On 2024/07/25 11:07, Odhiambo Washington via Mailman-users wrote:

On Wed, Jul 24, 2024 at 4:36 PM Roland Giesler via Mailman-users < mailman-users@mailman3.org> wrote:

...

I have managed thus far to get things working on my new install, but I need to use a secure logon to send mail from an external MTA. I have set up:

/etc/mailman/mailman.cfg:

smtp_host: box2.gtahardware.co.za smtp_port: 465 smtp_user:roland@giesler.za.net smtp_pass: <hidden> smtp_secure_mode: smtps smtp_verify_cert: no smtp_verify_hostname: no

I'll get a cert installed later, for now just want to get it going.

I misread that.  The documentation page says:

The verify_cert and verify_hostname arguments control whether the |ssl| module will validate the server’s X.509 certificate and ensure that the certificate hostname is identical to the hostname expected by Mailman. These default to True, and setting them to False is strongly discouraged: fix the MTA host! (They will be ignored if TLS is not used, i.e., secure_mode is INSECURE. verify_hostname will be ignored unless verify_cert is true.)

So I enabled smtp_verify_cert and smtp_verify_host, but it makes not difference.  I still get "relay access denied"...

How about this below??

[mta] # The class defining the interface to the incoming mail transport agent. incoming: mailman.mta.postfix.LMTP

# The callable implementing delivery to the outgoing mail transport agent. # This must accept three arguments, the mailing list, the message, and the # message metadata dictionary. *outgoing: mailman.mta.deliver.deliver* <========= smtp_host: box2.gtahardware.co.za smtp_port: 465 smtp_user:roland@giesler.za.net smtp_pass: <hidden> smtp_secure_mode: smtps smtp_verify_cert: no smtp_verify_hostname: no

To be honest, I have never used this as I always use the localhost MTA. I think you could use a local MTA, configured to authenticate to the remote MTA.

I suppose that is an option, although, if mailman3 supports authentication to a remote MTA, then getting that to work is first prize for me.

Details: https://docs.mailman3.org/projects/mailman/en/latest/src/mailman/mta/docs/co...

On 7/27/24 01:32, Roland Giesler via Mailman-users wrote:

On 2024/07/25 20:50, Mark Sapiro wrote:

...

It is the mail server at box2.gtahardware.co.za that is refusing to relay this message. I think this issue needs to be resolved in that MTA's configuration.

Indeed that is so, but that box is in daily use by a few different users and they authenticate and send email without any problems.  I'm checking out the link you shared in my other thread now.

Since I think you said the MTA at box2.gtahardware.co.za is Postfix, you probably need to add the IP of the Mailman server to mynetworks in Postfix main.cf on box2.gtahardware.co.za.

-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan

On 7/27/24 13:05, Odhiambo Washington via Mailman-users wrote:

ASMTP works on the premise of "we can relay mail for you if we can authenticate you with certain credentials" Adding the IP to "hosts we can relay mail for" negates the need to authenticate, IMHO. So I am still waiting for how MM3 does ASMTP. Does it?

If by ASMTP, you mean SMTP AUTH, Mailman does it if smtp_user: and smtp_pass: are provided in mailman.cfg.

I agree that an authenticated user should be able to submit mail to be relayed. Just guessing here, but perhaps the issue is the OP is submitting to the deprecated port 465 instead of 587.

-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan

On 2024/07/27 22:58, Odhiambo Washington via Mailman-users wrote:

On Sat, Jul 27, 2024 at 11:34 PM Mark Sapiro <mark@msapiro.net> wrote:

...

On 7/27/24 13:05, Odhiambo Washington via Mailman-users wrote:

...

ASMTP works on the premise of "we can relay mail for you if we can authenticate you with certain credentials" Adding the IP to "hosts we can relay mail for" negates the need to authenticate, IMHO. So I am still waiting for how MM3 does ASMTP. Does it?

If by ASMTP, you mean SMTP AUTH, Mailman does it if smtp_user: and smtp_pass: are provided in mailman.cfg.

I agree that an authenticated user should be able to submit mail to be relayed. Just guessing here, but perhaps the issue is the OP is submitting to the deprecated port 465 instead of 587.

Port 465 is not quite depreciated. It's the decision of the Admin to decide to listen on/and accept SMTP AUTH on which port. On the servers I run, and based on Exim as the MTA, I accept SMTP AUTH On ports 465, 587 and 2525 (this is meant to subvert some ISPs!). But let's await Roland's response.

The server runs power-mailinabox, which uses Postfix indeed.  All my mail, and quite a few others' mail is sent from the using SMTP-Auth on port 465.  Actually, this message is sent via that server too.  So it's clear to me that MM3 is not authenticating for some reason.

On 2024/07/28 00:39, Mark Sapiro wrote:

On 7/27/24 15:16, Roland Giesler via Mailman-users wrote:

...

The server runs power-mailinabox, which uses Postfix indeed. All my mail, and quite a few others' mail is sent from the using SMTP-Auth on port 465.  Actually, this message is sent via that server too.  So it's clear to me that MM3 is not authenticating for some reason.

What do you see in Mailman's smtp.log and in the mail.log on the mail server?

The smtp log is in syslog...

Jul 28 12:48:19 mailman postfix/smtpd[63855]: connect from localhost[::1] Jul 28 12:48:19 mailman postfix/smtpd[63855]: NOQUEUE: reject: RCPT from localhost[::1]: 454 4.7.1 <roland@giesler.za.net>: Relay access denied; from=<postorius@giesler.za.net> to=<roland@giesler.za.net> proto=ESMTP helo=<mailman.fast.za.net> Jul 28 12:48:19 mailman postfix/smtpd[63769]: lost connection after RSET from localhost[::1] Jul 28 12:48:19 mailman postfix/smtpd[63769]: disconnect from localhost[::1] ehlo=1 mail=1 rcpt=0/1 rset=1 commands=3/4 Jul 28 12:48:19 mailman postfix/smtpd[63769]: connect from localhost[::1] Jul 28 12:48:19 mailman postfix/smtpd[63769]: 4D0DE120A5B: client=localhost[::1] Jul 28 12:48:19 mailman postfix/cleanup[63291]: 4D0DE120A5B: message-id=<172217089931.2150.9004701361968608890@mailman.fast.za.net> Jul 28 12:48:19 mailman postfix/qmgr[330]: 4D0DE120A5B: from=<root@giesler.za.net>, size=21782, nrcpt=1 (queue active) Jul 28 12:48:19 mailman postfix/smtpd[63769]: disconnect from localhost[::1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5 Jul 28 12:48:19 mailman postfix/local[63575]: 4D0DE120A5B: to=<root@localhost>, relay=local, delay=0.01, delays=0.01/0/0/0, dsn=2.0.0, status=sent (delivered to mailbox) Jul 28 12:48:19 mailman postfix/qmgr[330]: 4D0DE120A5B: removed

I think I see what's going on here.  The mail is being sent from postorius@giesler.za.net and there is no log entry on box2.gtahardware.co.za that shows this logon attempt.  So it seems it's not going to that server, but rather to the local postfix.

A mail was sent to root on the localhost with the following content:

Return-Path: <root@giesler.za.net> X-Original-To: root@localhost Delivered-To: root@localhost Received: from mailman.fast.za.net (localhost [IPv6:::1]) by mailman.localdomain (Postfix) with ESMTP id 2174A120A5B for <root@localhost>; Sun, 28 Jul 2024 13:11:03 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Subject: [Django] ERROR (EXTERNAL IP): Internal Server Error: /accounts/login/ From: root@giesler.za.net To: root@localhost Date: Sun, 28 Jul 2024 13:11:03 -0000 Message-ID: <172217226313.2150.10895652368679013629@mailman.fast.za.net>

Internal Server Error: /accounts/login/

SMTPRecipientsRefused at /accounts/login/ {'roland@giesler.za.net': (454, b'4.7.1 <roland@giesler.za.net>: Relay acce= ss denied')}

Request Method: POST Request URL: http://192.168.161.103/accounts/login/ Django Version: 3.2.12 Python Executable: /usr/bin/uwsgi-core Python Version: 3.10.12 Python Path: ['.', '', '/usr/lib/python310.zip', '/usr/lib/python3.10', '/u= sr/lib/python3.10/lib-dynload', '/usr/local/lib/python3.10/dist-packages', = '/usr/lib/python3/dist-packages', '/usr/lib/python3.10/dist-packages'] Server time: Sun, 28 Jul 2024 15:11:03 +0200 Installed Applications: ('hyperkitty', 'postorius', 'django_mailman3', 'django.contrib.admin', 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.sites', 'django.contrib.messages', 'django.contrib.staticfiles', 'rest_framework', 'django_gravatar', 'compressor', 'haystack', 'django_extensions', 'django_q', 'allauth', 'allauth.account', 'allauth.socialaccount', 'django_mailman3.lib.auth.fedora') Installed Middleware: ('django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.common.CommonMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.middleware.locale.LocaleMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', 'django.middleware.security.SecurityMiddleware', 'django_mailman3.middleware.TimezoneMiddleware', 'postorius.middleware.PostoriusMiddleware')

Traceback (most recent call last): File "/usr/lib/python3/dist-packages/django/core/handlers/exception.py", line 47, in inner response =3D get_response(request) File "/usr/lib/python3/dist-packages/django/core/handlers/base.py", line 181, in _get_response response =3D wrapped_callback(request, *callback_args, **callback_kwargs) File "/usr/lib/python3/dist-packages/django/views/generic/base.py", line 70, in view return self.dispatch(request, *args, **kwargs) File "/usr/lib/python3/dist-packages/django/utils/decorators.py", line 43, in _wrapper return bound_method(*args, **kwargs) File "/usr/lib/python3/dist-packages/django/views/decorators/debug.py", line 89, in sensitive_post_parameters_wrapper return view(request, *args, **kwargs) File "/usr/lib/python3/dist-packages/allauth/account/views.py", line 146, in dispatch return super(LoginView, self).dispatch(request, *args, **kwargs) File "/usr/lib/python3/dist-packages/allauth/account/views.py", line 74, in dispatch response =3D super(RedirectAuthenticatedUserMixin, self).dispatch( File "/usr/lib/python3/dist-packages/django/views/generic/base.py", line 98, in dispatch return handler(request, *args, **kwargs) File "/usr/lib/python3/dist-packages/allauth/account/views.py", line 102, in post response =3D self.form_valid(form) File "/usr/lib/python3/dist-packages/allauth/account/views.py", line 159, in form_valid return form.login(self.request, redirect_url=3Dsuccess_url) File "/usr/lib/python3/dist-packages/allauth/account/forms.py", line 196, in login ret =3D perform_login( File "/usr/lib/python3/dist-packages/allauth/account/utils.py", line 175, in perform_login send_email_confirmation(request, user, signup=3Dsignup, email=3Demail) File "/usr/lib/python3/dist-packages/allauth/account/utils.py", line 346, in send_email_confirmation email_address.send_confirmation(request, signup=3Dsignup) File "/usr/lib/python3/dist-packages/allauth/account/models.py", line 62, in send_confirmation confirmation.send(request, signup=3Dsignup) File "/usr/lib/python3/dist-packages/allauth/account/models.py", line 169, in send get_adapter(request).send_confirmation_mail(request, self, signup) File "/usr/lib/python3/dist-packages/allauth/account/adapter.py", line 464, in send_confirmation_mail self.send_mail(email_template, emailconfirmation.email_address.email, ctx) File "/usr/lib/python3/dist-packages/allauth/account/adapter.py", line 136, in send_mail msg.send() File "/usr/lib/python3/dist-packages/django/core/mail/message.py", line 284, in send return self.get_connection(fail_silently).send_messages([self]) File "/usr/lib/python3/dist-packages/django/core/mail/backends/smtp.py", line 109, in send_messages sent =3D self._send(message) File "/usr/lib/python3/dist-packages/django/core/mail/backends/smtp.py", line 125, in _send self.connection.sendmail(from_email, recipients, message.as_bytes(linesep=3D'\r\n')) File "/usr/lib/python3.10/smtplib.py", line 901, in sendmail raise SMTPRecipientsRefused(senderrs)

Exception Type: SMTPRecipientsRefused at /accounts/login/ Exception Value: {'roland@giesler.za.net': (454, b'4.7.1 <roland@giesler.za.net>: Relay access denied')} Request information: USER: AnonymousUser

GET: No GET data

POST: csrfmiddlewaretoken =3D '41gp97hhfO2FhiEzOFLf1c5P3WLxk5TZvOgF0Qske6zI3EHtk8YK3w6wlEhLQAVS' login =3D 'roland@giesler.za.net' password =3D '********************' next =3D '/postorius/lists/'

FILES: No FILES data

COOKIES: csrftoken =3D 'aW8mw1heNIcuQ1YTMwnWMzi9DMaDFES6BJ8CnKshM0JxCn1NiZArOTjQVuGRb9UZ'

META: CONTENT_LENGTH =3D '164' CONTENT_TYPE =3D 'application/x-www-form-urlencoded' CSRF_COOKIE =3D 'aW8mw1heNIcuQ1YTMwnWMzi9DMaDFES6BJ8CnKshM0JxCn1NiZArOTjQVuGRb9UZ' DOCUMENT_ROOT =3D '/usr/share/nginx/html' HTTP_ACCEPT =3D 'text/html,application/xhtml+xml,application/xml;q=3D0.9,image/avif,image/webp,image/apng,*/*;q=3D0.8' HTTP_ACCEPT_ENCODING =3D 'gzip, deflate' HTTP_ACCEPT_LANGUAGE =3D 'en-GB,en' HTTP_CACHE_CONTROL =3D 'max-age=3D0' HTTP_CONNECTION =3D 'keep-alive' HTTP_CONTENT_LENGTH =3D '164' HTTP_CONTENT_TYPE =3D 'application/x-www-form-urlencoded' HTTP_COOKIE =3D 'csrftoken=3DaW8mw1heNIcuQ1YTMwnWMzi9DMaDFES6BJ8CnKshM0JxCn1NiZArOTjQVuGRb9UZ' HTTP_HOST =3D '192.168.161.103' HTTP_ORIGIN =3D 'http://192.168.161.103' HTTP_REFERER =3D 'http://192.168.161.103/accounts/login/?next=3D/postorius/lists/' HTTP_SEC_GPC =3D '1' HTTP_UPGRADE_INSECURE_REQUESTS =3D '1' HTTP_USER_AGENT =3D 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36' PATH_INFO =3D '/accounts/login/' QUERY_STRING =3D '' REMOTE_ADDR =3D '192.168.131.150' REMOTE_PORT =3D '60098' REQUEST_METHOD =3D 'POST' REQUEST_SCHEME =3D 'http' REQUEST_URI =3D '/accounts/login/' SCRIPT_NAME =3D '' SERVER_NAME =3D '' SERVER_PORT =3D '80' SERVER_PROTOCOL =3D 'HTTP/1.1' uwsgi.core =3D 1 uwsgi.node =3D b'mailman' uwsgi.version =3D b'2.0.20-debian' wsgi.errors =3D <_io.TextIOWrapper name=3D2 mode=3D'w' encoding=3D'ANSI_X3.4-1968'> wsgi.file_wrapper =3D <built-in function uwsgi_sendfile> wsgi.input =3D <uwsgi._Input object at 0x7facb44bd530> wsgi.multiprocess =3D False wsgi.multithread =3D True wsgi.run_once =3D False wsgi.url_scheme =3D 'http' wsgi.version =3D '(1, 0)'

Settings: Using settings module settings ABSOLUTE_URL_OVERRIDES =3D {} ACCOUNT_AUTHENTICATION_METHOD =3D 'username_email' ACCOUNT_DEFAULT_HTTP_PROTOCOL =3D 'https' ACCOUNT_EMAIL_REQUIRED =3D True ACCOUNT_EMAIL_VERIFICATION =3D 'mandatory' ACCOUNT_UNIQUE_EMAIL =3D True ADMINS =3D "(('Mailman Suite Admin', 'root@localhost'),)" ALLOWED_HOSTS =3D ['*'] APPEND_SLASH =3D True AUTHENTICATION_BACKENDS =3D "('django.contrib.auth.backends.ModelBackend', 'allauth.account.auth_backends.AuthenticationBackend')" AUTH_PASSWORD_VALIDATORS =3D '********************' AUTH_USER_MODEL =3D 'auth.User' BASE_DIR =3D '/usr/share/mailman3-web' CACHES =3D {'default': {'BACKEND': 'django.core.cache.backends.locmem.LocMemCache'}} CACHE_MIDDLEWARE_ALIAS =3D 'default' CACHE_MIDDLEWARE_KEY_PREFIX =3D '********************' CACHE_MIDDLEWARE_SECONDS =3D 600 COMPRESSORS =3D {'css': 'compressor.css.CssCompressor', 'js': 'compressor.js.JsCompressor'} COMPRESS_CACHEABLE_PRECOMPILERS =3D '()' COMPRESS_CACHE_BACKEND =3D 'default' COMPRESS_CACHE_KEY_FUNCTION =3D '********************' COMPRESS_CLEAN_CSS_ARGUMENTS =3D '' COMPRESS_CLEAN_CSS_BINARY =3D 'cleancss' COMPRESS_CLOSURE_COMPILER_ARGUMENTS =3D '' COMPRESS_CLOSURE_COMPILER_BINARY =3D 'java -jar compiler.jar' COMPRESS_CSS_HASHING_METHOD =3D 'mtime' COMPRESS_DATA_URI_MAX_SIZE =3D 1024 COMPRESS_DEBUG_TOGGLE =3D None COMPRESS_ENABLED =3D True COMPRESS_FILTERS =3D {'css': ['compressor.filters.css_default.CssAbsoluteFilter'], 'js': ['compressor.filters.jsmin.JSMinFilter']} COMPRESS_JINJA2_GET_ENVIRONMENT =3D <function CompressorConf.JINJA2_GET_ENVIRONMENT at 0x7facb6a52b00> COMPRESS_MINT_DELAY =3D 30 COMPRESS_MTIME_DELAY =3D 10 COMPRESS_OFFLINE =3D True COMPRESS_OFFLINE_CONTEXT =3D {'STATIC_URL': '/mailman3/static/'} COMPRESS_OFFLINE_MANIFEST =3D 'manifest.json' COMPRESS_OFFLINE_TIMEOUT =3D 31536000 COMPRESS_OUTPUT_DIR =3D 'CACHE' COMPRESS_PARSER =3D 'compressor.parser.AutoSelectParser' COMPRESS_PRECOMPILERS =3D '()' COMPRESS_REBUILD_TIMEOUT =3D 2592000 COMPRESS_ROOT =3D '/var/lib/mailman3/web/static' COMPRESS_STORAGE =3D 'compressor.storage.CompressorFileStorage' COMPRESS_TEMPLATE_FILTER_CONTEXT =3D {'STATIC_URL': '/mailman3/static/'} COMPRESS_URL =3D '/mailman3/static/' COMPRESS_URL_PLACEHOLDER =3D '/__compressor_url_placeholder__/' COMPRESS_VERBOSE =3D False COMPRESS_YUGLIFY_BINARY =3D 'yuglify' COMPRESS_YUGLIFY_CSS_ARGUMENTS =3D '--terminal' COMPRESS_YUGLIFY_JS_ARGUMENTS =3D '--terminal' COMPRESS_YUI_BINARY =3D 'java -jar yuicompressor.jar' COMPRESS_YUI_CSS_ARGUMENTS =3D '' COMPRESS_YUI_JS_ARGUMENTS =3D '' CSRF_COOKIE_AGE =3D 31449600 CSRF_COOKIE_DOMAIN =3D None CSRF_COOKIE_HTTPONLY =3D False CSRF_COOKIE_NAME =3D 'csrftoken' CSRF_COOKIE_PATH =3D '/' CSRF_COOKIE_SAMESITE =3D 'Lax' CSRF_COOKIE_SECURE =3D False CSRF_FAILURE_VIEW =3D 'django.views.csrf.csrf_failure' CSRF_HEADER_NAME =3D 'HTTP_X_CSRFTOKEN' CSRF_TRUSTED_ORIGINS =3D [] CSRF_USE_SESSIONS =3D False DATABASES =3D {'default': {'ENGINE': 'django.db.backends.mysql', 'NAME': 'mailman3web', 'USER': 'mailman3web', 'PASSWORD': '********************', 'HOST': 'localhost', 'PORT': '', 'OPTIONS': {'init_command': "SET sql_mode=3D'STRICT_TRANS_TABLES'"}, 'ATOMIC_REQUESTS': False, 'AUTOCOMMIT': True, 'CONN_MAX_AGE': 0, 'TIME_ZONE': None, 'TEST': {'CHARSET': None, 'COLLATION': None, 'MIGRATE': True, 'MIRROR': None, 'NAME': None}}} DATABASE_ROUTERS =3D [] DATA_UPLOAD_MAX_MEMORY_SIZE =3D 2621440 DATA_UPLOAD_MAX_NUMBER_FIELDS =3D 1000 DATA_UPLOAD_MAX_NUMBER_FILES =3D 100 DATETIME_FORMAT =3D 'N j, Y, P' DATETIME_INPUT_FORMATS =3D ['%Y-%m-%d %H:%M:%S', '%Y-%m-%d %H:%M:%S.%f', '%Y-%m-%d %H:%M', '%m/%d/%Y %H:%M:%S', '%m/%d/%Y %H:%M:%S.%f', '%m/%d/%Y %H:%M', '%m/%d/%y %H:%M:%S', '%m/%d/%y %H:%M:%S.%f', '%m/%d/%y %H:%M'] DATE_FORMAT =3D 'N j, Y' DATE_INPUT_FORMATS =3D ['%Y-%m-%d', '%m/%d/%Y', '%m/%d/%y', '%b %d %Y', '%b %d, %Y', '%d %b %Y', '%d %b, %Y', '%B %d %Y', '%B %d, %Y', '%d %B %Y', '%d %B, %Y'] DEBUG =3D False DEBUG_PROPAGATE_EXCEPTIONS =3D False DECIMAL_SEPARATOR =3D '.' DEFAULT_AUTO_FIELD =3D 'django.db.models.AutoField' DEFAULT_CHARSET =3D 'utf-8' DEFAULT_EXCEPTION_REPORTER =3D 'django.views.debug.ExceptionReporter' DEFAULT_EXCEPTION_REPORTER_FILTER =3D 'django.views.debug.SafeExceptionReporterFilter' DEFAULT_FILE_STORAGE =3D 'django.core.files.storage.FileSystemStorage' DEFAULT_FROM_EMAIL =3D 'postorius@giesler.za.net' DEFAULT_HASHING_ALGORITHM =3D 'sha256' DEFAULT_INDEX_TABLESPACE =3D '' DEFAULT_TABLESPACE =3D '' DISALLOWED_USER_AGENTS =3D [] EMAILNAME =3D 'giesler.za.net' EMAIL_BACKEND =3D 'django.core.mail.backends.smtp.EmailBackend' EMAIL_HOST =3D 'localhost' EMAIL_HOST_PASSWORD =3D '********************' EMAIL_HOST_USER =3D '' EMAIL_PORT =3D 25 EMAIL_SSL_CERTFILE =3D None EMAIL_SSL_KEYFILE =3D '********************' EMAIL_SUBJECT_PREFIX =3D '[Django] ' EMAIL_TIMEOUT =3D None EMAIL_USE_LOCALTIME =3D False EMAIL_USE_SSL =3D False EMAIL_USE_TLS =3D False FILE_UPLOAD_DIRECTORY_PERMISSIONS =3D None FILE_UPLOAD_HANDLERS =3D ['django.core.files.uploadhandler.MemoryFileUploadHandler', 'django.core.files.uploadhandler.TemporaryFileUploadHandler'] FILE_UPLOAD_MAX_MEMORY_SIZE =3D 2621440 FILE_UPLOAD_PERMISSIONS =3D 420 FILE_UPLOAD_TEMP_DIR =3D None FILTER_VHOST =3D False FIRST_DAY_OF_WEEK =3D 0 FIXTURE_DIRS =3D [] FORCE_SCRIPT_NAME =3D None FORMAT_MODULE_PATH =3D None FORM_RENDERER =3D 'django.forms.renderers.DjangoTemplates' HAYSTACK_CONNECTIONS =3D {'default': {'ENGINE': 'haystack.backends.whoosh_backend.WhooshEngine', 'PATH': '/var/lib/mailman3/web/fulltext_index'}} HOSTNAME =3D 'localhost.local' IGNORABLE_404_URLS =3D [] INSTALLED_APPS =3D "('hyperkitty', 'postorius', 'django_mailman3', 'django.contrib.admin', 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.sites', 'django.contrib.messages', 'django.contrib.staticfiles', 'rest_framework', 'django_gravatar', 'compressor', 'haystack', 'django_extensions', 'django_q', 'allauth', 'allauth.account', 'allauth.socialaccount', 'django_mailman3.lib.auth.fedora')" INTERNAL_IPS =3D [] LANGUAGES =3D [('af', 'Afrikaans'), ('ar', 'Arabic'), ('ar-dz', 'Algerian Arabic'), ('ast', 'Asturian'), ('az', 'Azerbaijani'), ('bg', 'Bulgarian'), ('be', 'Belarusian'), ('bn', 'Bengali'), ('br', 'Breton'), ('bs', 'Bosnian'), ('ca', 'Catalan'), ('cs', 'Czech'), ('cy', 'Welsh'), ('da', 'Danish'), ('de', 'German'), ('dsb', 'Lower Sorbian'), ('el', 'Greek'), ('en', 'English'), ('en-au', 'Australian English'), ('en-gb', 'British English'), ('eo', 'Esperanto'), ('es', 'Spanish'), ('es-ar', 'Argentinian Spanish'), ('es-co', 'Colombian Spanish'), ('es-mx', 'Mexican Spanish'), ('es-ni', 'Nicaraguan Spanish'), ('es-ve', 'Venezuelan Spanish'), ('et', 'Estonian'), ('eu', 'Basque'), ('fa', 'Persian'), ('fi', 'Finnish'), ('fr', 'French'), ('fy', 'Frisian'), ('ga', 'Irish'), ('gd', 'Scottish Gaelic'), ('gl', 'Galician'), ('he', 'Hebrew'), ('hi', 'Hindi'), ('hr', 'Croatian'), ('hsb', 'Upper Sorbian'), ('hu', 'Hungarian'), ('hy', 'Armenian'), ('ia', 'Interlingua'), ('id', 'Indonesian'), ('ig', 'Igbo'), ('io', 'Ido'), ('is', 'Icelandic'), ('it', 'Italian'), ('ja', 'Japanese'), ('ka', 'Georgian'), ('kab', 'Kabyle'), ('kk', 'Kazakh'), ('km', 'Khmer'), ('kn', 'Kannada'), ('ko', 'Korean'), ('ky', 'Kyrgyz'), ('lb', 'Luxembourgish'), ('lt', 'Lithuanian'), ('lv', 'Latvian'), ('mk', 'Macedonian'), ('ml', 'Malayalam'), ('mn', 'Mongolian'), ('mr', 'Marathi'), ('my', 'Burmese'), ('nb', 'Norwegian Bokm=C3=A5l'), ('ne', 'Nepali'), ('nl', 'Dutch'), ('nn', 'Norwegian Nynorsk'), ('os', 'Ossetic'), ('pa', 'Punjabi'), ('pl', 'Polish'), ('pt', 'Portuguese'), ('pt-br', 'Brazilian Portuguese'), ('ro', 'Romanian'), ('ru', 'Russian'), ('sk', 'Slovak'), ('sl', 'Slovenian'), ('sq', 'Albanian'), ('sr', 'Serbian'), ('sr-latn', 'Serbian Latin'), ('sv', 'Swedish'), ('sw', 'Swahili'), ('ta', 'Tamil'), ('te', 'Telugu'), ('tg', 'Tajik'), ('th', 'Thai'), ('tk', 'Turkmen'), ('tr', 'Turkish'), ('tt', 'Tatar'), ('udm', 'Udmurt'), ('uk', 'Ukrainian'), ('ur', 'Urdu'), ('uz', 'Uzbek'), ('vi', 'Vietnamese'), ('zh-hans', 'Simplified Chinese'), ('zh-hant', 'Traditional Chinese')] LANGUAGES_BIDI =3D ['he', 'ar', 'ar-dz', 'fa', 'ur'] LANGUAGE_CODE =3D 'en-za' LANGUAGE_COOKIE_AGE =3D None LANGUAGE_COOKIE_DOMAIN =3D None LANGUAGE_COOKIE_HTTPONLY =3D False LANGUAGE_COOKIE_NAME =3D 'django_language' LANGUAGE_COOKIE_PATH =3D '/' LANGUAGE_COOKIE_SAMESITE =3D None LANGUAGE_COOKIE_SECURE =3D False LOCALE_PATHS =3D [] LOGGING =3D {'version': 1, 'disable_existing_loggers': False, 'filters': {'require_debug_false': {'()': 'django.utils.log.RequireDebugFalse'}}, 'handlers': {'mail_admins': {'level': 'ERROR', 'filters': ['require_debug_false'], 'class': 'django.utils.log.AdminEmailHandler'}, 'file': {'level': 'INFO', 'class': 'logging.handlers.RotatingFileHandler', 'filename': '/var/log/mailman3/web/mailman-web.log', 'formatter': 'verbose'}, 'console': {'class': 'logging.StreamHandler', 'formatter': 'simple'}}, 'loggers': {'django.request': {'handlers': ['mail_admins', 'file'], 'level': 'INFO', 'propagate': True}, 'django': {'handlers': ['file'], 'level': 'INFO', 'propagate': True}, 'hyperkitty': {'handlers': ['file'], 'level': 'INFO', 'propagate': True}, 'postorius': {'handlers': ['file'], 'level': 'INFO', 'propagate': True}}, 'formatters': {'verbose': {'format': '%(levelname)s %(asctime)s %(process)d %(name)s %(message)s'}, 'simple': {'format': '%(levelname)s %(message)s'}}} LOGGING_CONFIG =3D 'logging.config.dictConfig' LOGIN_REDIRECT_URL =3D 'list_index' LOGIN_URL =3D 'account_login' LOGOUT_REDIRECT_URL =3D None LOGOUT_URL =3D 'account_logout' MAILMAN_ARCHIVER_FROM =3D "('127.0.0.1', '::1')" MAILMAN_ARCHIVER_KEY =3D '********************' MAILMAN_REST_API_PASS =3D '********************' MAILMAN_REST_API_URL =3D '********************' MAILMAN_REST_API_USER =3D '********************' MANAGERS =3D [] MEDIA_ROOT =3D '' MEDIA_URL =3D '/' MESSAGE_STORAGE =3D 'django.contrib.messages.storage.fallback.FallbackStorage' MESSAGE_TAGS =3D {40: 'danger'} MIDDLEWARE =3D "('django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.common.CommonMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.middleware.locale.LocaleMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', 'django.middleware.security.SecurityMiddleware', 'django_mailman3.middleware.TimezoneMiddleware', 'postorius.middleware.PostoriusMiddleware')" MIGRATION_MODULES =3D {} MONTH_DAY_FORMAT =3D 'F j' NUMBER_GROUPING =3D 0 PASSWORD_HASHERS =3D '********************' PASSWORD_RESET_TIMEOUT =3D '********************' PASSWORD_RESET_TIMEOUT_DAYS =3D '********************' POSTORIUS_TEMPLATE_BASE_URL =3D 'http://localhost/mailman3/' PREPEND_WWW =3D False Q_CLUSTER =3D {'timeout': 300, 'save_limit': 100, 'orm': 'default', 'poll': 5} ROOT_URLCONF =3D 'urls' SECRET_KEY =3D '********************' SECURE_BROWSER_XSS_FILTER =3D False SECURE_CONTENT_TYPE_NOSNIFF =3D True SECURE_HSTS_INCLUDE_SUBDOMAINS =3D False SECURE_HSTS_PRELOAD =3D False SECURE_HSTS_SECONDS =3D 0 SECURE_PROXY_SSL_HEADER =3D None SECURE_REDIRECT_EXEMPT =3D [] SECURE_REFERRER_POLICY =3D 'same-origin' SECURE_SSL_HOST =3D None SECURE_SSL_REDIRECT =3D False SERVER_EMAIL =3D 'root@giesler.za.net' SESSION_CACHE_ALIAS =3D 'default' SESSION_COOKIE_AGE =3D 1209600 SESSION_COOKIE_DOMAIN =3D None SESSION_COOKIE_HTTPONLY =3D True SESSION_COOKIE_NAME =3D 'sessionid' SESSION_COOKIE_PATH =3D '/' SESSION_COOKIE_SAMESITE =3D 'Lax' SESSION_COOKIE_SECURE =3D False SESSION_ENGINE =3D 'django.contrib.sessions.backends.db' SESSION_EXPIRE_AT_BROWSER_CLOSE =3D False SESSION_FILE_PATH =3D None SESSION_SAVE_EVERY_REQUEST =3D False SESSION_SERIALIZER =3D 'django.contrib.sessions.serializers.PickleSerializer' SETTINGS_MODULE =3D 'settings' SHORT_DATETIME_FORMAT =3D 'm/d/Y P' SHORT_DATE_FORMAT =3D 'm/d/Y' SIGNING_BACKEND =3D 'django.core.signing.TimestampSigner' SILENCED_SYSTEM_CHECKS =3D [] SITE_ID =3D 1 SOCIALACCOUNT_PROVIDERS =3D {} STATICFILES_DIRS =3D '()' STATICFILES_FINDERS =3D "('django.contrib.staticfiles.finders.FileSystemFinder', 'django.contrib.staticfiles.finders.AppDirectoriesFinder', 'compressor.finders.CompressorFinder')" STATICFILES_STORAGE =3D 'django.contrib.staticfiles.storage.StaticFilesStorage' STATIC_ROOT =3D '/var/lib/mailman3/web/static' STATIC_URL =3D '/mailman3/static/' TEMPLATES =3D [{'BACKEND': 'django.template.backends.django.DjangoTemplates', 'DIRS': [], 'APP_DIRS': True, 'OPTIONS': {'context_processors': ['django.template.context_processors.debug', 'django.template.context_processors.i18n', 'django.template.context_processors.media', 'django.template.context_processors.static', 'django.template.context_processors.tz', 'django.template.context_processors.csrf', 'django.template.context_processors.request', 'django.contrib.auth.context_processors.auth', 'django.contrib.messages.context_processors.messages', 'django_mailman3.context_processors.common', 'hyperkitty.context_processors.common', 'postorius.context_processors.postorius']}}] TEST_NON_SERIALIZED_APPS =3D [] TEST_RUNNER =3D 'django.test.runner.DiscoverRunner' THOUSAND_SEPARATOR =3D ',' TIME_FORMAT =3D 'P' TIME_INPUT_FORMATS =3D ['%H:%M:%S', '%H:%M:%S.%f', '%H:%M'] TIME_ZONE =3D 'Africa/Johannesburg' USE_I18N =3D True USE_L10N =3D True USE_THOUSAND_SEPARATOR =3D False USE_TZ =3D True USE_X_FORWARDED_HOST =3D True USE_X_FORWARDED_PORT =3D False WSGI_APPLICATION =3D 'wsgi.application' X_FRAME_OPTIONS =3D 'DENY' YEAR_MONTH_FORMAT =3D 'F Y'

On Sun, Jul 28, 2024 at 4:42 PM Roland Giesler via Mailman-users < mailman-users@mailman3.org> wrote:

On 2024/07/28 15:26, Roland Giesler via Mailman-users wrote:

...

On 2024/07/28 00:39, Mark Sapiro wrote:

...

On 7/27/24 15:16, Roland Giesler via Mailman-users wrote:

...

The server runs power-mailinabox, which uses Postfix indeed. All my mail, and quite a few others' mail is sent from the using SMTP-Auth on port 465. Actually, this message is sent via that server too. So it's clear to me that MM3 is not authenticating for some reason.

What do you see in Mailman's smtp.log and in the mail.log on the mail server?

The smtp log is in syslog...

I also see this in /var/log/mailman3/web/mailman-web.log

*** Starting uWSGI 2.0.20-debian (64bit) on [Sun Jul 28 15:27:48 2024] *** compiled with version: 11.2.0 on 21 March 2022 11:00:44 os: Linux-5.15.108-1-pve #1 SMP PVE 5.15.108-2 (2023-07-20T10:06Z) nodename: mailman machine: x86_64 clock source: unix pcre jit disabled detected number of CPU cores: 1 current working directory: / detected binary path: /usr/bin/uwsgi-core setgid() to 33 setuid() to 33 chdir() to /usr/share/mailman3-web your processes number limit is 513922 your memory page size is 4096 bytes detected max file descriptor number: 1024 lock engine: pthread robust mutexes thunder lock: disabled (you can enable it with --thunder-lock) uwsgi socket 0 bound to UNIX address /run/mailman3-web/uwsgi.sock fd 4 Python version: 3.10.12 (main, Mar 22 2024, 16:50:05) [GCC 11.4.0] Python main interpreter initialized at 0x561ce813d1d0 python threads support enabled your server socket listen backlog is limited to 100 connections your mercy for graceful operations on workers is 60 seconds mapped 166752 bytes (162 KB) for 2 cores *** Operational MODE: threaded *** /usr/lib/python3/dist-packages/django_q/conf.py:139: UserWarning: Retry and timeout are misconfigured. Set retry larger than timeout, failure to do so will cause the tasks to be retriggered before completion. See https://django-q.readthedocs.io/en/latest/configure.html#retry for details. warn( WSGI app 0 (mountpoint='') ready in 5 seconds on interpreter 0x561ce813d1d0 pid: 113 (default app) *** uWSGI is running in multiple interpreter mode *** spawned uWSGI master process (pid: 113) spawned uWSGI worker 1 (pid: 339, cores: 2) [uwsgi-daemons] spawning "python3 manage.py qcluster" (uid: 33 gid: 33) /usr/lib/python3/dist-packages/django_q/conf.py:139: UserWarning: Retry and timeout are misconfigured. Set retry larger than timeout, failure to do so will cause the tasks to be retriggered before completion. See https://django-q.readthedocs.io/en/latest/configure.html#retry for details. warn( System check identified some issues:

WARNINGS: django_mailman3.MailDomain: (models.W042) Auto-created primary key used when not defining a primary key type, by default 'django.db.models.AutoField'. HINT: Configure the DEFAULT_AUTO_FIELD setting or the DjangoMailman3Config.default_auto_field attribute to point to a subclass of AutoField, e.g. 'django.db.models.BigAutoField'. django_mailman3.Profile: (models.W042) Auto-created primary key used when not defining a primary key type, by default 'django.db.models.AutoField'. HINT: Configure the DEFAULT_AUTO_FIELD setting or the DjangoMailman3Config.default_auto_field attribute to point to a subclass of AutoField, e.g. 'django.db.models.BigAutoField'. hyperkitty.Attachment: (models.W042) Auto-created primary key used when not defining a primary key type, by default 'django.db.models.AutoField'. HINT: Configure the DEFAULT_AUTO_FIELD setting or the HyperKittyConfig.default_auto_field attribute to point to a subclass of AutoField, e.g. 'django.db.models.BigAutoField'. hyperkitty.Email: (models.W042) Auto-created primary key used when not defining a primary key type, by default 'django.db.models.AutoField'. HINT: Configure the DEFAULT_AUTO_FIELD setting or the HyperKittyConfig.default_auto_field attribute to point to a subclass of AutoField, e.g. 'django.db.models.BigAutoField'. hyperkitty.Favorite: (models.W042) Auto-created primary key used when not defining a primary key type, by default 'django.db.models.AutoField'. HINT: Configure the DEFAULT_AUTO_FIELD setting or the HyperKittyConfig.default_auto_field attribute to point to a subclass of AutoField, e.g. 'django.db.models.BigAutoField'. hyperkitty.LastView: (models.W042) Auto-created primary key used when not defining a primary key type, by default 'django.db.models.AutoField'. HINT: Configure the DEFAULT_AUTO_FIELD setting or the HyperKittyConfig.default_auto_field attribute to point to a subclass of AutoField, e.g. 'django.db.models.BigAutoField'. hyperkitty.MailingList: (models.W042) Auto-created primary key used when not defining a primary key type, by default 'django.db.models.AutoField'. HINT: Configure the DEFAULT_AUTO_FIELD setting or the HyperKittyConfig.default_auto_field attribute to point to a subclass of AutoField, e.g. 'django.db.models.BigAutoField'. hyperkitty.Profile: (models.W042) Auto-created primary key used when not defining a primary key type, by default 'django.db.models.AutoField'. HINT: Configure the DEFAULT_AUTO_FIELD setting or the HyperKittyConfig.default_auto_field attribute to point to a subclass of AutoField, e.g. 'django.db.models.BigAutoField'. hyperkitty.Tag: (models.W042) Auto-created primary key used when not defining a primary key type, by default 'django.db.models.AutoField'. HINT: Configure the DEFAULT_AUTO_FIELD setting or the HyperKittyConfig.default_auto_field attribute to point to a subclass of AutoField, e.g. 'django.db.models.BigAutoField'. hyperkitty.Tagging: (models.W042) Auto-created primary key used when not defining a primary key type, by default 'django.db.models.AutoField'. HINT: Configure the DEFAULT_AUTO_FIELD setting or the HyperKittyConfig.default_auto_field attribute to point to a subclass of AutoField, e.g. 'django.db.models.BigAutoField'. hyperkitty.Thread: (models.W042) Auto-created primary key used when not defining a primary key type, by default 'django.db.models.AutoField'. HINT: Configure the DEFAULT_AUTO_FIELD setting or the HyperKittyConfig.default_auto_field attribute to point to a subclass of AutoField, e.g. 'django.db.models.BigAutoField'. hyperkitty.ThreadCategory: (models.W042) Auto-created primary key used when not defining a primary key type, by default 'django.db.models.AutoField'. HINT: Configure the DEFAULT_AUTO_FIELD setting or the HyperKittyConfig.default_auto_field attribute to point to a subclass of AutoField, e.g. 'django.db.models.BigAutoField'. hyperkitty.Vote: (models.W042) Auto-created primary key used when not defining a primary key type, by default 'django.db.models.AutoField'. HINT: Configure the DEFAULT_AUTO_FIELD setting or the HyperKittyConfig.default_auto_field attribute to point to a subclass of AutoField, e.g. 'django.db.models.BigAutoField'. postorius.EmailTemplate: (models.W042) Auto-created primary key used when not defining a primary key type, by default 'django.db.models.AutoField'. HINT: Configure the DEFAULT_AUTO_FIELD setting or the PostoriusConfig.default_auto_field attribute to point to a subclass of AutoField, e.g. 'django.db.models.BigAutoField'. 15:27:55 [Q] INFO Q Cluster low-vermont-harry-fillet starting. 15:27:55 [Q] INFO Process-1 guarding cluster low-vermont-harry-fillet 15:27:55 [Q] INFO Q Cluster low-vermont-harry-fillet running. 15:27:55 [Q] INFO Process-1:3 pushing tasks at 386 15:27:55 [Q] INFO Process-1:2 monitoring at 385 15:27:55 [Q] INFO Process-1:1 ready for work at 384

# Asynchronous tasks # https://django-q.readthedocs.io/en/latest/configure.html Q_CLUSTER = { 'name': 'mailman3-web', 'workers': 8, 'retry': 360, 'timeout': 300, 'save_limit': 100, 'orm': 'default', }

# Maintain type of autogenerated keys going forward # https://docs.djangoproject.com/en/3.2/releases/3.2/#customizing-type-of-auto... DEFAULT_AUTO_FIELD = 'django.db.models.AutoField'

-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 In an Internet failure case, the #1 suspect is a constant: DNS. "Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-) [How to ask smart questions: http://www.catb.org/~esr/faqs/smart-questions.html]

On 7/28/24 06:26, Roland Giesler via Mailman-users wrote:

On 2024/07/28 00:39, Mark Sapiro wrote:

...

What do you see in Mailman's smtp.log and in the mail.log on the mail server?

The smtp log is in syslog...

The smtp.log I refer to is Mailman's smtp.log which is in Mailman's var/logs/ directory.

I think I see what's going on here.  The mail is being sent from postorius@giesler.za.net and there is no log entry on box2.gtahardware.co.za that shows this logon attempt.  So it seems it's not going to that server, but rather to the local postfix.

A mail was sent to root on the localhost with the following content:

Return-Path: <root@giesler.za.net> X-Original-To: root@localhost Delivered-To: root@localhost Received: from mailman.fast.za.net (localhost [IPv6:::1]) by mailman.localdomain (Postfix) with ESMTP id 2174A120A5B for <root@localhost>; Sun, 28 Jul 2024 13:11:03 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Subject: [Django] ERROR (EXTERNAL IP): Internal Server Error: /accounts/login/ From: root@giesler.za.net To: root@localhost Date: Sun, 28 Jul 2024 13:11:03 -0000 Message-ID: <172217226313.2150.10895652368679013629@mailman.fast.za.net>

Internal Server Error: /accounts/login/

SMTPRecipientsRefused at /accounts/login/ {'roland@giesler.za.net': (454, b'4.7.1 <roland@giesler.za.net>: Relay acce= ss denied')}

This is mail from django-allauth, not from Mailman. Your settings in mailman.cfg do not affect how this mail is sent. See https://docs.djangoproject.com/en/5.0/topics/email/#smtp-backend for the Django settings for this.

-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan

On 2024/07/28 17:06, Mark Sapiro wrote:

On 7/28/24 06:26, Roland Giesler via Mailman-users wrote:

...

On 2024/07/28 00:39, Mark Sapiro wrote: A mail was sent to root on the localhost with the following content:

Return-Path: <root@giesler.za.net> X-Original-To: root@localhost Delivered-To: root@localhost Received: from mailman.fast.za.net (localhost [IPv6:::1]) by mailman.localdomain (Postfix) with ESMTP id 2174A120A5B for <root@localhost>; Sun, 28 Jul 2024 13:11:03 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Subject: [Django] ERROR (EXTERNAL IP): Internal Server Error: /accounts/login/ From: root@giesler.za.net To: root@localhost Date: Sun, 28 Jul 2024 13:11:03 -0000 Message-ID: <172217226313.2150.10895652368679013629@mailman.fast.za.net>

Internal Server Error: /accounts/login/

SMTPRecipientsRefused at /accounts/login/ {'roland@giesler.za.net': (454, b'4.7.1 <roland@giesler.za.net>: Relay acce= ss denied')}

This is mail from django-allauth, not from Mailman. Your settings in mailman.cfg do not affect how this mail is sent. See https://docs.djangoproject.com/en/5.0/topics/email/#smtp-backend for the Django settings for this.

These settings from the Django docs look like the ones in mailman.cfg.  Do I have to set them somewhere else too?

    SMTP backend¶
    <https://docs.djangoproject.com/en/5.0/topics/email/#smtp-backend>

/class/|backends.smtp.||EmailBackend|(/host=None/,/port=None/,/username=None/,/password=None/,/use_tls=None/,/fail_silently=False/,/use_ssl=None/,/timeout=None/,/ssl_keyfile=None/,/ssl_certfile=None/,/**kwargs/)¶ <https://docs.djangoproject.com/en/5.0/topics/email/#django.core.mail.backends.smtp.EmailBackend>

This is the default backend. Email will be sent through a SMTP server.

The value for each argument is retrieved from the matching setting
if the argument is|None|:

  * |host|:|EMAIL_HOST|
    <https://docs.djangoproject.com/en/5.0/ref/settings/#std-setting-EMAIL_HOST>
  * |port|:|EMAIL_PORT|
    <https://docs.djangoproject.com/en/5.0/ref/settings/#std-setting-EMAIL_PORT>
  * |username|:|EMAIL_HOST_USER|
    <https://docs.djangoproject.com/en/5.0/ref/settings/#std-setting-EMAIL_HOST_USER>
  * |password|:|EMAIL_HOST_PASSWORD|
    <https://docs.djangoproject.com/en/5.0/ref/settings/#std-setting-EMAIL_HOST_PASSWORD>
  * |use_tls|:|EMAIL_USE_TLS|
    <https://docs.djangoproject.com/en/5.0/ref/settings/#std-setting-EMAIL_USE_TLS>
  * |use_ssl|:|EMAIL_USE_SSL|
    <https://docs.djangoproject.com/en/5.0/ref/settings/#std-setting-EMAIL_USE_SSL>
  * |timeout|:|EMAIL_TIMEOUT|
    <https://docs.djangoproject.com/en/5.0/ref/settings/#std-setting-EMAIL_TIMEOUT>
  * |ssl_keyfile|:|EMAIL_SSL_KEYFILE|
    <https://docs.djangoproject.com/en/5.0/ref/settings/#std-setting-EMAIL_SSL_KEYFILE>
  * |ssl_certfile|:|EMAIL_SSL_CERTFILE|
    <https://docs.djangoproject.com/en/5.0/ref/settings/#std-setting-EMAIL_SSL_CERTFILE>

The SMTP backend is the default configuration inherited by Django.
If you want to specify it explicitly, put the following in your
settings:

EMAIL_BACKEND  =  "django.core.mail.backends.smtp.EmailBackend"

If unspecified, the default|timeout|will be the one provided
by|socket.getdefaulttimeout()|
<https://docs.python.org/3/library/socket.html#socket.getdefaulttimeout>,
which defaults to|None|(no timeout).

On Sun, Jul 28, 2024 at 8:35 PM Mark Sapiro <mark@msapiro.net> wrote:

On 7/28/24 09:54, Roland Giesler via Mailman-users wrote:

...

These settings from the Django docs look like the ones in mailman.cfg. Do I have to set them somewhere else too?

Yes. The settings in mailman.cfg only affect mail from Mailman. For mail from Django, you have to set things like

EMAIL_HOST = 'box2.gtahardware.co.za' EMAIL_PORT = 465 EMAIL_HOST_USER = 'roland@giesler.za.net' EMAIL_HOST_PASSWORD = '...'

and possibly others as desired, See the links to the Django docs for these.

...

  * |use_tls|:|EMAIL_USE_TLS|

<

https://docs.djangoproject.com/en/5.0/ref/settings/#std-setting-EMAIL_USE_TL...

...

  * |use_ssl|:|EMAIL_USE_SSL|

<

https://docs.djangoproject.com/en/5.0/ref/settings/#std-setting-EMAIL_USE_SS...

...

  * |timeout|:|EMAIL_TIMEOUT|

<

https://docs.djangoproject.com/en/5.0/ref/settings/#std-setting-EMAIL_TIMEOU...

...

  * |ssl_keyfile|:|EMAIL_SSL_KEYFILE|

<

https://docs.djangoproject.com/en/5.0/ref/settings/#std-setting-EMAIL_SSL_KE...

...

  * |ssl_certfile|:|EMAIL_SSL_CERTFILE|

<

https://docs.djangoproject.com/en/5.0/ref/settings/#std-setting-EMAIL_SSL_CE...

...

This all goes in your Django settings which from other posts I gather is /etc/mailman3/mailman3-web.py. I'm guessing you are using the Debian packages and that's where the package puts the Django settings.

I am following this thread out of curiosity. So I added the same lines to my /opt/mailman3/settings.py - on a virtualenv install of the latest MM3 code.It's my test VM. After adding the lines and restarting mailmanweb, I then entered the virtualenv and did 'mailman-web createsuperuser' which completed successfully, but NO MAIL! As matter of fact, there isn't even anything in the logs of the MTA running at w.kictanet.or.ke.

root@ubuntu24:/home/wash# su mailman
(venv) mailman@ubuntu24:~$ tail -n 5 /etc/mailman3/settings.py
EMAIL_HOST = 'gw.kictanet.or.ke'
EMAIL_PORT = 587
EMAIL_HOST_USER = 'mailman@gw.kictanet.or.ke'
EMAIL_HOST_PASSWORD = 'XXXXXXYYYYYYYZZZZ'

(venv) mailman@ubuntu24:~$ mailman-web createsuperuser
Username (leave blank to use 'mailman'): mm3admin1
Email address: odhiambo@outlook.com
Password:
Password (again):
Superuser created successfully.
(venv) mailman@ubuntu24:~$ tail -n 5 /opt/mailman/web/logs/mailmanweb.log
[Nothing in that file]
(venv) mailman@ubuntu24:~$ tail -n 10 /opt/mailman/mm/var/logs/mailman.log
[2024-07-29 13:41:22 +0300] [301491] [INFO] Starting gunicorn 22.0.0
[2024-07-29 13:41:22 +0300] [301491] [INFO] Listening at:
http://127.0.0.1:8001 (301491)
[2024-07-29 13:41:22 +0300] [301491] [INFO] Using worker: sync
[2024-07-29 13:41:22 +0300] [301537] [INFO] Booting worker with pid: 301537
[2024-07-29 13:41:22 +0300] [301538] [INFO] Booting worker with pid: 301538
Jul 29 13:41:23 2024 (301485) bounces runner started.
[29/Jul/2024:13:45:52 +0300] "GET /3.1/domains HTTP/1.1" 200 333 "-" "GNU
Mailman REST client v3.3.5"
[29/Jul/2024:13:45:52 +0300] "GET /3.1/domains/lists.wash.lan HTTP/1.1" 200
228 "-" "GNU Mailman REST client v3.3.5"
[29/Jul/2024:13:45:52 +0300] "GET /3.1/users/odhiambo@gmail.com HTTP/1.1"
200 395 "-" "GNU Mailman REST client v3.3.5"
[29/Jul/2024:13:45:52 +0300] "POST /3.1/lists/find HTTP/1.1" 200 503 "-"
"GNU Mailman REST client v3.3.5"



-- 
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
 In an Internet failure case, the #1 suspect is a constant: DNS.
"Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-)
[How to ask smart questions:
http://www.catb.org/~esr/faqs/smart-questions.html]

...

      * |use_tls|:|EMAIL_USE_TLS| <https://docs.djangoproject.com/en/5.0/ref/settings/#std-setting-EMAIL_USE_TLS> * |use_ssl|:|EMAIL_USE_SSL| <https://docs.djangoproject.com/en/5.0/ref/settings/#std-setting-EMAIL_USE_SSL> * |timeout|:|EMAIL_TIMEOUT| <https://docs.djangoproject.com/en/5.0/ref/settings/#std-setting-EMAIL_TIMEOUT> * |ssl_keyfile|:|EMAIL_SSL_KEYFILE| <https://docs.djangoproject.com/en/5.0/ref/settings/#std-setting-EMAIL_SSL_KEYFILE> * |ssl_certfile|:|EMAIL_SSL_CERTFILE| <https://docs.djangoproject.com/en/5.0/ref/settings/#std-setting-EMAIL_SSL_CERTFILE>

This all goes in your Django settings which from other posts I gather is /etc/mailman3/mailman3-web.py. I'm guessing you are using the Debian packages and that's where the package puts the Django settings.

I added the following to my mailman3-web.py:

EMAIL_USE_SSL = True EMAIL_HOST = 'box2.gtahardware.co.za' EMAIL_PORT = '465' EMAIL_HOST_USER = 'roland@giesler.za.net' EMAIL_HOST_PASSWORD = '<redacted>'

and fixed the "DEFAULT_FROM_EMAIL" and the signup email gets sent successfully!

However, the response URL doesn't not respond when I click it. It opens in a browser, but the processes times out.  I'm now checking why that is.

On 2024/07/29 16:52, Odhiambo Washington wrote:

On Mon, Jul 29, 2024 at 5:26 PM Roland Giesler via Mailman-users <mailman-users@mailman3.org> wrote:

I added the following to my mailman3-web.py:

EMAIL_USE_SSL = True
EMAIL_HOST = 'box2.gtahardware.co.za <http://box2.gtahardware.co.za>'
EMAIL_PORT = '465'
EMAIL_HOST_USER = 'roland@giesler.za.net'
EMAIL_HOST_PASSWORD = '<redacted>'

and fixed the "DEFAULT_FROM_EMAIL" and the signup email gets sent
successfully!

Can you please share what was logged by mailman3-web during the email-sending process?

[pid: 10018|app: 0|req: 3/3] 192.168.131.150 () {48 vars in 966 bytes} [Mon Jul 29 15:25:33 2024] GET /accounts/confirm-email/ => generated 6638 bytes in 55 msecs (HTTP/1.1 200) 7 headers in 223 bytes (1 switches on core 0) [pid: 10018|app: 0|req: 4/4] 192.168.131.150 () {44 vars in 812 bytes} [Mon Jul 29 15:27:01 2024] GET / => generated 0 bytes in 3 msecs (HTTP/1.1 301) 8 headers in 264 bytes (1 switches on core 1) [pid: 10018|app: 0|req: 5/5] 192.168.131.150 () {44 vars in 844 bytes} [Mon Jul 29 15:27:01 2024] GET /postorius/lists/ => generated 4140 bytes in 343 msecs (HTTP/1.1 200) 7 headers in 223 bytes (1 switches on core 0) [pid: 10018|app: 0|req: 6/6] 192.168.131.150 () {46 vars in 942 bytes} [Mon Jul 29 15:28:55 2024] GET /accounts/login/?next=/postorius/lists/ => generated 8947 bytes in 42 msecs (HTTP/1.1 200) 8 headers in 391 bytes (1 switches on core 1) [pid: 10018|app: 0|req: 7/7] 192.168.131.150 () {54 vars in 1104 bytes} [Mon Jul 29 15:29:07 2024] POST /accounts/login/ => generated 0 bytes in 1067 msecs (HTTP/1.1 302) 10 headers in 559 bytes (1 switches on core 0) [pid: 10018|app: 0|req: 8/8] 192.168.131.150 () {48 vars in 1132 bytes} [Mon Jul 29 15:29:08 2024] GET /accounts/confirm-email/ => generated 7190 bytes in 7 msecs (HTTP/1.1 200) 8 headers in 321 bytes (1 switches on core 1)

-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 In an Internet failure case, the #1 suspect is a constant: DNS. "Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-) [How to ask smart questions: http://www.catb.org/~esr/faqs/smart-questions.html]

On 7/29/24 12:09, Roland Giesler via Mailman-users wrote:

I must say, I'd like to make a little contribution to the documentation and the config file template.  This was far too difficult and hidden to someone wishing to set up their own couple of mailing lists with a GUI to manage them.

You are welcome to submit merge requests to the appropriate projects at https://gitlab.com/groups/mailman - we appreciate all the help we can get.

-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan

On 2024/07/29 22:45, Odhiambo Washington via Mailman-users wrote:

On Mon, Jul 29, 2024 at 10:09 PM Roland Giesler via Mailman-users < mailman-users@mailman3.org> wrote:

...

On 2024/07/29 16:26, Roland Giesler via Mailman-users wrote:

...

However, the response URL doesn't not respond when I click it. It opens in a browser, but the processes times out. I'm now checking why that is. I found out why. Firefox and Brave (Chromium) have a bug in their https redirect functionality, so one cannot disable https redirection on any site at this stage. Since I don't have the https certificates in place, I had to use Edge to be able to visit

http://192.168.161.103/accounts/confirm-email/Mg:1sYQR2:xt3_639JwJ78GW9XhrpK...

Account verified.

The actual issue is that the verification email URL is sent with HTTPS://...... You cannot blame a browser for NOT respecting the HTTPS and redirecting it to HTTP. So one has to know that their site is not secured with SSSL certs, and so change httpS:: to http:// I don't think Edge is the only one that does that. On my tests, I use VMs and Brave/Chrome/Firefox to access the link. I just change HTTPs to HTTP manually. It's a situational awareness type of thing.

My browsers do not respect it when I change https to http. I have an issue open with Firefox on this.  They change the URL back to https, so the address cannot be loaded.

I have since added Let'sEncrypt certificates to the nginx config, so now https is being accepted.