Mailman覚え書き

Solaris 9 + Postfix + Mailman + apache 2.0

上記の構成でインストール。 ただし、apache2.0のインストールとpostfixのインストール、pythonのインストールは 終わっているものとする。

次Mailman

% sudo /usr/sbin/groupadd mailman
% sudo /usr/sbin/useradd -s /bin/false -d /no/home -g mailman mailman
% sudo mkdir /usr/local/mailman
% sudo chown root:mailman /usr/local/mailman/
% sudo chmod 02775 /usr/local/mailman/
% sudo chmod a+rs, g+ws
% ./configure
% make
% make test
% sudo make install

次に/usr/local/mailmanへ移動して、設定エラーがでなくなるまで以下のコマンドで確認。

% cd /usr/local/mailman
% sudo ./bin/check_perm -f

ApacheのCGIをSuexecの下で動かしているので、このままだとMailmanがうまく動かない。そこで、バーチャルホスト機能を使ってMailmanを動かす。ポート3000番にアクセスした際には、Document Rootを/usr/local/mailmanにするように設定する。

まず、httpd.confに以下の部分を加える。

##
## Mailman Virtual host
##
Listen 3000
<VirtualHost _default_:3000>
   <IfModule mod_suexec.c>
    SuexecUserGroup mailman mailman   
   </IfModule>
    Servername SERVERNAME:3000
    ServerAdmin www@hogehoge.jp
    DocumentRoot "/usr/local/mailman"
    ErrorLog logs/mailman-error_log
    TransferLog /usr/local/apache2/logs/mailman-access_log
    ScriptAlias /mailman/ "/usr/local/mailman/cgi-bin/"
    Alias /pipermail/ "/usr/local/mailman/archives/public/"
    Alias /icons/ "/usr/local/mailman/icons/"

    <Directory "/usr/local/mailman/cgi-bin/">
        AllowOverride All
        Options ExecCGI
        Order allow,deny
        Allow from all
    </Directory>

    <Directory "/usr/local/mailman/archive/public/">
        AllowOverride None
        Options All
        Order allow,deny
        Allow from all
    </Directory>

ポイントは、Listenしてあげることと、SuexecUserGroupをIfModuleタグで挟んであげること。

次にPosftfixの設定を変更。

次に/etc/postfix/main.cfを編集

# diff main.cf.org main.cf
13c13,14
< alias_maps = hash:/etc/aliases
---
> #alias_maps = hash:/etc/aliases
> alias_maps = dbm:/etc/aliases,dbm:/var/lib/mailman/data/aliases
22a24,29
> 
> # for mailman
> 
> owner_request_special = no
> unknown_local_recipient_reject_code = 550

続いてMailmanの設定ファイル/usr/local/mailman/Mailman/mm_cfg.pyを設定。以下を付け加える。

DEFAULT_URL_HOST = 'Web ServerName'
DEFAULT_EMAIL_HOST = 'SMTP ServerName'
add_virtualhost(DEFAULT_URL_HOST, DEFAULT_EMAIL_HOST)
MTA = 'Postfix'
DEFAULT_SERVER_LANGUAGE = 'ja'
OWNERS_CAN_DELETE_THEIR_OWN_LISTS = Yes
DEFAULT_REPLY_GOES_TO_LIST = 1
DEFAULT_GENERIC_NONMEMBER_ACTION = 2
DEFAULT_URL_PATTERN = 'http://%s:3000/mailman/'

ポイントは、DEFAULT_URL_PATTERNで%sの後ろに:3000でポート番号を指定すること。こうしておかないとCGIによって生成されるURLがおかしくなってしまう。

あとは、GNU Mailman - インストールマニュアルに従って設定を行う。ただし、cronをコピーするときには注意すること。Solarisのcrontabには、-uオプションがありません。私は以下のようにしました。

# cp /usr/local/mailman/cron/crontab.in /var/spool/cron/crontabs/mailman
# chmod 400 /var/spool/cron/crontabs/mailman
# ps -ef | grep cron
# kill -HUP JOB_NUMBER_OF_CRON

あとは、/usr/local/mailmanに.htaccessをおいてアクセス制限をしておしまい。

Debian Sarge + Postfix + Mailman + apache2.0

上記の構成でインストール。 ただし、apache2.0のインストールとpostfixのインストールは 終わっているものとする。

まず、pythonインストール

# apt-get install python python-japanese-codecs

次にmailmanをインストール

# apt-get install mailman

/usr/share/doc/mailman以下にあるREADME.DebianとREADME.POSTFIXに したがって、設定ファイルを変更する。

まず、/etc/apache2/apache2.conf(注意!Debian sargeではhttpd.confが編集対象でない)を編集。

私は、以下をapache2.confに付け加えた。

# for Mailman
ScriptAlias /mailman/   /usr/lib/cgi-bin/mailman/
Alias /pipermail/       /var/lib/mailman/archives/public/
Alias /images/mailman/  /usr/share/images/mailman/

<Directory /usr/lib/cgi-bin/mailman/>
        AllowOverride None
        Options ExecCGI
        Order allow,deny
        Allow from all
</Directory>

<Directory /var/lib/mailman/archives/public/>
        Options Indexes MultiViews FollowSymLinks
        AllowOverride None
        Order allow,deny
        Allow from all
</Directory>

次に/etc/postfix/main.cfを編集

# diff main.cf.org main.cf
13c13,14
< alias_maps = hash:/etc/aliases
---
> #alias_maps = hash:/etc/aliases
> alias_maps = hash:/etc/aliases,hash:/var/lib/mailman/data/aliases
22a24,29
> 
> # for mailman
> 
> owner_request_special = no
> unknown_local_recipient_reject_code = 550

/etc/mailman/mm_cfg.pyの編集

< #MTA = 'Postfix'
---
> MTA = 'Postfix'

とコメントはずします。

次は、パーミッションの設定。 /var/lib/mailman以下のディレクトリのパーミッションを変更する

# cd /var/lib/mailman
# ./bin/check_perm

このcheck_permのコマンドを実行するとパーミッションがおかしい ところがでてくるので次のように修正する

# ./bin/check_perm -f

これでno problemと言われるまでやる。途中、上記コマンドでは対応できない ところがでてきた場合には、chmodコマンドやchownコマンドで適宜パーミッションを 変える。

注意!:私の場合(mailman 2.1.5)では、/var/lib/mailman/data/aliasesとaliases.dbのパーミッションをそれぞれ、660と640にしているとメーリングリスト作成時にエラーがでてしまった。そこで、両方とも666にしたところエラーは回避できている。下記、参考リンク「mmjp-users 1381: 新規メーリングリストを作るとバグ表示」を参考のこと。

# chown -R list:list /var/lib/mailman/
# chown list:daemon /var/lib/mailman/data/aliases*
# chmod 666 /var/lib/mailman/data/aliases*
# /var/lib/mailman/bin/genaliases

/var/lib/mailman/bin/genaliases 次に、サイトパスワード(mailmanにおけるrootパスワード)を作成

# /var/lib/mailman/bin/mmsitepass パスワード

次に、デフォルトメーリングリスト作成

# /var/lib/mailman/bin/newlist mailman

いろいろ再起動します。再起動の際にエラーがでたら適宜修正のこと。

# apachectl restart
# /etc/init.d/postfix restart
# /var/lib/mailman/bin/mailmanctl start

それぞれ、ログは

/var/log/apache2/error.log
/var/log/mail.log
/var/log/mailman/error

にある。

以上で、設定は十分なはずです。http://<fqdn>/mailman/listinfo経由で メーリングリストをつくってみてください。

以上です。

参考リンク

Debian Doc

  • README.Debian
    Notes for the debian mailman package.
    =====================================
    
    You can access the web interface of mailman on
    http://<hostname>/cgi-bin/mailman/listinfo
    
    In case you want to access mailman thru a shorter URL you should add
    something like the following to your webserver configuration (this
    line is for apache):
    
    ScriptAlias /mailman/ /usr/lib/cgi-bin/mailman/
    
    In this case you need to set the DEFAULT_URL_PATTERN in
    /etc/mailman/mm_cfg.py to http://%s/mailman/ for the cookie
    authentication code to work.  Note that you need to change the base
    URL for all the already-created lists as well.
    
    The public archives are located in /var/lib/mailman/archives/public,
    you can create a symlink from /var/www if you like, or create an alias like
    the following:
    
    Alias /pipermail/ /var/lib/mailman/archives/public/
    
    Note that by default Apache is shipped with SymlinksIfOwnerMatch, not
    FollowSymlinks.  This means that if you switch to private archiving
    and then back to public archiving again, you will get a "Forbidden"
    error.
    
    If broken images show on your mailman html pages, it is probably
    because you don't have the /images/mailman/ alias enabled in your
    webserver, create it as follows:
    
    Alias /images/mailman/ /usr/share/images/mailman/
    
    
    You can create new lists with the newlist command (you have to add the
    aliases it needs by hand to /etc/aliases or the corresponding database
    because mailman can not know about configuration of all MTA's, but newlist 
    tells you about the alias it needs, but see the notes on qmail and postfix
    below).
    
    For users of exim: if you want to use the /etc/aliases file for mailman
    aliases, you'll need to specify a user=list line or something like that in
    the system_aliases director.
    
    As of 2.0.6-1, gate-news is commented out in the default crontab,
    
    since most people will be less interested in gating news-to-mail and
    vice versa.  This is asked by a low priority debconf question, so you
    can change it through debconf or by editing the crontab by hand.
    
    As of 2.1.4-2 a debconf question has been added allowing for
    installing only templates for languages used at your site in
    /etc/mailman (mailman/site_languages).
    
    Savannah
    --------
    Mailman now includes a savannah plugin, courtesy of Guillaume Morin.
    His description of it:
    
    if the list does not exist it just prints 0
    if the list exists but the password is false, it just prints 2
    if the list exists and the password is correct, it prints
    1 adminemail 0/1 (value of advertised)
    
    It is needed for integration with savannah (a sourceforge fork, which
    runs savannah.gnu.org).
    
    Python Bug
     Debian's Python policy has a problem where it gives an application no
    way to recompile it's .py files when a new python version is
    installed.  This means that if you install Mailman with python 1.5.2,
    then upgrade to Python 2.1, the .py files will not be recompiled.
    This will cause performance degradation, if you experience this
    problem a "dpkg-reconfigure mailman" will fix this problem.  You
    should stop Mailman before running dpkg-reconfigure.  I am sorry, but
    there is no better way until Debian's Python policy is fixed.
    
    Qmail
    -----
    For those using qmail, please see the comments in
    /etc/mailman/qmail-to-mailman.py and set it up according to those
    instructions. Additional information may be available in
    /usr/share/doc/mailman/README.QMAIL.gz
    
    Postfix
    _______
    For those using postfix who are able to devote a full subdomain
    lists.doma.in for use by mailman, please see the comments in
    /etc/mailman/postfix-to-mailman.py .
    
    SpamAssassin
    
    ------------
    As of Mailman 2.1-1, Mailman includes the SpamAssassin patch from
    Sourceforge.net.  It is not enabled by default.  If you want to enable
    the handler, adding
    
    GLOBAL_PIPELINE.insert(1, 'SpamAssassin')
    
    to your mm_cfg.py should enable it. You can read more documentation about
    howto configure SpamAssassin and Mailman together at
    http://www.daa.com.au/~james/articles/mailman-spamassassin/
    The current version of this handler used in this package is released on
    2003 May 6 by James Henstridge <james@daa.com.au>.
    
    Upgrading from Mailman 2.x (where x < 1)
    ----------------------------------------
    
    Mailman 2.1 has some new aliases which you might want to add, namely
    admin, bounces, confirm, join, leave, owner, request, subscribe and
    unsubscribe.
    
    Also, /var/lib/mailman/mail/wrapper was changed to
    /var/lib/mailman/mail/mailman.  A compatilbility symlink has been
    added, but it will be removed in some future version, so please update
    
    Also, /var/lib/mailman/mail/wrapper was changed to
    /var/lib/mailman/mail/mailman.  A compatilbility symlink has been
    added, but it will be removed in some future version, so please update
    your alias files.
    
    You must create a "mailman" list on your system, until it is added,
    mailman will not start.  (It will yell at you, so you should notice.)
    
     -- Siggy Brentrup <bsb@debian.org>, Tue Apr  6 23:44:43 2004
    
    
    
  • README.POSTFIX
    Mailman - The GNU Mailing List Management System
    Copyright (C) 2001-2004 by the Free Software Foundation, Inc.
    59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
    
    ! As a service to our users this file has been modified for Debian's
    ! Mailman package to reflect configuration settings at package build
    ! time.  Modified lines are marked with an exclamation mark at the left
    ! edge.  
    
    ! Provided you can devote a full subdomain e.g. `lists.example.com! for exclusive use by Mailman, there is a somewhat simpler method to
    ! interface Postfix with Mailman by means of the postfix-to-mailman.py
    ! script that comes with the Debian package.  Comments at the top of
    ! /usr/lib/mailman/bin/postfix-to-mailman.py describe configuration.
    
    
    GENERAL SETUP INFORMATION
    
        Mailman should work pretty much out of the box with a standard
        Postfix installation.  As of this writing I've tested it with
        Postfix 19991231 up to pl13, 200010228 up to pl08, and up to
        Postfix 2.0.15.
    
        By default, Postfix treats -owner and -request addresses
        specially.  Since we want Postfix to deliver such messages to
        Mailman, you should turn off this option by adding this to your
        main.cf file:
    
            owner_request_special = no
    
        In order to support Mailman's optional VERP delivery, you will
        want to disable luser_relay (the default) and you will want to set
        recipient_delimiter for extended address semantics.  You should
        comment out any luser_relay value in your main.cf and just go with
        the defaults.  Also, add this to your main.cf file:
    
            recipient_delimiter = +
    
        Using + as the delimiter works well with the default values for
        VERP_FORMAT and VERP_REGEXP in Defaults.py.
    
        When attempting to deliver a message to a non-existent local address,
        Postfix may return a 450 error code.  Since this is a transient error
        code, Mailman will continue to attempt to delivery the message for
        DELIVERY_RETRY_PERIOD (5 days by default).  You might want to set Postfix
        up so that it returns permanent error codes for non-existent local users
          by adding the following to your main.cf file:
    
            unknown_local_recipient_reject_code = 550
    
        Finally, if you are using Postfix-style virtual domains, read the
        section on virtual domain support below.
    
    
    INTEGRATING POSTFIX AND MAILMAN
    
        You can integrate Postfix and Mailman such that when new lists are
        created, or lists are removed, Postfix's alias database will be
        automatically updated.  The following are the steps you need to
        take to make this work.
    
    !   In the description below, we assume that you have installed an
    !   official Debian mailman package from master.debian.org or one of
    !   its many mirrors.
    
        - If you are using virtual domains and you want Mailman to honor
          your virtual domains, read the section below first!
    
    !   - Add this to the bottom of the /etc/mailman/mm_cfg.py file:
    
          MTA = 'Postfix'
    
          The MTA variable names a module in Mailman/MTA which contains the
          MTA-specific functions to be executed when a list is created or
          removed.
    
        - Look at the Defaults.py file for the variables POSTFIX_ALIAS_CMD
          and POSTFIX_MAP_CMD command.  Make sure these point to your
          postalias and postmap programs respectively.  Remember that if
    !     you need to make changes, do it in /etc/mailman/mm_cfg.py.
    
        - Run the genaliases script to initialize your aliases file.
    
    !      % su
    !      # cd /var/lib/mailman
    !      # bin/genaliases
    
          Make sure that the owner of the data/aliases and data/aliases.db
          file is `list' and that the group owner for those files is
          `daemon'.  E.g.:
    
    !     # chown list:daemon data/aliases*
    
        - Hack your Postfix's main.cf file to include the following path
          in your alias_maps variable:
    
    !         /var/lib/mailman/data/aliases
    
          (no trailing .db).  Do not include this in your alias_database
          variable.  This is because you do not want Postfix's newaliases
          command to modify Mailman's aliases.db file, but you do want
          Postfix to consult aliases.db when looking for local addresses.
    
          You probably want to use a hash: style database for this entry.
          Here's an example:
    
          alias_maps = hash:/etc/postfix/aliases,
     !         hash:/var/lib/mailman/data/aliases
    
     !  - Debian uses the --with-mail-gid=daemon switch on configure.
          Because the owner of the aliases.db file is `mailman', Postfix
          will execute Mailman's wrapper program as uid and gid mailman.
    
        That's it!  One caveat: when you add or remove a list, the
        aliases.db file will updated, but it will not automatically run
         "postfix reload".  This is because you need to be root to run this
        and suid-root scripts are not secure.  The only effect of this is
        that it will take about a minute for Postfix to notice the change
        to the aliases.db file and update its tables.  I consider this a
        minor inconvenience.
    
    
    VIRTUAL DOMAINS
    
        Postfix 2.0 supports "virtual alias domains", essentially what
        used to be called Postfix-style virtual domains in earlier Postfix
        versions.  To make virtual alias domains work with Mailman, you
        need to do some setup in both Postfix and Mailman.  Mailman will
        write all virtual alias mappings to a file called, by default,
    !   /var/lib/mailman/data/virtual-mailman.  It will also use postmap
        to create the virtual-mailman.db file that Postfix will actually
        use.
    
        First, you need to set up the Postfix virtual alias domains as
        described in the Postfix documentation (see Postfix's virtual(5)
        manpage).  Note that it's your responsibility to include the
        "virtual-alias.domain anything" line as described manpage; Mailman
        will not include this line in virtual-mailman.  I highly encourage
        you to make sure your virtual alias domains are working properly
        before integrating with Mailman.
    
        Next, add a path to Postfix's virtual_alias_maps variable,
        pointing to the virtual-mailman file, e.g.:
    
        virtual_alias_maps = <your normal virtual alias files>,
    !       hash:/var/lib/mailman/data/virtual-mailman
    
        assuming you've installed Mailman in the default location.  If
        you're using an older version of Postfix which doesn't have the
        virtual_alias_maps variable, use the virtual_maps variable
        instead.
    
        Next, in your mm_cfg.py file, you will want to set the variable
        POSTFIX_STYLE_VIRTUAL_DOMAINS to the list of virtual domains that
        Mailman should update.  This may not be all of the virtual alias
        domains that your Postfix installation supports!  The values in
        this list will be matched against the host_name attribute of
        mailing lists objects, and must be an exact match.
    
        Here's an example:
        Let's say I've set up Postfix to handle the virtual domains
        dom1.ain, dom2.ain, and dom3.ain.  Let's say further that in
        main.cf you've got the following settings:
    
            myhostname = mail.dom1.ain
            mydomain = dom1.ain
            mydestination = $myhostname, localhost.$mydomain
            virtual_alias_maps =
                hash:/some/path/to/virtual-dom1,
                hash:/some/path/to/virtual-dom2,
                hash:/some/path/to/virtual-dom2
    
        Let's say further that in virtual-dom1, you've got the following
        lines:
    
            dom1.ain  IGNORE
            @dom1.ain @mail.dom1.ain
    
        This tells Postfix to deliver anything addressed to dom1.ain to
        the same mailbox at mail.dom1.com, its default destination.
    
        In this case you would not include dom1.ain in
        POSTFIX_STYLE_VIRTUAL_DOMAINS because otherwise Mailman will write
        entries for mailing lists in the dom1.ain domain as
    
            mylist@dom1.ain         mylist
            mylist-request@dom1.ain mylist-request
            # and so on...
    
        The more specific entries trump your more general entries, thus
        breaking the delivery of any dom1.ain mailing list.
    
        However, you would include dom2.ain and dom3.ain in mm_cfg.py:
    
            POSTFIX_STYLE_VIRTUAL_DOMAINS = ['dom2.ain', 'dom3.ain']
    
        Now, any list that Mailman creates in either of those two domains,
        will have the correct entries written to
    !   /var/lib/mailman/data/virtual-mailman
    
        As above with the data/aliases* files, you want to make sure that
        both data/virtual-mailman and data/virtual-mailman.db are user and
    !   group owned by the `list' user/group.  So to get things
        started, set up your virtual domains, run bin/genaliases, and
        check the ownerships of the files.  From here on out, you should
        be good to go.
    
     AN ALTERNATIVE APPROACH
    
        Fil <fil@rezo.net> has an alternative approach based on virtual
        maps and regular expressions, as described at:
    
        (French)  http://listes.rezo.net/comment.php
        (English) http://listes.rezo.net/how.php
    
        This is a good (and simpler) alternative if you don't mind
        exposing an additional hostname in the domain part of the
        addresses people will use to contact your list.  I.e. if people
        should use mylist@lists.dom.ain instead of mylist@dom.ain.
    
        I have not extensively tested this approach however.
    
    
    

覚え書き