Daniel Armengod writes:
Hello Christoph,
If we setup such a system, can we assume that it will silently operate without causing much administration work most of the time (like my nginx server)? Or is maintaining a Mailman 3 server a significant burden?
As with all things, it is easy once you've mastered it, and easy for someone who /has/ mastered it to say it's easy :P
A Mailman 3 server isn't hard to manage. It's the rest of the system that provides most of the challenges ;-) (including the challenges in configuring Mailman!) You can get pretty close to a turnkey system by using one of the Mailman containers Abhilash provides, but then you need to run Docker, and that's probably going to increase the spec of the hardware you need.
Mailman 2 is much more self-contained than Mailman 3. You still need an MTA and a webserver that provides CGI, but that's all.
The only problem is that our list runs on Mailman 2. We would like to move to Mailman 3
Why?
I'll echo this. We don't need to know (unless there's a specific technical challenge to Mailman 2 that you hope Mailman 3 can resolve, and then we can tell you whether Mailman 3 has it, will have it soon, or won't have it soon if ever), and don't really care (happy to help and all that). But you need to ask yourself that question because it's rarely a good idea to fix what ain't broke. And Mailman 3 is sure to become more robust, easier to install, and easier to migrate Mailman 2 lists over time. Don't do it until you forsee a near- future *need* to migrate, is my advice.
If you're worried about Python 2's "end of life," especially about lack of security maintenance going forward, I wouldn't worry about that. Python 2.7 is a very robust, resilient, and secure in its internal operation. It's very unlikely that a Python-2-specific bug in a Mailman installation is how an attacker gets in. It's not going to need much maintenance.
As a whole, Daniel's advice is excellent and worth studying.
Steve