Hi Stephen,
Thank you for the hint. I was focused too much on the documentation and was looking for the answer in the wrong place. Problem fixed.
My problem started with "SMTP authentication not supported" and after fixing that, which was a Postfix parameter, I got this issue and was also looking in Postfix or Django configuration for the answer. This problem is solved and I wished there was a chance to update the documentation, so that these sort of information could be added in the documentation for other people who try to use mailman3.
Thanks Mohsen
-----Original Message----- From: Stephen J. Turnbull <turnbull.stephen.fw@u.tsukuba.ac.jp> Sent: Thursday, April 9, 2020 4:06 AM To: Mohsen Masoudfar <mmasoudf@aaas.org> Cc: mailman-users@mailman3.org Subject: [MM3-users] SMTPAuthenticationError at /accounts/login/
[EXTERNAL EMAIL]
mmasoudf@aaas.org writes:
I have setup the stack according to: Mailman Suite Documentation. Release 3.3 PDF file.
I configured EMAIL_HOST_USER and EMAIL_HOST_PASSWORD in Django settings.py. I could not find the place that I might > configure it for Postfix
I think it helps to start thinking about it from the other end. That is, Postfix is the mail server for all users on a multiuser system. Therefore in "normal" configurations it will use the authentication mechanisms provided by the host operating system.[1] You need to have a user for Mailman in any case, typically called "mailman" or "list".[2]
Once you've configured a user for Mailman on the Postfix side, you use that user and authentication data for Mailman core, Postorius, and HyperKitty to send mail via Postfix.
I am running the site on AWS and to be able to use AWS mail-servers > I have to define following parameter for AWS: smtp_sasl_password_maps which points to a hash for AWS 'ACCESS KEY > ID' and 'SECRET ACCESS KEY'
I don't think that has anything to do with the Mailman-to-Postfix side of things; that's for Postfix to send to AWS's mail exchanger (aka MX).
Steve
Footnotes: [1] It may also be possible to create Postfix-only "virtual" users who have no existence as far as the OS is concerned, but I don't know anything about that.
[2] I haven't thought carefully about whether using Mailman's user in Django would be a security risk, but as long as it only has access to Mailman I don't see how it can do more harm than Mailman itself can, and I don't see why it would be more subject to exploitation than Mailman itself is. Anybody with security chops who wants to weigh in, please do.