Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Level 1

41 points

Mailman on Mavericks

I'm trying to configure mailman on Mavericks Server and am running into a few conceptual and technical difficulties. Any help would be greatly appreciated.

First, the easy part: installation and web server. I used Macports, 'sudo port install mailman', created a site password with 'sudo /opt/local/share/mailman/bin/mmsitepass', then I set up an apache mailman.conf file to create the virtual domain lists.mydomain.private pointed at the correct cgi-bin in the mailman distribution under /opt/local/var/mailman. That all works fine.

What doesn't work are my attempts at interfacing with Server postfix.

Mailman has several configuration options, and I'm trying to use the one that uses the file postfix-to-mailman.py to avoid messing with aliases in /etc/aliases.

When I add mailman aliases with pipe commands, I get the error

The mail system <mailman-owner@mydomain.com>: Command died with status 2:

"/opt/local/libexec/mailman/mail/mailman owner mailman". Command output: Group mismatch error. Mailman expected the mail wrapper script to be executed as group "_mailman", but the system's mail server executed the mail script as group "nobody". Try tweaking the mail server to run the script as group "_mailman", or re-run configure, providing the command line option `--with-mail-gid=nobody'.

So I tried using postfix-to-mailman.py along with its configuration instructions, which involve configuring postfix to use mail sent to lists.mydomain.com as a transport.

But I can't get OS X Server Mail to accept mail sent to user@lists.mydomain.com. I did the obvious virtual domain configuration in Server.app, and set up DNS so that lists.mydomain.com has an A record and an MX record, both pointing to the server.

So I'm stuck—what's a decent/working mailman configuration on OS X Server?

P.S. This link <https://discussions.apple.com/thread/4161671> has expired.

OS X Mavericks (10.9), OS X Server, EyeTV HD, Turbo.264 HD

Posted on Dec 29, 2013 1:58 PM

18 replies

essandess Author

Level 1

41 points

Jan 21, 2016 7:55 PM in response to essandess

I had to reinstall mailman on a new server build. These commands helped:

sudo serveradmin set mail:postfix:alias_maps="hash:/Library/Server/Mail/Config/postfix/aliases, hash:/opt/local/var/mailman/data/aliases"

# alias_database file alias.db is created by newaliases

sudo serveradmin set mail:postfix:alias_database="hash:/opt/local/var/mailman/data/aliases"

sudo /Applications/Server.app/Contents/ServerRoot/usr/bin/newaliases

sudo /opt/local/share/mailman/bin/check_perms -f

sudo -u _mailman /opt/local/share/mailman/bin/check_perms -f

sudo /Applications/Server.app/Contents/ServerRoot/usr/sbin/postfix reload

# Test alias lookup with Server's postman:

# result should be "|/opt/local/libexec/mailman/mail/mailman request mailman" with return code 0

/Applications/Server.app/Contents/ServerRoot/usr/sbin/postmap -q mailman-request hash:/opt/local/var/mailman/data/aliases

essandess Author

Level 1

41 points

Jan 22, 2016 2:06 PM in response to essandess

Also, to get mailman to deliver mail through the relay to outside domains on postfix versions 2.10 and greater, the following modifications are necessary.

First, confirm your postfix version:

sudo /Applications/Server.app/Contents/ServerRoot/usr/sbin/postconf -d | grep mail_version

mail_version = 2.11.0

Thanks to these two pages, the following postfix settings are necessary, and dovetail with Server.app's existing settings for mail:postfix:smtpd_recipient_restrictions:

sudo serveradmin set mail:postfix:smtpd_relay_restrictions = "permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination"

sudo serveradmin set mail:postfix:smtpd_recipient_restrictions = "permit_mynetworks, reject_unauth_destination, check_policy_service unix:private/policy permit"

essandess Author

Level 1

41 points

Jan 27, 2016 7:06 PM in response to essandess

Correction: that should read:

sudo serveradmin set mail:postfix:smtpd_recipient_restrictions = "permit_sasl_authenticated check_policy_service unix:private/policy permit"

sudo serveradmin set mail:postfix:smtpd_relay_restrictions = "permit_mynetworks permit_sasl_authenticated reject_unauth_destination"

sudo /Applications/Server.app/Contents/ServerRoot/usr/sbin/postfix reload

This will allow Server.app's greylisting and mail relays to work with mailman.

For reference, clicking Server.app>Mail>Filtering Settings... > Enable greylist filtering, adds the entry

smtpd_recipient_restrictions = permit_sasl_authenticated reject_unauth_destination check_policy_service unix:private/policy permit

to /Library/Server/Mail/Config/postfix/main.cf, but this will break mailman through relays because of the "reject_unauth_destination" policy. Per the postfix v2.10 manual, moving this policy to smtp_relay_restrictions makes things work through the relay.

Mailman on Mavericks