mmasoudf@aaas.org writes:
I have setup the stack according to: Mailman Suite Documentation. Release 3.3 PDF file.
I configured
EMAIL_HOST_USER and EMAIL_HOST_PASSWORD in Django settings.py. I could not find the place that I might configure it for Postfix
I think it helps to start thinking about it from the other end. That is, Postfix is the mail server for all users on a multiuser system. Therefore in "normal" configurations it will use the authentication mechanisms provided by the host operating system.[1] You need to have a user for Mailman in any case, typically called "mailman" or "list".[2]
Once you've configured a user for Mailman on the Postfix side, you use that user and authentication data for Mailman core, Postorius, and HyperKitty to send mail via Postfix.
I am running the site on AWS and to be able to use AWS mail-servers I have to define following parameter for AWS: smtp_sasl_password_maps which points to a hash for AWS 'ACCESS KEY ID' and 'SECRET ACCESS KEY'
I don't think that has anything to do with the Mailman-to-Postfix side of things; that's for Postfix to send to AWS's mail exchanger (aka MX).
Steve
Footnotes: [1] It may also be possible to create Postfix-only "virtual" users who have no existence as far as the OS is concerned, but I don't know anything about that.
[2] I haven't thought carefully about whether using Mailman's user in Django would be a security risk, but as long as it only has access to Mailman I don't see how it can do more harm than Mailman itself can, and I don't see why it would be more subject to exploitation than Mailman itself is. Anybody with security chops who wants to weigh in, please do.