On Thu, Jul 25, 2024 at 12:20 PM Roland Giesler via Mailman-users < mailman-users@mailman3.org> wrote:
On 2024/07/25 11:07, Odhiambo Washington via Mailman-users wrote:
On Wed, Jul 24, 2024 at 4:36 PM Roland Giesler via Mailman-users < mailman-users@mailman3.org> wrote:
I have managed thus far to get things working on my new install, but I need to use a secure logon to send mail from an external MTA. I have set up:
/etc/mailman/mailman.cfg:
smtp_host: box2.gtahardware.co.za smtp_port: 465 smtp_user:roland@giesler.za.net smtp_pass: <hidden> smtp_secure_mode: smtps smtp_verify_cert: no smtp_verify_hostname: no
I'll get a cert installed later, for now just want to get it going.
I misread that. The documentation page says:
The verify_cert and verify_hostname arguments control whether the |ssl| module will validate the server’s X.509 certificate and ensure that the certificate hostname is identical to the hostname expected by Mailman. These default to True, and setting them to False is strongly discouraged: fix the MTA host! (They will be ignored if TLS is not used, i.e., secure_mode is INSECURE. verify_hostname will be ignored unless verify_cert is true.)
So I enabled smtp_verify_cert and smtp_verify_host, but it makes not difference. I still get "relay access denied"...
How about this below??
[mta] # The class defining the interface to the incoming mail transport agent. incoming: mailman.mta.postfix.LMTP
# The callable implementing delivery to the outgoing mail transport agent. # This must accept three arguments, the mailing list, the message, and the # message metadata dictionary. *outgoing: mailman.mta.deliver.deliver* <========= smtp_host: box2.gtahardware.co.za smtp_port: 465 smtp_user:roland@giesler.za.net smtp_pass: <hidden> smtp_secure_mode: smtps smtp_verify_cert: no smtp_verify_hostname: no
To be honest, I have never used this as I always use the localhost MTA. I think you could use a local MTA, configured to authenticate to the remote MTA.
I suppose that is an option, although, if mailman3 supports authentication to a remote MTA, then getting that to work is first prize for me.
If and when you manage to get this working, please loop me in.
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 In an Internet failure case, the #1 suspect is a constant: DNS. "Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-) [How to ask smart questions: http://www.catb.org/~esr/faqs/smart-questions.html]