Difficulties setting up MM3 with Postfix MTA in Docker Environment: Invalid EHLO domain name & Authentification as lists.local
Hi everyone,
I managed to setup mailman using the maxking/mailman-* docker containers, connected to a postfix/dovecot mailserver and a mysql database.
The mail domain is @mail.local, mailman is reachable at lists.local.
I can see the mailman UI fine, its connection to the database is working as well, the only things that’s not working is the initial login: When I try to login with the correct credentials of the superuser I added, I get An error occurred while processing your request.
To me it seems like mailman is trying to authenticate as “lists.local” or “mail.local” or “localhost” to postfix (which of course isn’t working), then issues a EHLO/HELO to postfix which is not a FQDN.
So I guess the latter issue could be resolved by providing a FQDN by mailman.
These are the logfiles from the period:
mail | Oct 21 11:15:07 mail postfix/postscreen[1862]: CONNECT from [172.18.18.8]:49288 to [172.18.18.254]:25
ldap_1 | 5bcc5fc1 conn=1000 fd=12 ACCEPT from IP=172.18.19.8:49252 (IP=0.0.0.0:389)
ldap_1 | 5bcc5fc1 conn=1000 op=0 BIND dn="cn=admin,dc=..." method=128
ldap_1 | 5bcc5fc1 conn=1000 op=0 BIND dn="cn=admin,dc=..." mech=SIMPLE ssf=0
ldap_1 | 5bcc5fc1 conn=1000 op=0 RESULT tag=97 err=0 text=
ldap_1 | 5bcc5fc1 conn=1000 op=1 SRCH base="ou=users,dc=..." scope=2 deref=0 filter="(mail=lists.local)"
ldap_1 | 5bcc5fc1 conn=1000 op=1 SRCH attr=mail
ldap_1 | 5bcc5fc1 conn=1000 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text=
ldap_1 | 5bcc5fc1 conn=1000 op=2 SRCH base="ou=users,dc=..." scope=2 deref=0 filter="(?mailGroupMember=lists.local)"
ldap_1 | 5bcc5fc1 conn=1000 op=2 SRCH attr=mail
ldap_1 | 5bcc5fc1 conn=1000 op=2 SEARCH RESULT tag=101 err=0 nentries=0 text=
ldap_1 | 5bcc5fc1 conn=1000 op=3 SRCH base="ou=users,dc=..." scope=2 deref=0 filter="(|(mail=*@lists.local)(mailalias=*@lists.local))"
ldap_1 | 5bcc5fc1 conn=1000 op=3 SRCH attr=mail
ldap_1 | 5bcc5fc1 <= mdb_substring_candidates: (mail) not indexed
ldap_1 | 5bcc5fc1 <= mdb_substring_candidates: (mailalias) not indexed
ldap_1 | 5bcc5fc1 conn=1000 op=3 SEARCH RESULT tag=101 err=0 nentries=0 text=
ldap_1 | 5bcc5fc1 conn=1000 op=4 SRCH base="ou=users,dc=..." scope=2 deref=0 filter="(mail=mail.local)"
ldap_1 | 5bcc5fc1 conn=1000 op=4 SRCH attr=mail
ldap_1 | 5bcc5fc1 conn=1000 op=4 SEARCH RESULT tag=101 err=0 nentries=0 text=
ldap_1 | 5bcc5fc1 conn=1000 op=5 SRCH base="ou=users,dc=..." scope=2 deref=0 filter="(?mailGroupMember=mail.local)"
ldap_1 | 5bcc5fc1 conn=1000 op=5 SRCH attr=mail
ldap_1 | 5bcc5fc1 conn=1000 op=5 SEARCH RESULT tag=101 err=0 nentries=0 text=
ldap_1 | 5bcc5fc1 conn=1000 op=6 SRCH base="ou=users,dc=..." scope=2 deref=0 filter="(|(mail=*@mail.local)(mailalias=*@mail.local))"
ldap_1 | 5bcc5fc1 conn=1000 op=6 SRCH attr=mail
ldap_1 | 5bcc5fc1 <= mdb_substring_candidates: (mail) not indexed
ldap_1 | 5bcc5fc1 <= mdb_substring_candidates: (mailalias) not indexed
ldap_1 | 5bcc5fc1 conn=1000 op=6 SEARCH RESULT tag=101 err=0 nentries=0 text=
ldap_1 | 5bcc5fc1 conn=1000 op=7 SRCH base="ou=users,dc=..." scope=2 deref=0 filter="(mail=lists.local)"
ldap_1 | 5bcc5fc1 conn=1000 op=7 SRCH attr=mail
ldap_1 | 5bcc5fc1 conn=1000 op=7 SEARCH RESULT tag=101 err=0 nentries=0 text=
ldap_1 | 5bcc5fc1 conn=1000 op=8 SRCH base="ou=users,dc=..." scope=2 deref=0 filter="(?mailGroupMember=lists.local)"
ldap_1 | 5bcc5fc1 conn=1000 op=8 SRCH attr=mail
ldap_1 | 5bcc5fc1 conn=1000 op=8 SEARCH RESULT tag=101 err=0 nentries=0 text=
ldap_1 | 5bcc5fc1 conn=1000 op=9 SRCH base="ou=users,dc=..." scope=2 deref=0 filter="(|(mail=*@lists.local)(mailalias=*@lists.local))"
ldap_1 | 5bcc5fc1 conn=1000 op=9 SRCH attr=mail
ldap_1 | 5bcc5fc1 <= mdb_substring_candidates: (mail) not indexed
ldap_1 | 5bcc5fc1 <= mdb_substring_candidates: (mailalias) not indexed
ldap_1 | 5bcc5fc1 conn=1000 op=9 SEARCH RESULT tag=101 err=0 nentries=0 text=
mail | Oct 21 11:15:13 mail postfix/postscreen[1862]: PASS OLD [172.18.18.8]:49288
mail | Oct 21 11:15:13 mail postfix/smtpd[1873]: connect from srv-docker_mailman-web_1.srv-docker_frontend[172.18.18.8]
mail | Oct 21 11:15:17 mail postfix/postscreen[1862]: warning: dnsblog reply timeout 10s for list.dnswl.org
mail | Oct 21 11:15:27 mail postfix/dnsblog[1866]: warning: dnsblog_query: lookup error for DNS query 8.18.18.172.list.dnswl.org: Host or domain name not found. Name service error for name=8.18.18.172.list.dnswl.org type=A: Host not found, try again
ldap_1 | 5bcc5fdf conn=1000 op=10 SRCH base="ou=users,dc=..." scope=2 deref=0 filter="(mail=lists.local)"
ldap_1 | 5bcc5fdf conn=1000 op=10 SRCH attr=mail
ldap_1 | 5bcc5fdf conn=1000 op=10 SEARCH RESULT tag=101 err=0 nentries=0 text=
ldap_1 | 5bcc5fdf conn=1000 op=11 SRCH base="ou=users,dc=..." scope=2 deref=0 filter="(?mailGroupMember=lists.local)"
ldap_1 | 5bcc5fdf conn=1000 op=11 SRCH attr=mail
ldap_1 | 5bcc5fdf conn=1000 op=11 SEARCH RESULT tag=101 err=0 nentries=0 text=
ldap_1 | 5bcc5fdf conn=1000 op=12 SRCH base="ou=users,dc=..." scope=2 deref=0 filter="(|(mail=*@lists.local)(mailalias=*@lists.local))"
ldap_1 | 5bcc5fdf conn=1000 op=12 SRCH attr=mail
ldap_1 | 5bcc5fdf <= mdb_substring_candidates: (mail) not indexed
ldap_1 | 5bcc5fdf <= mdb_substring_candidates: (mailalias) not indexed
ldap_1 | 5bcc5fdf conn=1000 op=12 SEARCH RESULT tag=101 err=0 nentries=0 text=
ldap_1 | 5bcc5fdf conn=1000 op=13 SRCH base="ou=users,dc=..." scope=2 deref=0 filter="(mail=localhost)"
ldap_1 | 5bcc5fdf conn=1000 op=13 SRCH attr=mail
ldap_1 | 5bcc5fdf conn=1000 op=13 SEARCH RESULT tag=101 err=0 nentries=0 text=
ldap_1 | 5bcc5fdf conn=1000 op=14 SRCH base="ou=users,dc=..." scope=2 deref=0 filter="(?mailGroupMember=localhost)"
ldap_1 | 5bcc5fdf conn=1000 op=14 SRCH attr=mail
ldap_1 | 5bcc5fdf conn=1000 op=14 SEARCH RESULT tag=101 err=0 nentries=0 text=
ldap_1 | 5bcc5fdf conn=1000 op=15 SRCH base="ou=users,dc=..." scope=2 deref=0 filter="(|(mail=*@localhost)(mailalias=*@localhost))"
ldap_1 | 5bcc5fdf conn=1000 op=15 SRCH attr=mail
ldap_1 | 5bcc5fdf <= mdb_substring_candidates: (mail) not indexed
ldap_1 | 5bcc5fdf <= mdb_substring_candidates: (mailalias) not indexed
ldap_1 | 5bcc5fdf conn=1000 op=15 SEARCH RESULT tag=101 err=0 nentries=0 text=
ldap_1 | 5bcc5fdf conn=1000 op=16 SRCH base="ou=users,dc=..." scope=2 deref=0 filter="(mail=lists.local)"
ldap_1 | 5bcc5fdf conn=1000 op=16 SRCH attr=mail
ldap_1 | 5bcc5fdf conn=1000 op=16 SEARCH RESULT tag=101 err=0 nentries=0 text=
ldap_1 | 5bcc5fdf conn=1000 op=17 SRCH base="ou=users,dc=..." scope=2 deref=0 filter="(?mailGroupMember=lists.local)"
ldap_1 | 5bcc5fdf conn=1000 op=17 SRCH attr=mail
ldap_1 | 5bcc5fdf conn=1000 op=17 SEARCH RESULT tag=101 err=0 nentries=0 text=
ldap_1 | 5bcc5fdf conn=1000 op=18 SRCH base="ou=users,dc=..." scope=2 deref=0 filter="(|(mail=*@lists.local)(mailalias=*@lists.local))"
ldap_1 | 5bcc5fdf conn=1000 op=18 SRCH attr=mail
ldap_1 | 5bcc5fdf <= mdb_substring_candidates: (mail) not indexed
ldap_1 | 5bcc5fdf <= mdb_substring_candidates: (mailalias) not indexed
ldap_1 | 5bcc5fdf conn=1000 op=18 SEARCH RESULT tag=101 err=0 nentries=0 text=
mail | Oct 21 11:15:43 mail policyd-spf[1886]: prepend Received-SPF: Temperror (mailfrom) identity=mailfrom; client-ip=172.18.18.8; helo=c98c668820fd; envelope-from=postorius@lists.local; receiver=<UNKNOWN>
mail | Oct 21 11:15:43 mail postfix/smtpd[1873]: NOQUEUE: reject: RCPT from srv-docker_mailman-web_1.srv-docker_frontend[172.18.18.8]: 504 5.5.2 <c98c668820fd>: Helo command rejected: need fully-qualified hostname; from=<postorius@lists.local> to=<niklas.fruehauf@mail.local> proto=ESMTP helo=<c98c668820fd>
mail | Oct 21 11:15:43 mail postfix/postscreen[1862]: CONNECT from [172.18.18.8]:49304 to [172.18.18.254]:25
mail | Oct 21 11:15:43 mail postfix/postscreen[1862]: PASS OLD [172.18.18.8]:49304
mail | Oct 21 11:15:43 mail postfix/smtpd[1903]: connect from srv-docker_mailman-web_1.srv-docker_frontend[172.18.18.8]
proxy_1 | 172.18.18.1 - - [21/Oct/2018:11:16:13 +0000] "POST /accounts/login/ HTTP/1.1" 500 1102 "https://lists.local/accounts/login/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" "-"
Hi,
I managed to setup mailman using the maxking/mailman-* docker containers, connected to a postfix/dovecot mailserver and a mysql database.
To me it seems like mailman is trying to authenticate as “lists.local” or “mail.local” or “localhost” to postfix (which of course isn’t working), then issues a EHLO/HELO to postfix which is not a FQDN.
Why should MM authenticate against postfix? According to the docs:
"Please note here that if you choose to create the admin user using the environment variables mentioned above (MAILMAN_ADMIN_USER & MAILMAN_ADMIN_EMAIL), no password is set for your admin account. To set a password, plese follow the "Forgot Password" link on the "Sign In" page."
HTH Bjoern
On 10/21/18 4:51 AM, Niklas Frühauf wrote:
To me it seems like mailman is trying to authenticate as “lists.local” or “mail.local” or “localhost” to postfix (which of course isn’t working), then issues a EHLO/HELO to postfix which is not a FQDN.
If the MTA requires authentication, you need to set smtp_user: and smtp_pass in the 'mta' section of mailman.cfg. By default, these are empty which means Mailman will not attempt to authenticate to the MTA for outgoing smtp. The actual connection to the MTA is via Python's smtplib.
See <https://mailman.readthedocs.io/en/latest/src/mailman/mta/docs/authentication...> and <https://mailman.readthedocs.io/en/latest/src/mailman/mta/docs/connection.htm...>.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
participants (3)
-
Bjoern Franke
-
Mark Sapiro
-
Niklas Frühauf