Ruth Ivimey-Cook writes:
On 6/22/20 6:23 PM, Stephen J. Turnbull wrote:
By design, Mailman core doesn't need to talk to the Internet or to the secure internal network -- Internet functions are delegated to the MTA and the webapps, and local configuration is via shell access which in principle could be console.
Sorry, I missed this earlier.
I was more or less trying to describe what I thought you were trying to do, and noting that Mailman is designed for it. Thank you for the confirmation.
I am using exim and there is a big benefit when exim can see the list directory names.
Indeed. (I wrote the proof of concept Exim config for Mailman 3 on Debian.) But that's *all* it needs to see. It should be possible to get that information to Exim in some other way, perhaps through a small app that talks to the REST API. If that's generalizable to other MTAs (especially Postfix, but also Sendmail and maybe qmail) it's worth us looking into (and if it's Exim-specific, at this stage I'd say "patches welcome"). This is also the kind of thing that an NFS read-only mount does fine (of course you may not want NFS on a system in the DMZ :-/ ).
However, I find the mailman shell program not very intuitive, and so would prefer to have the web app for admin purposes.
By "local configuration" I mean anything that requires access to the .cfg files or installing code. Anything you can do via Postorius (or soon, via Affinity, hi Brian!) is not local configuration in this sense.