[Mailman-Users] Mailman 2 + Postfix + virtual domains + lists subdomain

Jérôme jerome at jolimont.fr
Wed Jul 6 16:51:38 EDT 2016 

Hi.

Thank you Mark for your detailed answer.

Le Tue, 5 Jul 2016 20:08:51 -0700,
Mark Sapiro <mark at msapiro.net> a écrit :

> > # System users
> > alias_maps = hash:/etc/aliases
> 
> You need to add hash:/var/lib/mailman/data/aliases to alias_maps.

Indeed I didn't do that.

It is indicated in the docs :

http://www.gnu.org/software/mailman/mailman-install/postfix-integration.html

but I guess I assumed this applied only to non-virtual domains. Sorry
about that.

Now, I'm wondering. The note in the docs says:

> Mailman's support of virtual domains is limited in that list names
> must be globally unique within a single Mailman instance, i.e., two
> lists may not have the same name even if they are in different
> domains. 

I understand I can't have two lists with the same name on the server,
like list at lists.domain1.tld and list at lists.domain2.tld as they would
conflict.

But may I have a mailbox like test at domain1.tld and a list like
test at lists.domain1.tld ?

Since the alias reads

test:       "|/var/lib/mailman/mail/mailman post test"
test-admin: "|/var/lib/mailman/mail/mailman admin test"
...

I assumed mailman would have everything called "test at ..." be directed
to mailman.

Thinking twice, this file is used for local aliases, so it would only
conflict with system users/aliases, not virtual aliases.

Or not conflict at all ? I'm not sure...

Avoiding conflicts is the reason I'm using the 'lists' subdomain.


Back to the subject, I added hash:/var/lib/mailman/data/aliases to
alias_maps and I'm still getting the same error :

<test at domain1.tld> (expanded from
    <test at lists.domain1.tld>): user unknown

(I did restart Postfix, even Mailman, I even restarted the whole
server.)

Any known potential cause for this?

I don't think there is more to the config than what I already sent.


I'm not sure how it all works. AFAIU, virtual-mailman makes sure that

test at lists.domain1.tld -> test

and then, aliases makes sure that 

test -> "|/var/lib/mailman/mail/mailman post test"

It looks like the first step succeeds, but then postfix appends
domain1.tld to test before looking up in aliases.

Could it be related to that feature that makes postfix append $myorigin
to unqualified recipient addresses.

(http://www.postfix.org/BASIC_CONFIGURATION_README.html#myorigin)

As a quick test, if I connect as local user and send a message using 

    mail nobody

here's what I get in the logs:

postfix/pipe[2909]: 0EC5AC15D: to=<nobody at domain1.tld>,
orig_to=<nobody>, relay=dovecot, delay=0.11, delays=0.04/0.01/0/0.07,
dsn=5.1.1, status=bounced (user unknown)

This seems to indicate that the postfix configuration is wrong,
as /etc/aliases are also broken.

Looks like it boils down to a postfix configuration issue, so it may be
out of scope here...

I can find references on the Internet to issues that seem related, but
didn't find any satisfying answer.

In any case, here's the whole Postix config:

--------------------------------------------------------
postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
disable_vrfy_command = yes
dovecot_destination_recipient_limit = 1
inet_interfaces = all
mailbox_size_limit = 0
mydestination = localhost
mydomain = domain1.tld
myhostname = domain1.tld
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = domain1.tld
recipient_delimiter = +
relayhost =
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_helo_required = yes
smtpd_helo_restrictions = warn_if_reject reject_non_fqdn_helo_hostname,
warn_if_reject reject_invalid_helo_hostname
smtpd_recipient_restrictions = warn_if_reject reject_invalid_hostname,
warn_if_reject reject_non_fqdn_hostname, warn_if_reject
reject_non_fqdn_sender, warn_if_reject reject_non_fqdn_recipient,
warn_if_reject reject_unknown_sender_domain, warn_if_reject
reject_unknown_recipient_domain, permit_sasl_authenticated,
permit_mynetworks, reject_unauth_destination smtpd_relay_restrictions =
smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot smtpd_sender_restrictions = warn_if_reject
reject_unknown_sender_domain, warn_if_reject reject_non_fqdn_sender
smtpd_tls_cert_file = /etc/ssl/certs/dovecot.pem smtpd_tls_key_file
= /etc/ssl/private/dovecot.pem smtpd_tls_mandatory_protocols
= !SSLv2, !SSLv3 smtpd_tls_session_cache_database =
btree:${data_directory}/smtpd_scache smtpd_use_tls = yes
virtual_alias_maps = proxy:pgsql:/etc/postfix/virtual-alias-maps.cf,
hash:/var/lib/mailman/data/virtual-mailman virtual_gid_maps =
static:121 virtual_mailbox_base = /var/mail/vmail/
virtual_mailbox_domains = proxy:pgsql:/etc/postfix/virtual-domains.cf
virtual_mailbox_maps = proxy:pgsql:/etc/postfix/virtual-mailbox-maps.cf
virtual_transport = dovecot virtual_uid_maps = static:113
--------------------------------------------------------

Thanks.

-- 
Jérôme

More information about the Mailman-Users mailing list