essandess

Q: Mailman on Mavericks

I'm trying to configure mailman on Mavericks Server and am running into a few conceptual and technical difficulties. Any help would be greatly appreciated.

 

First, the easy part: installation and web server.  I used Macports, 'sudo port install mailman', created a site password with 'sudo /opt/local/share/mailman/bin/mmsitepass', then I set up an apache mailman.conf file to create the virtual domain lists.mydomain.private pointed at the correct cgi-bin in the mailman distribution under /opt/local/var/mailman. That all works fine.

 

What doesn't work are my attempts at interfacing with Server postfix.

 

Mailman has several configuration options, and I'm trying to use the one that uses the file postfix-to-mailman.py to avoid messing with aliases in /etc/aliases.

 

When I add mailman aliases with pipe commands, I get the error

 

The mail system <mailman-owner@mydomain.com>: Command died with status 2:

   "/opt/local/libexec/mailman/mail/mailman owner mailman". Command output: Group mismatch error.  Mailman expected the mail wrapper script to be executed as group "_mailman", but the system's mail server executed the mail script as group "nobody".  Try tweaking the mail server to run the script as group "_mailman", or re-run configure, providing the command line option `--with-mail-gid=nobody'.

 

So I tried using postfix-to-mailman.py along with its configuration instructions, which involve configuring postfix to use mail sent to lists.mydomain.com as a transport.

 

But I can't get OS X Server Mail to accept mail sent to user@lists.mydomain.com. I did the obvious virtual domain configuration in Server.app, and set up DNS  so that lists.mydomain.com has an A record and an MX record, both pointing to the server.

 

So I'm stuck—what's a decent/working mailman configuration on OS X Server?

 

P.S. This link <https://discussions.apple.com/message/19109176#19109176> has expired.

OS X Mavericks (10.9), OS X Server, EyeTV HD, Turbo.264 HD

Posted on Dec 29, 2013 1:58 PM

Close

Q: Mailman on Mavericks

  • All replies
  • Helpful answers

Previous Page 2
  • by essandess,

    essandess essandess Jan 2, 2014 8:04 PM in response to essandess
    Level 1 (28 points)
    Applications
    Jan 2, 2014 8:04 PM in response to essandess

    Here's some installation notes, in case this this is useful to others. Everything appears to be working correctly.

     

    Mailman on Mavericks With Macports

     

    sudo port install mailman

    sudo port notes mailman

     

    # Follow the notes:

     

    # mailman python config file

    sudo vi /opt/local/share/mailman/Mailman/mm_cfg.py

    :

    DEFAULT_EMAIL_HOST = ‘mydomain.com'          # Match Server.app mail domain

    DEFAULT_URL_HOST = 'lists.mydomain.com'

    add_virtualhost(DEFAULT_URL_HOST, DEFAULT_EMAIL_HOST)

    MTA='Postfix'

     

    sudo vi /opt/local/share/mailman/Mailman/Defaults.py

    :

    DEFAULT_EMAIL_HOST = 'mydomain.com'

    DEFAULT_URL_HOST = 'lists.mydomain.com'

    DEFAULT_URL_PATTERN = 'https://%s/mailman/'          # use HTTPS for lists

     

     

    # apache config file

    # manage this the way you like on your server; here’s what I do:

    sudo mkdir /Library/Server/Web/Config/apache2/mydomain

    sudo cp /Library/Server/Web/Config/apache2/httpd_server_app.conf /Library/Server/Web/Config/apache2/httpd_server_app.conf.orig

     

    sudo vi /Library/Server/Web/Config/apache2/httpd_server_app.conf

    :

    # Server-specific configuration

    Include /Library/Server/Web/Config/apache2/mydomain/*.conf

     

    sudo cp /opt/local/etc/httpd/mailman.conf /Library/Server/Web/Config/apache2/mydomain

     

    # Only do this to create a test virtual domain at lists.mydomain.private

    # Uncomment the VirtualHost stuff / comment out for live hosting at lists.mydomain.com

    sudo vi /Library/Server/Web/Config/apache2/mydomain/mailman.conf

    # <VirtualHost *:80>

    # ServerAdmin webmaster@mydomain.com

    # ServerName lists.mydomain.private

    # DocumentRoot "/opt/local/libexec/mailman/cgi-bin/"

    # ErrorLog /var/log/apache2/lists-error.log

    # CustomLog /var/log/apache2/lists-access.log combined

    ORIGINAL Macports mailman.conf stuff GOES HERE

    # </VirtualHost>

     

    # mailman cron maintenance

    cd /opt/local/share/mailman/cron

    sudo crontab -u mailman crontab.in

     

    # DNS

    Use your DNS hosting service (internet) and Server.app (LAN) to create an alias (A record) of lists.mydomain.com. If you want a LAN test before going live, use Server.app to create a CNAME record of lists.mydomain.private.

     

    # Postfix configuration

    sudo serveradmin set mail:postfix:alias_maps="hash:/etc/aliases, hash:/opt/local/var/mailman/data/aliases"

     

    sudo vi /Library/Server/Mail/Config/postfix/main.cf

    :

    mynetworks = 127.0.0.0/8, [::1]

     

    # Site password

    sudo /opt/local/share/mailman/bin/mmsitepass

     

    # Fix permissions

    sudo chown _www /opt/local/var/mailman/archives/private     # needed to see archives; not sure if this is a bug

    sudo chmod o+r /opt/local/var/mailman/data/aliases*

    sudo chown root /opt/local/var/mailman/data/aliases*

    sudo /opt/local/share/mailman/bin/check_perms -f

    sudo -u _mailman /opt/local/share/mailman/bin/check_perms -f

     

    # Assorted useful commands to fix permissions, reload postfix, remove lists, etc.

    sudo /opt/local/share/mailman/bin/newlist mailman

    sudo postmap -q mailman-request hash:/opt/local/var/mailman/data/aliases

    sudo postfix reload

    sudo /opt/local/share/mailman/bin/rmlist -a test

    sudo postmap hash:/opt/local/var/mailman/data/aliases          # should be automatic

     

    # Launch it all

    sudo port load mailman

    Server.app to restart Mail, Web

     

    # Notes on configuring the mail relay by hand — I messed up my setup because the Server.app doesn’t have the necessary fields.

    Server.app to add mail relay

     

    sudo vi /Library/Server/Mail/Config/postfix/main.cf

    :

    relayhost = smtp.comcast.net:587

    smtpd_use_tls = yes

    smtp_sasl_auth_enable = yes

     

    sudo vi /Library/Server/Mail/Config/postfix/sasl/passwd

    smtp.comcast.net:587            myname@comcast.net:mypassword

     

    sudo postmap hash:/Library/Server/Mail/Config/postfix/sasl/passwd

     

    # sanity check permissions on cleartext password file

    ls -l /Library/Server/Mail/Config/postfix/sasl/passwd*

    -rw-r-----  1 root  mail      61 Jan  1 09:09 /Library/Server/Mail/Config/postfix/sasl/passwd

    -rw-r-----  1 root  wheel  16384 Jan  1 09:11 /Library/Server/Mail/Config/postfix/sasl/passwd.db

     

    # Create a new list

    https://lists.mydomain.com/mailman/admin.cgi/

  • by essandess,

    essandess essandess Jan 21, 2016 7:55 PM in response to essandess
    Level 1 (28 points)
    Applications
    Jan 21, 2016 7:55 PM in response to essandess

    I had to reinstall mailman on a new server build. These commands helped:

     

    sudo serveradmin set mail:postfix:alias_maps="hash:/Library/Server/Mail/Config/postfix/aliases, hash:/opt/local/var/mailman/data/aliases"

    # alias_database file alias.db is created by newaliases

    sudo serveradmin set mail:postfix:alias_database="hash:/opt/local/var/mailman/data/aliases"

    sudo /Applications/Server.app/Contents/ServerRoot/usr/bin/newaliases

    sudo /opt/local/share/mailman/bin/check_perms -f

    sudo -u _mailman /opt/local/share/mailman/bin/check_perms -f

    sudo /Applications/Server.app/Contents/ServerRoot/usr/sbin/postfix reload

     

    # Test alias lookup with Server's postman:

    # result should be "|/opt/local/libexec/mailman/mail/mailman request mailman" with return code 0

    /Applications/Server.app/Contents/ServerRoot/usr/sbin/postmap -q mailman-request hash:/opt/local/var/mailman/data/aliases

  • by essandess,

    essandess essandess Jan 22, 2016 2:06 PM in response to essandess
    Level 1 (28 points)
    Applications
    Jan 22, 2016 2:06 PM in response to essandess

    Also, to get mailman to deliver mail through the relay to outside domains on postfix versions 2.10 and greater, the following modifications are necessary.

     

    First, confirm your postfix version:

     

    sudo /Applications/Server.app/Contents/ServerRoot/usr/sbin/postconf -d | grep mail_version

    mail_version = 2.11.0

     

    Thanks to these two pages, the following postfix settings are necessary, and dovetail with Server.app's existing settings for mail:postfix:smtpd_recipient_restrictions:

     

    sudo serveradmin set mail:postfix:smtpd_relay_restrictions = "permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination"

    sudo serveradmin set mail:postfix:smtpd_recipient_restrictions = "permit_mynetworks, reject_unauth_destination, check_policy_service unix:private/policy permit"

  • by essandess,

    essandess essandess Jan 27, 2016 7:06 PM in response to essandess
    Level 1 (28 points)
    Applications
    Jan 27, 2016 7:06 PM in response to essandess

    Correction: that should read:

     

    sudo serveradmin set mail:postfix:smtpd_recipient_restrictions = "permit_sasl_authenticated check_policy_service unix:private/policy permit"

    sudo serveradmin set mail:postfix:smtpd_relay_restrictions = "permit_mynetworks permit_sasl_authenticated reject_unauth_destination"

    sudo /Applications/Server.app/Contents/ServerRoot/usr/sbin/postfix reload

     

    This will allow Server.app's greylisting and mail relays to work with mailman.

     

    For reference, clicking Server.app>Mail>Filtering Settings... > Enable greylist filtering, adds the entry

     

    smtpd_recipient_restrictions = permit_sasl_authenticated reject_unauth_destination check_policy_service unix:private/policy permit

     

    to /Library/Server/Mail/Config/postfix/main.cf, but this will break mailman through relays because of the "reject_unauth_destination" policy. Per the postfix v2.10 manual, moving this policy to smtp_relay_restrictions makes things work through the relay.

Previous Page 2