 PM, Caesar Samsi > wrote:

I?ve chosen to use yugi.us as the email host and www.yugi.us as the url host.

1. I?ve added virtual_alias_domains = yugi.us

However that causes non mailman email addresses from receiving emails:
>: User unknown in virtual alias table
Reporting-MTA: dns; mail.yugi.us
X-Postfix-Queue-ID: 3ADAF3636B6
X-Postfix-Sender: rfc822; alerts at samsi.us
Arrival-Date: Fri, 23 Dec 2016 12:56:00 -0800 (PST)

So I?ve had to remove that setting.

2. I?ve (along with step 1 above):
- rmlist all aliases (including mailman)
- rm /var/lib/mailman/data/virtual-man*
- newlist mailman (and provided the email url hosts owner and password)
- /usr/lib/mailman/bin/genaliases (and see the proper entries in /var/lib/mailman/data/virtual-mailman

Now when I send to mailman at yugi.us I get:
: mail for localhost loops back to myself
Reporting-MTA: dns; mail.yugi.us
X-Postfix-Queue-ID: 3282E3636B6
X-Postfix-Sender: rfc822; alerts at samsi.us
Arrival-Date: Fri, 23 Dec 2016 12:58:11 -0800 (PST)

On my other working mailman server I didn?t have to specify virtual_alias_domains = yugi.us

If I send to mailman at mail.yugi.us I get relay access denied:
Final-Recipient: rfc822; mailman at mail.yugi.us
Original-Recipient: rfc822;mailman at mail.yugi.us
Action: failed
Status: 5.7.1
Remote-MTA: dns; yugi.us
Diagnostic-Code: smtp; 554 5.7.1 >: Relay access denied

I?m stumped ? still looking through google.

I?ve reread https://www.gnu.org/software/mailman/mailman-install/postfix-virtual.html too many times and followed the steps that many times too :-)

Attached is postconf -n output, master.cf, and transport.

On Dec 22, 2016, at 4:09 PM, Mark Sapiro > wrote:

On 12/22/2016 03:07 PM, Caesar Samsi wrote:
Alright I'm stuck here now, been trolling google ? haven?t found a clue yet.

Dec 22 15:02:22 localhost postfix/smtpd[7643]: NOQUEUE: reject: RCPT from 0-46.static.highlandsfibernetwork.com[216.9.0.46]: 550 5.1.1 >: Recipient address rejected: User unknown in virtual mailbox table; from=> to=> proto=ESMTP helo=>

As Jim P. said, you may need

virtual_alias_domains = yugi.us

in Postfix main.cf, although this may conflict with your
virtual_mailbox_domains.

You need to figure out what domains you want to use for what purposes,
and how you want to deliver to Mailman.

Also, look at your data/virtual-mailman. Is the mapping there like

test2 at yugi.us    test2 at localhost
...

or is it

test2 at mail.yugi.us    test2 at localhost

If the latter, you have to post to test2 at mail.yugi.us, not test2 at yugi.us
or fix your list's host names and rerun genaliases.

--
Mark Sapiro >        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan
------------------------------------------------------
Mailman-Users mailing list Mailman-Users at python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: https://mail.python.org/mailman/options/mailman-users/cmsamsi%40hotmail.com

From jsekora at csail.mit.edu  Thu Dec 29 11:16:47 2016
From: jsekora at csail.mit.edu (Jay Sekora)
Date: Thu, 29 Dec 2016 11:16:47 -0500
Subject: [Mailman-Users] After migrating list to new server,
 config.pck database gets truncated by web UI
Message-ID: <40fb252f-06d9-0aa7-0b21-f37eda3317b8@csail.mit.edu>

(Note PS at bottom!)

Hi.  I'm prepping to migrate a bunch of lists (one at a time, due to
huge number of lists and huge size of archives) from one server to
another, and I've hit a snag with the first list I'm trying.  After
migrating the list (as described below), I can go to the lists admindb
page on the new server and get the list of pending requests that was on
the old server, but immediately the request database gets truncated.
(It stays a valid pickle file, it just gets all the requests emptied out
of it, so the file itself is much shorter but non-zero length.)

This happens *when I load* the admindb page, not when I submit the form.
 That seems really weird to me, since I'd expect a page load would only
read the pickle, not write it.

The old server is running Debian and Mailman 2.1.13 (from the Debian
package).  The new server is running Ubuntu and Mailman 2.1.16 (from the
Ubuntu Trusty package; we need to run Trusty for now for complex and
uninteresting reasons; I'd rather run 2.1.18, and may look into running
that on Trusty once I get the basic migration issues resolved).

Relevant UIDs and GIDs (www-data:www-data and list:list) are the same on
both systems.

Short version:  I rsync -aSHov /var/lib/mailman/lists/$listname/
new-server:/var/lib/mailman/lists/$listname and similarly copy the
public and private archives (preserving symlinks as needed).
check_perms on both systems reveals similar errors which look cosmetic
(things like rotated logs, temporary directories where I've copied
things, and the like), but I haven't yet let it run to completion
because of the volume of our archives.  Then I change host_name via the
web interface and m.web_page_url interactively with withlist (using
fix_url seems not to work when changing http: to https:) and m.Save().

One *possibly* relevant detail is that the new host doesn't currently
have a valid certificate.  (It's using the old host's cert, and I
manually allow the exception in my web browser for testing.)  But for
Mailman 2, the only http{,s} traffic should be sent from my browser, right?

This kind of has the feel of a permissions problem, but clearly the CGI
scripts can read from and write to the request.pck database.  (And
changes to the list config data in config.pck seem to be working
normally.)  As I said, check_perms hasn't run to completion yet because
it's plowing through the (already pre-rsync'ed) archives, but it got
through the things in /var/lib/mailman/lists and didn't find anything
wrong with this list.

There's nothing interesting in the Mailman logs (which Debian/Ubuntu put
in /var/log/mailman), and the only thing in the Apache error logs is a
warning that the cert it has configured doesn't match its hostname.

Anybody have any ideas?

Jay

PS -- I composed this all last night.  Today, the behavior has changed:
This morning, a new message was received by the list (forwarded from the
old list server to the new list server, and added to request.pck on the
new server by the new Mailman installation).  Now, when I load the
admindb page, the old requests (which were in the request.pck copied
from the old server) are all immediately thrown away (although displayed
in the admindb form) but the new request which came in this morning
remains.  So it kind of looks like something about the old requests
causes the list to think they're invalid and discard them when it loads
them.  I initially saw this behavior with "require_explicit_destination"
on and "acceptable_aliases" empty, but turning off
"require_explicit_destination" and putting just the local part of the
list address in "acceptable_aliases" doesn't make any difference.

-- 
Jay Sekora
Linux system administrator and postmaster,
The Infrastructure Group
MIT Computer Science and Artificial Intelligence Laboratory

From jsekora at csail.mit.edu  Thu Dec 29 11:38:11 2016
From: jsekora at csail.mit.edu (Jay Sekora)
Date: Thu, 29 Dec 2016 11:38:11 -0500
Subject: [Mailman-Users] SOLVED! Missing data/heldmsg-* files (was Re: After
 migrating list to new server, config.pck database gets truncated by web UI)
In-Reply-To: <40fb252f-06d9-0aa7-0b21-f37eda3317b8@csail.mit.edu>
References: <40fb252f-06d9-0aa7-0b21-f37eda3317b8@csail.mit.edu>
Message-ID: 

Naturally, I was fighting with this for hours, and answered my own
question a few minutes after sending my query.  It looks like I need to
copy the relevant heldmsg-$LISTNAME-* files from /var/lib/mailman/data
along with the request.pck database.  Apparently, when the CGI script
queries the request database, it gets and displays all the entries
there, but also notices which entries don't have corresponding heldmsg
files and deletes them.

Oh, well, maybe this question being in the list archives will mean the
next person will have more success than I did googling to troubleshoot.

With those files copied as well, everything's looking OK.

Jay

-- 
Jay Sekora
Linux system administrator and postmaster,
The Infrastructure Group
MIT Computer Science and Artificial Intelligence Laboratory

From cpz at tuunq.com  Thu Dec 29 11:51:48 2016
From: cpz at tuunq.com (Carl Zwanzig)
Date: Thu, 29 Dec 2016 08:51:48 -0800
Subject: [Mailman-Users] Linux packages vs source install?
In-Reply-To: <40fb252f-06d9-0aa7-0b21-f37eda3317b8@csail.mit.edu>
References: <40fb252f-06d9-0aa7-0b21-f37eda3317b8@csail.mit.edu>
Message-ID: 

[changed the subject]
Hi,

I realize this wasn't part of your question, but-

On 12/29/2016 8:16 AM, Jay Sekora wrote:
> The old server is running Debian and Mailman 2.1.13 (from the Debian
> package).  The new server is running Ubuntu and Mailman 2.1.16 (from the
> Ubuntu Trusty package; we need to run Trusty for now for complex and
> uninteresting reasons; I'd rather run 2.1.18, and may look into running
> that on Trusty once I get the basic migration issues resolved).

Install 2.1.23 from source? I seems like most linux packages are older 
versions (and the list archive has many questions about them). I assume 
there are reasons, but I'm not that deep into linux to know what they are.

Later,

z!
(in the land of BSD)

From jsekora at csail.mit.edu  Thu Dec 29 12:20:14 2016
From: jsekora at csail.mit.edu (Jay Sekora)
Date: Thu, 29 Dec 2016 12:20:14 -0500
Subject: [Mailman-Users] Linux packages vs source install?
In-Reply-To: 
References: <40fb252f-06d9-0aa7-0b21-f37eda3317b8@csail.mit.edu>

Message-ID: 

On 12/29/2016 11:51 AM, Carl Zwanzig wrote:
> [changed the subject]
> Hi,
> 
> I realize this wasn't part of your question, but-
> 
> On 12/29/2016 8:16 AM, Jay Sekora wrote:
>> The old server is running Debian and Mailman 2.1.13 (from the Debian
>> package).  The new server is running Ubuntu and Mailman 2.1.16 (from the
>> Ubuntu Trusty package; we need to run Trusty for now for complex and
>> uninteresting reasons; I'd rather run 2.1.18, and may look into running
>> that on Trusty once I get the basic migration issues resolved).
> 
> Install 2.1.23 from source? I seems like most linux packages are older
> versions (and the list archive has many questions about them). I assume
> there are reasons, but I'm not that deep into linux to know what they are.

Sure, that's a good way to go if freshness is more important than
consistent packaging.  The advantage of sticking with distro packages is
that (1) somebody else is on top of the security updates (and with
Debian in particular, a lot of attention is often devoted to automating
upgrade-related maintenance) and (2) there's coordination with other
packages on the system (so for instance if a security upgrade to Python
requires a minor tweak to Mailman I'll get both at the same time), and
log-rotation and cron jobs and the like are handled in a consistent way
across packages, and you can expect the Debian/Ubuntu Mailman package to
work smoothly with the Debian/Ubuntu SpamAssassin and Exim packages, for
instance.

In this particular case, I have seen reports that the Xenial (16.04)
Mailman packages install and run cleanly on Trusty (14.04), and another
approach would be to rebuild the package with newer source, but of
course those impact the above advantages to some degree (as does just
installing from upstream source).

Jay

PS -- One other advantage to installing from distro packages, especially
on a widely deployed platform like Ubuntu, Fedora, or RHEL, is that a
large fraction of the other people out on the web are doing the same
thing, so if you run into something peculiar, some other package-using
newbie on the net may have posted about the exact same problem.
Obviously on a Mailman-specific list like this (or a Drupal-specific
list or a ClamAV-specific list, or whatever) the ratio of people
installing from source is likely to be higher, though, and of course
that's where to look for the highest-quality answers.

-- 
Jay Sekora
Linux system administrator and postmaster,
The Infrastructure Group
MIT Computer Science and Artificial Intelligence Laboratory

From mark at msapiro.net  Thu Dec 29 12:22:19 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Thu, 29 Dec 2016 09:22:19 -0800
Subject: [Mailman-Users] Linux packages vs source install?
In-Reply-To: 
References: <40fb252f-06d9-0aa7-0b21-f37eda3317b8@csail.mit.edu>

Message-ID: 

On 12/29/2016 08:51 AM, Carl Zwanzig wrote:
> 
> I realize this wasn't part of your question, but-
> 
> On 12/29/2016 8:16 AM, Jay Sekora wrote:
>> The old server is running Debian and Mailman 2.1.13 (from the Debian
>> package).  The new server is running Ubuntu and Mailman 2.1.16 (from the
>> Ubuntu Trusty package; we need to run Trusty for now for complex and
>> uninteresting reasons; I'd rather run 2.1.18, and may look into running
>> that on Trusty once I get the basic migration issues resolved).
> 
> Install 2.1.23 from source? I seems like most linux packages are older
> versions (and the list archive has many questions about them). I assume
> there are reasons, but I'm not that deep into linux to know what they are.

I agree with Carl that installing Mailman from source is almost always
the best option (of course *I* would), but I understand the appeal of
packages and as I have posted before, there is a 2.1.23 Ubuntu package
at  and Debian at
.

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From mark at msapiro.net  Thu Dec 29 12:26:45 2016
From: mark at msapiro.net (Mark Sapiro)
Date: Thu, 29 Dec 2016 09:26:45 -0800
Subject: [Mailman-Users] Linux packages vs source install?
In-Reply-To: 
References: <40fb252f-06d9-0aa7-0b21-f37eda3317b8@csail.mit.edu>

Message-ID: 

On 12/29/2016 09:20 AM, Jay Sekora wrote:
> 
> PS -- One other advantage to installing from distro packages, especially
> on a widely deployed platform like Ubuntu, Fedora, or RHEL, is that a
> large fraction of the other people out on the web are doing the same
> thing, so if you run into something peculiar, some other package-using
> newbie on the net may have posted about the exact same problem.
> Obviously on a Mailman-specific list like this (or a Drupal-specific
> list or a ClamAV-specific list, or whatever) the ratio of people
> installing from source is likely to be higher, though, and of course
> that's where to look for the highest-quality answers.

But don't forget .

-- 
Mark Sapiro         The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From cmsamsi at hotmail.com  Sat Dec 31 00:02:39 2016
From: cmsamsi at hotmail.com (Caesar Samsi)
Date: Sat, 31 Dec 2016 05:02:39 +0000
Subject: [Mailman-Users] Mailman 2.1.23 install on Ubuntu Desktop 16.04
Message-ID: <751C331C-962B-4880-814F-6CA7A41A634C@hotmail.com>

Hi all, Mark, Barry,

Ive finally formalized my cookbook to install mailman. The base installation is a mail server (the usual suspects: postfix and dovecot) that hosts multiple domains (virtual domains). I wanted the flexibility of virtual domains so I can consolidate mail server hosting for several domains that I have.

The cookbook can be found here: https://caesarsamsi.wordpress.com/2016/12/31/install-a-lamp-server-and-mailman-mailing-list/ due to its file size (about 140KB) which can?t be attached to this mailing list email.

You could probably use the insights from the cookbook to install mailman on a simple one domain mail server.

Let me know if clarification is needed and typos or errors found.

Cheers, I hope you enjoy the journey!

Caesar.