Mailman覚え書き
Solaris 9 + Postfix + Mailman + apache 2.0
上記の構成でインストール。 ただし、apache2.0のインストールとpostfixのインストール、pythonのインストールは 終わっているものとする。
次Mailman
% sudo /usr/sbin/groupadd mailman % sudo /usr/sbin/useradd -s /bin/false -d /no/home -g mailman mailman % sudo mkdir /usr/local/mailman % sudo chown root:mailman /usr/local/mailman/ % sudo chmod 02775 /usr/local/mailman/ % sudo chmod a+rs, g+ws % ./configure % make % make test % sudo make install
次に/usr/local/mailmanへ移動して、設定エラーがでなくなるまで以下のコマンドで確認。
% cd /usr/local/mailman % sudo ./bin/check_perm -f
ApacheのCGIをSuexecの下で動かしているので、このままだとMailmanがうまく動かない。そこで、バーチャルホスト機能を使ってMailmanを動かす。ポート3000番にアクセスした際には、Document Rootを/usr/local/mailmanにするように設定する。
まず、httpd.confに以下の部分を加える。
## ## Mailman Virtual host ## Listen 3000 <VirtualHost _default_:3000> <IfModule mod_suexec.c> SuexecUserGroup mailman mailman </IfModule> Servername SERVERNAME:3000 ServerAdmin www@hogehoge.jp DocumentRoot "/usr/local/mailman" ErrorLog logs/mailman-error_log TransferLog /usr/local/apache2/logs/mailman-access_log ScriptAlias /mailman/ "/usr/local/mailman/cgi-bin/" Alias /pipermail/ "/usr/local/mailman/archives/public/" Alias /icons/ "/usr/local/mailman/icons/" <Directory "/usr/local/mailman/cgi-bin/"> AllowOverride All Options ExecCGI Order allow,deny Allow from all </Directory> <Directory "/usr/local/mailman/archive/public/"> AllowOverride None Options All Order allow,deny Allow from all </Directory>
ポイントは、Listenしてあげることと、SuexecUserGroupをIfModuleタグで挟んであげること。
次にPosftfixの設定を変更。
次に/etc/postfix/main.cfを編集
# diff main.cf.org main.cf 13c13,14 < alias_maps = hash:/etc/aliases --- > #alias_maps = hash:/etc/aliases > alias_maps = dbm:/etc/aliases,dbm:/var/lib/mailman/data/aliases 22a24,29 > > # for mailman > > owner_request_special = no > unknown_local_recipient_reject_code = 550
続いてMailmanの設定ファイル/usr/local/mailman/Mailman/mm_cfg.pyを設定。以下を付け加える。
DEFAULT_URL_HOST = 'Web ServerName' DEFAULT_EMAIL_HOST = 'SMTP ServerName' add_virtualhost(DEFAULT_URL_HOST, DEFAULT_EMAIL_HOST) MTA = 'Postfix' DEFAULT_SERVER_LANGUAGE = 'ja' OWNERS_CAN_DELETE_THEIR_OWN_LISTS = Yes DEFAULT_REPLY_GOES_TO_LIST = 1 DEFAULT_GENERIC_NONMEMBER_ACTION = 2 DEFAULT_URL_PATTERN = 'http://%s:3000/mailman/'
ポイントは、DEFAULT_URL_PATTERNで%sの後ろに:3000でポート番号を指定すること。こうしておかないとCGIによって生成されるURLがおかしくなってしまう。
あとは、GNU Mailman - インストールマニュアルに従って設定を行う。ただし、cronをコピーするときには注意すること。Solarisのcrontabには、-uオプションがありません。私は以下のようにしました。
# cp /usr/local/mailman/cron/crontab.in /var/spool/cron/crontabs/mailman # chmod 400 /var/spool/cron/crontabs/mailman # ps -ef | grep cron # kill -HUP JOB_NUMBER_OF_CRON
あとは、/usr/local/mailmanに.htaccessをおいてアクセス制限をしておしまい。
Debian Sarge + Postfix + Mailman + apache2.0
上記の構成でインストール。 ただし、apache2.0のインストールとpostfixのインストールは 終わっているものとする。
まず、pythonインストール
# apt-get install python python-japanese-codecs
次にmailmanをインストール
# apt-get install mailman
/usr/share/doc/mailman以下にあるREADME.DebianとREADME.POSTFIXに したがって、設定ファイルを変更する。
まず、/etc/apache2/apache2.conf(注意!Debian sargeではhttpd.confが編集対象でない)を編集。
私は、以下をapache2.confに付け加えた。
# for Mailman ScriptAlias /mailman/ /usr/lib/cgi-bin/mailman/ Alias /pipermail/ /var/lib/mailman/archives/public/ Alias /images/mailman/ /usr/share/images/mailman/ <Directory /usr/lib/cgi-bin/mailman/> AllowOverride None Options ExecCGI Order allow,deny Allow from all </Directory> <Directory /var/lib/mailman/archives/public/> Options Indexes MultiViews FollowSymLinks AllowOverride None Order allow,deny Allow from all </Directory>
次に/etc/postfix/main.cfを編集
# diff main.cf.org main.cf 13c13,14 < alias_maps = hash:/etc/aliases --- > #alias_maps = hash:/etc/aliases > alias_maps = hash:/etc/aliases,hash:/var/lib/mailman/data/aliases 22a24,29 > > # for mailman > > owner_request_special = no > unknown_local_recipient_reject_code = 550
/etc/mailman/mm_cfg.pyの編集
< #MTA = 'Postfix' --- > MTA = 'Postfix'
とコメントはずします。
次は、パーミッションの設定。 /var/lib/mailman以下のディレクトリのパーミッションを変更する
# cd /var/lib/mailman # ./bin/check_perm
このcheck_permのコマンドを実行するとパーミッションがおかしい ところがでてくるので次のように修正する
# ./bin/check_perm -f
これでno problemと言われるまでやる。途中、上記コマンドでは対応できない ところがでてきた場合には、chmodコマンドやchownコマンドで適宜パーミッションを 変える。
注意!:私の場合(mailman 2.1.5)では、/var/lib/mailman/data/aliasesとaliases.dbのパーミッションをそれぞれ、660と640にしているとメーリングリスト作成時にエラーがでてしまった。そこで、両方とも666にしたところエラーは回避できている。下記、参考リンク「mmjp-users 1381: 新規メーリングリストを作るとバグ表示」を参考のこと。
# chown -R list:list /var/lib/mailman/ # chown list:daemon /var/lib/mailman/data/aliases* # chmod 666 /var/lib/mailman/data/aliases* # /var/lib/mailman/bin/genaliases
/var/lib/mailman/bin/genaliases 次に、サイトパスワード(mailmanにおけるrootパスワード)を作成
# /var/lib/mailman/bin/mmsitepass パスワード
次に、デフォルトメーリングリスト作成
# /var/lib/mailman/bin/newlist mailman
いろいろ再起動します。再起動の際にエラーがでたら適宜修正のこと。
# apachectl restart # /etc/init.d/postfix restart # /var/lib/mailman/bin/mailmanctl start
それぞれ、ログは
/var/log/apache2/error.log /var/log/mail.log /var/log/mailman/error
にある。
以上で、設定は十分なはずです。http://<fqdn>/mailman/listinfo経由で メーリングリストをつくってみてください。
以上です。
参考リンク
- Mailman
- Debian Mailman
- ウェブインターフェイス付きのメーリングリストMailman
- メーリングリストサーバー構築(Mailman編)
- GNU Mailman - インストールマニュアル
- mmjp-users 1381: 新規メーリングリストを作るとバグ表示
http://mm.tkikuchi.net/pipermail/mmjp-users/2005-April/001381.html
Debian Doc
- README.Debian
Notes for the debian mailman package. ===================================== You can access the web interface of mailman on http://<hostname>/cgi-bin/mailman/listinfo In case you want to access mailman thru a shorter URL you should add something like the following to your webserver configuration (this line is for apache): ScriptAlias /mailman/ /usr/lib/cgi-bin/mailman/ In this case you need to set the DEFAULT_URL_PATTERN in /etc/mailman/mm_cfg.py to http://%s/mailman/ for the cookie authentication code to work. Note that you need to change the base URL for all the already-created lists as well. The public archives are located in /var/lib/mailman/archives/public, you can create a symlink from /var/www if you like, or create an alias like the following: Alias /pipermail/ /var/lib/mailman/archives/public/ Note that by default Apache is shipped with SymlinksIfOwnerMatch, not FollowSymlinks. This means that if you switch to private archiving and then back to public archiving again, you will get a "Forbidden" error. If broken images show on your mailman html pages, it is probably because you don't have the /images/mailman/ alias enabled in your webserver, create it as follows: Alias /images/mailman/ /usr/share/images/mailman/ You can create new lists with the newlist command (you have to add the aliases it needs by hand to /etc/aliases or the corresponding database because mailman can not know about configuration of all MTA's, but newlist tells you about the alias it needs, but see the notes on qmail and postfix below). For users of exim: if you want to use the /etc/aliases file for mailman aliases, you'll need to specify a user=list line or something like that in the system_aliases director. As of 2.0.6-1, gate-news is commented out in the default crontab, since most people will be less interested in gating news-to-mail and vice versa. This is asked by a low priority debconf question, so you can change it through debconf or by editing the crontab by hand. As of 2.1.4-2 a debconf question has been added allowing for installing only templates for languages used at your site in /etc/mailman (mailman/site_languages). Savannah -------- Mailman now includes a savannah plugin, courtesy of Guillaume Morin. His description of it: if the list does not exist it just prints 0 if the list exists but the password is false, it just prints 2 if the list exists and the password is correct, it prints 1 adminemail 0/1 (value of advertised) It is needed for integration with savannah (a sourceforge fork, which runs savannah.gnu.org). Python Bug Debian's Python policy has a problem where it gives an application no way to recompile it's .py files when a new python version is installed. This means that if you install Mailman with python 1.5.2, then upgrade to Python 2.1, the .py files will not be recompiled. This will cause performance degradation, if you experience this problem a "dpkg-reconfigure mailman" will fix this problem. You should stop Mailman before running dpkg-reconfigure. I am sorry, but there is no better way until Debian's Python policy is fixed. Qmail ----- For those using qmail, please see the comments in /etc/mailman/qmail-to-mailman.py and set it up according to those instructions. Additional information may be available in /usr/share/doc/mailman/README.QMAIL.gz Postfix _______ For those using postfix who are able to devote a full subdomain lists.doma.in for use by mailman, please see the comments in /etc/mailman/postfix-to-mailman.py . SpamAssassin ------------ As of Mailman 2.1-1, Mailman includes the SpamAssassin patch from Sourceforge.net. It is not enabled by default. If you want to enable the handler, adding GLOBAL_PIPELINE.insert(1, 'SpamAssassin') to your mm_cfg.py should enable it. You can read more documentation about howto configure SpamAssassin and Mailman together at http://www.daa.com.au/~james/articles/mailman-spamassassin/ The current version of this handler used in this package is released on 2003 May 6 by James Henstridge <james@daa.com.au>. Upgrading from Mailman 2.x (where x < 1) ---------------------------------------- Mailman 2.1 has some new aliases which you might want to add, namely admin, bounces, confirm, join, leave, owner, request, subscribe and unsubscribe. Also, /var/lib/mailman/mail/wrapper was changed to /var/lib/mailman/mail/mailman. A compatilbility symlink has been added, but it will be removed in some future version, so please update Also, /var/lib/mailman/mail/wrapper was changed to /var/lib/mailman/mail/mailman. A compatilbility symlink has been added, but it will be removed in some future version, so please update your alias files. You must create a "mailman" list on your system, until it is added, mailman will not start. (It will yell at you, so you should notice.) -- Siggy Brentrup <bsb@debian.org>, Tue Apr 6 23:44:43 2004
- README.POSTFIX
Mailman - The GNU Mailing List Management System Copyright (C) 2001-2004 by the Free Software Foundation, Inc. 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA ! As a service to our users this file has been modified for Debian's ! Mailman package to reflect configuration settings at package build ! time. Modified lines are marked with an exclamation mark at the left ! edge. ! Provided you can devote a full subdomain e.g. `lists.example.com! for exclusive use by Mailman, there is a somewhat simpler method to ! interface Postfix with Mailman by means of the postfix-to-mailman.py ! script that comes with the Debian package. Comments at the top of ! /usr/lib/mailman/bin/postfix-to-mailman.py describe configuration. GENERAL SETUP INFORMATION Mailman should work pretty much out of the box with a standard Postfix installation. As of this writing I've tested it with Postfix 19991231 up to pl13, 200010228 up to pl08, and up to Postfix 2.0.15. By default, Postfix treats -owner and -request addresses specially. Since we want Postfix to deliver such messages to Mailman, you should turn off this option by adding this to your main.cf file: owner_request_special = no In order to support Mailman's optional VERP delivery, you will want to disable luser_relay (the default) and you will want to set recipient_delimiter for extended address semantics. You should comment out any luser_relay value in your main.cf and just go with the defaults. Also, add this to your main.cf file: recipient_delimiter = + Using + as the delimiter works well with the default values for VERP_FORMAT and VERP_REGEXP in Defaults.py. When attempting to deliver a message to a non-existent local address, Postfix may return a 450 error code. Since this is a transient error code, Mailman will continue to attempt to delivery the message for DELIVERY_RETRY_PERIOD (5 days by default). You might want to set Postfix up so that it returns permanent error codes for non-existent local users by adding the following to your main.cf file: unknown_local_recipient_reject_code = 550 Finally, if you are using Postfix-style virtual domains, read the section on virtual domain support below. INTEGRATING POSTFIX AND MAILMAN You can integrate Postfix and Mailman such that when new lists are created, or lists are removed, Postfix's alias database will be automatically updated. The following are the steps you need to take to make this work. ! In the description below, we assume that you have installed an ! official Debian mailman package from master.debian.org or one of ! its many mirrors. - If you are using virtual domains and you want Mailman to honor your virtual domains, read the section below first! ! - Add this to the bottom of the /etc/mailman/mm_cfg.py file: MTA = 'Postfix' The MTA variable names a module in Mailman/MTA which contains the MTA-specific functions to be executed when a list is created or removed. - Look at the Defaults.py file for the variables POSTFIX_ALIAS_CMD and POSTFIX_MAP_CMD command. Make sure these point to your postalias and postmap programs respectively. Remember that if ! you need to make changes, do it in /etc/mailman/mm_cfg.py. - Run the genaliases script to initialize your aliases file. ! % su ! # cd /var/lib/mailman ! # bin/genaliases Make sure that the owner of the data/aliases and data/aliases.db file is `list' and that the group owner for those files is `daemon'. E.g.: ! # chown list:daemon data/aliases* - Hack your Postfix's main.cf file to include the following path in your alias_maps variable: ! /var/lib/mailman/data/aliases (no trailing .db). Do not include this in your alias_database variable. This is because you do not want Postfix's newaliases command to modify Mailman's aliases.db file, but you do want Postfix to consult aliases.db when looking for local addresses. You probably want to use a hash: style database for this entry. Here's an example: alias_maps = hash:/etc/postfix/aliases, ! hash:/var/lib/mailman/data/aliases ! - Debian uses the --with-mail-gid=daemon switch on configure. Because the owner of the aliases.db file is `mailman', Postfix will execute Mailman's wrapper program as uid and gid mailman. That's it! One caveat: when you add or remove a list, the aliases.db file will updated, but it will not automatically run "postfix reload". This is because you need to be root to run this and suid-root scripts are not secure. The only effect of this is that it will take about a minute for Postfix to notice the change to the aliases.db file and update its tables. I consider this a minor inconvenience. VIRTUAL DOMAINS Postfix 2.0 supports "virtual alias domains", essentially what used to be called Postfix-style virtual domains in earlier Postfix versions. To make virtual alias domains work with Mailman, you need to do some setup in both Postfix and Mailman. Mailman will write all virtual alias mappings to a file called, by default, ! /var/lib/mailman/data/virtual-mailman. It will also use postmap to create the virtual-mailman.db file that Postfix will actually use. First, you need to set up the Postfix virtual alias domains as described in the Postfix documentation (see Postfix's virtual(5) manpage). Note that it's your responsibility to include the "virtual-alias.domain anything" line as described manpage; Mailman will not include this line in virtual-mailman. I highly encourage you to make sure your virtual alias domains are working properly before integrating with Mailman. Next, add a path to Postfix's virtual_alias_maps variable, pointing to the virtual-mailman file, e.g.: virtual_alias_maps = <your normal virtual alias files>, ! hash:/var/lib/mailman/data/virtual-mailman assuming you've installed Mailman in the default location. If you're using an older version of Postfix which doesn't have the virtual_alias_maps variable, use the virtual_maps variable instead. Next, in your mm_cfg.py file, you will want to set the variable POSTFIX_STYLE_VIRTUAL_DOMAINS to the list of virtual domains that Mailman should update. This may not be all of the virtual alias domains that your Postfix installation supports! The values in this list will be matched against the host_name attribute of mailing lists objects, and must be an exact match. Here's an example: Let's say I've set up Postfix to handle the virtual domains dom1.ain, dom2.ain, and dom3.ain. Let's say further that in main.cf you've got the following settings: myhostname = mail.dom1.ain mydomain = dom1.ain mydestination = $myhostname, localhost.$mydomain virtual_alias_maps = hash:/some/path/to/virtual-dom1, hash:/some/path/to/virtual-dom2, hash:/some/path/to/virtual-dom2 Let's say further that in virtual-dom1, you've got the following lines: dom1.ain IGNORE @dom1.ain @mail.dom1.ain This tells Postfix to deliver anything addressed to dom1.ain to the same mailbox at mail.dom1.com, its default destination. In this case you would not include dom1.ain in POSTFIX_STYLE_VIRTUAL_DOMAINS because otherwise Mailman will write entries for mailing lists in the dom1.ain domain as mylist@dom1.ain mylist mylist-request@dom1.ain mylist-request # and so on... The more specific entries trump your more general entries, thus breaking the delivery of any dom1.ain mailing list. However, you would include dom2.ain and dom3.ain in mm_cfg.py: POSTFIX_STYLE_VIRTUAL_DOMAINS = ['dom2.ain', 'dom3.ain'] Now, any list that Mailman creates in either of those two domains, will have the correct entries written to ! /var/lib/mailman/data/virtual-mailman As above with the data/aliases* files, you want to make sure that both data/virtual-mailman and data/virtual-mailman.db are user and ! group owned by the `list' user/group. So to get things started, set up your virtual domains, run bin/genaliases, and check the ownerships of the files. From here on out, you should be good to go. AN ALTERNATIVE APPROACH Fil <fil@rezo.net> has an alternative approach based on virtual maps and regular expressions, as described at: (French) http://listes.rezo.net/comment.php (English) http://listes.rezo.net/how.php This is a good (and simpler) alternative if you don't mind exposing an additional hostname in the domain part of the addresses people will use to contact your list. I.e. if people should use mylist@lists.dom.ain instead of mylist@dom.ain. I have not extensively tested this approach however.