[Mailman-Users] Useful Mailman-Postfix Configuration Information for OS X Server Implementers on Yosemite, El Capitan and later builds

Timothy Jasionowski timothy.d at jasionow.ski
Thu Jun 9 21:49:37 EDT 2016 

All,

After some puzzlement and some hard-earned technical consideration, OS X Server 5.1.x and later implementers (the current version independent Server bundle) have a new challenge to take into consideration.  I’m posting this so that people googling/searching later might skip this painful step and/or have it added to future documentation.

As configured today, a mailman implementation running locally would face some version of this relay error in the mail.log:

postfix/smtpd[53192]: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 554 5.7.1 <user at foreigndomain.tld <mailto:user at foreigndomain.tld>>: Relay access denied; from=<testinglist-bounces at localdomain.tld <mailto:testinglist-bounces at localdomain.tld>> to=<user at foreigndomain.tld <mailto:user at foreigndomain.tld>> proto=ESMTP helo=<server.localdomain.tld>

Earlier versions of Server shipped with pre-2.10 versions of postfix (10.9.x, for example, runs 2.9.4 today).  However, with 5.1.x, Apple now implements 2.11, though it has not updated the configuration file to cope with the transition from the former smtpd_recipient_restrictions to the post-2.10 smptd_relay_restrictions parameter.  As most people are going to look at smtpd_client_restrictions and mynetworks to diagnose and not notice that the deprecated parameter is still there in lieu of the current hotness, there may be hours of frustration trying to diagnose that the problem lies in a pre-2.10 configuration file used in the current builds.  

To correct this, might I suggest postfix main.cf changes:

# smtpd_recipient_restrictions = permit_sasl_authenticated reject_unauth_destination permit
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination

This change corrected the relay restriction immediately upon restart.

I hope this helps others out in their implementation.  There seems to be little documented implementation instruction for mailman on OS X Server 5.1.x.

Good luck!

Timothy

More information about the Mailman-Users mailing list