Mailman3 doesn't send Mails to users (Debian12 with Plesk)
Hello,
i already send this question to the plesk-forum but it seems that nobody there can help me :-(
After updating from Debian 10 to 11 to 12, I now have mailman3 running on my server I then converted all lists from Mailman2 to Mailman3 following the instructions from mailman. I can access it via the web interface, manage everything etc. When I register on the web interface, I also receive the corresponding mails from Mailman (forgotten password...) Mails are also arriving, at least mails that are not allowed go into the mails to be approved.
The problem, however, is that it does not send out any mails, nor do they appear in the archive.
When I look in the Mailman-Log I find:
May 16 01:44:55 2024 (6833) Cannot connect to SMTP server localhost on port 25 May 16 01:48:15 2024 (61252) error opening connection to nntp_host: localhost [Errno 111] Connection refused May 16 01:48:15 2024 (61252) NNTP error for list vereinsmitglieder@ludothek.de: [Errno 111] Connection refused
The configuration of Mailman.cfg looks like this:
incoming: mailman.mta.postfix.LMTP outgoing: mailman.mta.deliver.deliver smtp_host: localhost smtp_port: 25 smtp_user: smtp_pass: lmtp_host: 127.0.0.1 lmtp_port: 8024
In Mailman manuals I find hints that the transport routes have to be added to the Postfix-config. Doesn't Debian/Plesk do this automatically?
Does anyone else have an idea what I need to change to get my mails out?
I did the conversion from mailman2 to mailman3 with root because it didn't work with "sudo -u list "m, but the files stored in the file system all belong to list, so that shouldn't be the problem.
On Fri, May 24, 2024 at 2:34 PM marcus--- via Mailman-users < mailman-users@mailman3.org> wrote:
Hello,
i already send this question to the plesk-forum but it seems that nobody there can help me :-(
After updating from Debian 10 to 11 to 12, I now have mailman3 running on my server I then converted all lists from Mailman2 to Mailman3 following the instructions from mailman. I can access it via the web interface, manage everything etc. When I register on the web interface, I also receive the corresponding mails from Mailman (forgotten password...) Mails are also arriving, at least mails that are not allowed go into the mails to be approved.
The problem, however, is that it does not send out any mails, nor do they appear in the archive.
When I look in the Mailman-Log I find:
May 16 01:44:55 2024 (6833) Cannot connect to SMTP server localhost on port 25 May 16 01:48:15 2024 (61252) error opening connection to nntp_host: localhost
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Why is it talking about NNTP_HOST here?
[Errno 111] Connection refused May 16 01:48:15 2024 (61252) NNTP error for list vereinsmitglieder@ludothek.de:
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Also here!
[Errno 111] Connection refused
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ This is okay anyway, since we do not need nntp anyways.
The configuration of Mailman.cfg looks like this:
incoming: mailman.mta.postfix.LMTP outgoing: mailman.mta.deliver.deliver smtp_host: localhost smtp_port: 25 smtp_user: smtp_pass: lmtp_host: 127.0.0.1 lmtp_port: 8024
So I assume you followed some other guide to install your MM3. You did not follow https://docs.mailman3.org/en/latest/install/virtualenv.html. Is that right? If you used the above (recommended) method of installation, you'd end up with mailman.cfg whose contents of the [mta] section would look different from what you've shown above.
Also, you'd have ended up with the following directory and files:
odhiambo@lists:/opt/mailman/mm/var/data$ pwd
/opt/mailman/mm/var/data
odhiambo@lists:/opt/mailman/mm/var/data$ ls -al
total 100
drwxr-xr-x 2 mailman mailman 4096 Mar 16 00:11 .
drwxr-xr-x 12 mailman mailman 4096 Mar 15 04:50 ..
-rw-rw---- 1 mailman mailman 359 Mar 16 00:11 postfix_domains
-rw-r----- 1 mailman mailman 12288 Mar 16 00:11 postfix_domains.db
-rw-rw---- 1 mailman mailman 26481 Mar 16 00:11 postfix_lmtp
-rw-r----- 1 mailman mailman 49152 Mar 16 00:11 postfix_lmtp.db
odhiambo@lists:/opt/mailman/mm/var/data$
Also, you'd have ended with the following (or equivalent) in your /etc/postfix/main.cf:
transport_maps =
hash:/opt/mailman/mm/var/data/postfix_lmtp
local_recipient_maps =
hash:/opt/mailman/mm/var/data/postfix_lmtp
relay_domains =
hash:/opt/mailman/mm/var/data/postfix_domains
For now, you should find where these files are and point your Postfix to them and that may solve your problem. I am no Postfix Admin and I don't know nada about Plesk.
In Mailman manuals I find hints that the transport routes have to be added to the Postfix-config. Doesn't Debian/Plesk do this automatically?
There is only one DEFINITIVE manual for Mailman3 and it is https://docs.mailman3.org/en/latest/install/virtualenv.html. It doesn't mention Plesk or cPanel :-)
Does anyone else have an idea what I need to change to get my mails out?
Yes. As I have detailed above, sin permissions issues.
I did the conversion from mailman2 to mailman3 with root because it didn't
work with "sudo -u list "m, but the files stored in the file system all belong to list, so that shouldn't be the problem.
Looks like a problem with the HOWTO that you followed. Here we're happier to help when you follow OUR HOWTO <https://docs.mailman3.org/en/latest/install/virtualenv.html> above. We're not quite enthusiastic when you follow other HOWTOs out there.
Good luck!
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 In an Internet failure case, the #1 suspect is a constant: DNS. "Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-) [How to ask smart questions: http://www.catb.org/~esr/faqs/smart-questions.html]
Hello Odhiambo,
Thank you for your solution. I assumed that Debian actually creates the most important packages and configurations with the installation via the packages. In addition, Plesk should control the rest itself, since that is exactly what it is intended for :-)
As it turned out, it was actually a rights problem, because I had made the import as root, in /var/lib/mailman3/templates the wrong rights were present :-)
Thanks anyway :-)
Marcus
Hello,
On Mon, May 27, 2024 at 06:00:15AM -0000, marcus--- via Mailman-users wrote:
Thank you for your solution. I assumed that Debian actually creates the most important packages and configurations with the installation via the packages.
Here is how I automatically install and migrate data (still testing, seems to work quite well so far) on Debian bookworm. A few things are missing from the script for clarity (it gets munin & logcheck monitoring, notably).
It assumes a few things in a templates/ directory.
I have a few aliases (such as services_*), but you get the idea.
Some stuff could be configured via debconf preseeding, but I didn't do it that way.
#! /bin/bash
set -e
services_install postfix (while read line do case $line in *=*) postconf -e "$line";; *) echo "TOSSING: $line" >&2;; esac done) <<EOF myhostname = $lists mydestination = $lists mynetworks = 127.0.0.0/8 inet_protocols = ipv4 inet_interfaces = all transport_maps = hash:/var/lib/mailman3/data/postfix_lmtp local_recipient_maps = hash:/var/lib/mailman3/data/postfix_lmtp relay_domains = hash:/var/lib/mailman3/data/postfix_domains EOF
services_do restart postfix
djangoauth=($(egrep '^djangosuperuser\s' templates/passwords/pw)) psqlauth=($(egrep '^psql\s' templates/passwords/pw)) rm -f templates/passwords/pw
services_install dbconfig-pgsql
cat > /etc/dbconfig-common/mailman3.conf <<EOF dbc_install='true' dbc_upgrade='true' dbc_remove='false' dbc_dbtype='pgsql' dbc_dbuser='${psqlauth[1]}' dbc_dbpass='${psqlauth[2]}' dbc_dbserver='ds-services-psql' dbc_dbname='mailman' dbc_dbadmin='postgres' EOF
sed < /etc/dbconfig-common/mailman3.conf
> /etc/dbconfig-common/mailman3-web.conf
"s/^dbc_dbname=.*/dbc_dbname='mailmanweb'/"
chmod 600 /etc/dbconfig-common/mailman3.conf
/etc/dbconfig-common/mailman3-web.conf
services_install mailman3-full mailman3-web
sed --in-place "s/^site_owner: .*/site_owner: ${djangoauth[1]}/"
/etc/mailman3/mailman.cfg
# work-around: SQLAlchemy no longer supports "postgres"
sed --in-place "s%^url: postgres://%url: postgresql://%"
/etc/mailman3/mailman.cfg
sed --in-place "s/.*'Mailman Suite Admin', 'root@localhost').*/('Mailman Suite Admin', '${djangoauth[1]}'),/;s/^EMAILNAME\s*=.*/EMAILNAME = '$lists'/" /etc/mailman3/mailman-web.py
# aliases mailman <-> postfix mkdir -p /var/lib/mailman3/data chown list:list /var/lib/mailman3/data for i in postfix_lmtp postfix_lmtp postfix_domains do touch /var/lib/mailman3/data/$i postmap /var/lib/mailman3/data/$i done chown list:list /var/lib/mailman3/data/postfix_*
services_do restart postfix service_enable postfix
services_install apache2
ln -s /etc/mailman3/apache.conf /etc/apache2/conf-available/mailman3.conf a2enconf mailman3
a2enmod proxy_uwsgi
service_enable apache2 services_do restart apache2
service_enable mailman3-web services_do restart mailman3-web
# fix example.com PGPASSWORD=${psqlauth[2]} psql -h ds-services-psql -U ${psqlauth[1]} mailmanweb -c "UPDATE django_site SET domain = '$lists', name = '$lists' WHERE id = 1"
# workaround required? #chgrp list /var/lib/mailman3/locks/ #chmod g+rwx /var/lib/mailman3/locks/ chgrp list /var/log/mailman3/*.log
mailman-wrapper info
env DJANGO_SUPERUSER_PASSWORD=${djangoauth[3]}
DJANGO_SUPERUSER_USERNAME=${djangoauth[2]}
DJANGO_SUPERUSER_EMAIL=${djangoauth[1]}
mailman-web createsuperuser --noinput
|| echo "django super user already exists in DB, ignored"
services_do restart mailman3
if [ 0 = 0 ]; then # permissions on ~user are restrictive mkdir /tmp/mailman cp -a templates/lists /tmp/mailman/lists
# to be generated with: scripts/get_ml.sh for i in /tmp/mailman/lists/*.pck do l=${i/*\/} l=${l/.pck} mailman-wrapper remove $l@$lists || echo "list $l does not yet exist, ignoring rm" mailman-wrapper create $l@$lists mailman-wrapper import21 --charset iso8859-1 $l@$lists $i done
# not doing that yet if [ 0 = 1 ]; then for i in /tmp/mailman/lists/*.members do l=${i/*\/} l=${l/.members} mailman-wrapper --no-welcome-msg addmembers $i $l@$lists done else echo schaefer@horus.ch | mailman-wrapper addmembers - $l@$lists fi
for i in /tmp/mailman/lists/*.mbox do l=${i/*\/} l=${l/.mbox}
/usr/share/mailman3-web/manage.py hyperkitty_import \
-l $l@$lists $idone
rm -rf /tmp/mailman
/usr/share/mailman3-web/manage.py update_index else # simple test mailman-wrapper create --notify --owner schaefer@alphanet.ch mailman-admins@$lists echo schaefer@horus.ch | mailman-wrapper addmembers - mailman-admins@$lists fi
On 5/24/24 2:18 AM, marcus--- via Mailman-users wrote:
The problem, however, is that it does not send out any mails, nor do they appear in the archive.
When I look in the Mailman-Log I find:
May 16 01:44:55 2024 (6833) Cannot connect to SMTP server localhost on port 25
This is a misleading error message. It can occur when Mailman's out runner can't read a template. You need to check ownership and permissions on mailman/templates in the code tree and Mailman's var/templates directory which probably has permissions errors from running inport21 as root. Also, if you've set any templates in Postorius, they may not be accessable if your setting for POSTORIUS_TEMPLATE_BASE_URL is not good.
May 16 01:48:15 2024 (61252) error opening connection to nntp_host: localhost [Errno 111] Connection refused May 16 01:48:15 2024 (61252) NNTP error for list vereinsmitglieder@ludothek.de: [Errno 111] Connection refused
Are you gating messages to/from usenet for this list? If so, you have to set host: and port: and maybe user: and password in the nntp section of mailman.cfg
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Mark Sapiro wrote on 2024-05-24 05:15:
Are you gating messages to/from usenet for this list?
Is nntp common enough these days to be a useful default runner?
I disabled it in mine when I noticed it, but it seems (IMHO) a waste of resources (yet another Python interpreter running) for a fairly edge case of mailing list <--> nntp transits.
rb
On 5/24/24 3:37 PM, admin@bclug.ca wrote:
Is nntp common enough these days to be a useful default runner?
I disabled it in mine when I noticed it, but it seems (IMHO) a waste of resources (yet another Python interpreter running) for a fairly edge case of mailing list <--> nntp transits.
You raise an interesting point. By default, the runner runs, but if
there are no lists gating to usenet, its queue is always empty and it
mostly sleeps between waking, finding its queue empty and going back to
sleep. A more significant use of resources is every (default) 5 minutes
spawning mailman gatenews which goes through a startup process and
then looks at every list figuring out there's nothing to do.
We could default mailman.cfg to contain start: no in the runner.nntp
section so people would need to enable it if they wanted it. What do
others think?
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
On Fri, May 24, 2024 at 11:25 PM Mark Sapiro <mark@msapiro.net> wrote:
On 5/24/24 3:37 PM, admin@bclug.ca wrote:
Is nntp common enough these days to be a useful default runner?
I disabled it in mine when I noticed it, but it seems (IMHO) a waste of resources (yet another Python interpreter running) for a fairly edge case of mailing list <--> nntp transits.
You raise an interesting point. By default, the runner runs, but if there are no lists gating to usenet, its queue is always empty and it mostly sleeps between waking, finding its queue empty and going back to sleep. A more significant use of resources is every (default) 5 minutes spawning
mailman gatenewswhich goes through a startup process and then looks at every list figuring out there's nothing to do.We could default mailman.cfg to contain
start: noin the runner.nntp section so people would need to enable it if they wanted it. What do others think?
I last heard of usenet in the late 90's. Do they still exist, even?
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 In an Internet failure case, the #1 suspect is a constant: DNS. "Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-) [How to ask smart questions: http://www.catb.org/~esr/faqs/smart-questions.html]
On 2024-05-25 11:33:14 +0300 (+0300), Odhiambo Washington wrote: [...]
I last heard of usenet in the late 90's. Do they still exist, even? [...]
Yes, and it's surprisingly usable again now that most spammers have finally forgotten it exists!
Jeremy Stanley
On 5/25/24 08:47, Jeremy Stanley wrote:
On 2024-05-25 11:33:14 +0300 (+0300), Odhiambo Washington wrote: [...]
I last heard of usenet in the late 90's. Do they still exist, even? [...]
Yes, and it's surprisingly usable again now that most spammers have finally forgotten it exists!
It's also significantly improved since Google stopped trying to make money off of it. The Usenet spam from the Google users was just unbelievable.
-Dave-- Dave McGuire, AK4HZ New Kensington, PA
Hi Mark,
On Fri, May 24, 2024 at 11:24 PM Mark Sapiro <mark@msapiro.net> wrote:
We could default mailman.cfg to contain
start: noin the runner.nntp section so people would need to enable it if they wanted it. What do others think?
I'd vote for disabling it by default and also for moving the Postorius NNTP-related settings from the "Settings - List Identity" page (the last five settings) to a separate page.
Users who are born later than my generation are sometimes confused and misinterpret those settings. Once a user set "Newsgroup moderation" to "Moderated" by mistake which implicitly made the mailing list moderated too.
Sincerely, Danil Smirnov
Hello Mark,
Thank you, that was the solution! The templates directory belonged to list but underneath everything was root, after the chown the mails all go out :-)
What I also notice is that it is not yet storing anything in the archives. Could this be a setting that has changed, or an incorrect authorization (/var/lib/mailman3/archives/ belongs to list but is empty) or is the archive creation only running via a cronjob that perhaps still needs to run?
I don't need Usenet, thanks :-)
Marcus
On 5/27/24 1:55 AM, marcus--- via Mailman-users wrote:
What I also notice is that it is not yet storing anything in the archives. Could this be a setting that has changed, or an incorrect authorization (/var/lib/mailman3/archives/ belongs to list but is empty) or is the archive creation only running via a cronjob that perhaps still needs to run?
There are two things stored in that directory If the prototype archiver is enabled, each list which has prototype checked as an Active archiver will have messages stored in maildir format in archives/prototype. If the hyperkitty archiver is configured and enabled, when mailman-hyperkitty fails to send a message to hyperkitty, it queues that message in archivers/hyperkitty/spool. If there no current failed messages, that directory will be empty, and if there have never been failures, that directory may not exist.
Enabling archivers is done in mailman.cfg similarly to
[archiver.hyperkitty]
class: mailman_hyperkitty.Archiver
enable: yes
configuration: /opt/mailman/mm/mailman-hyperkitty.cfg
[archiver.prototype]
enable: yes
I don't need Usenet, thanks :-)
Then no list should have it's Gateway to mail or Gateway to news setting = Yes. Also, you can disable nntp runner by putting
[runner.nntp]
start: no
in mailman.cfg
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Hello,
My migration from MM2 to MM3 seems near completion: I will do a few more tests and then tell the list admins to start testing.
I have a few questions:
persistence: as I can regenerate the configuration files (mailman, mailman-web, hyperkitty), is all what's useful in the DB, or are some things in /var/lib/mailman3 worth saving?
obviously messages to be moderated, hyperkitty failed messages, etc are stored there, but shall I assume that all mailing-lists configuration, all users configuration and all archives are in the DB?
I imported a list and all messages get a footer of: %(web_page_url)slistinfo/%(_internal_name)s which I guess changed between MM2 and MM3; however when I look at that list configuration in the web interface of MM3, I see no templates defined, nor any clue where this is configured: where may I change this?
is there a configuration somewhere that can allow someone to create a mailman web account ONLY if he is already referenced somewhere in a mailing-list, and not otherwise? (or to create accounts that need approvals from an admin before being usable?)
also, can a non-yet-referenced e-mail From: still subscribe to a private list (confirm+moderate) via e-mail regardless of the above?
Thank you for any pointers!
On 5/29/24 9:02 AM, Marc SCHAEFER wrote:
I have a few questions:
1) persistence: as I can regenerate the configuration files (mailman, mailman-web, hyperkitty), is all what's useful in the DB, or are some things in /var/lib/mailman3 worth saving? obviously messages to be moderated, hyperkitty failed messages, etc are stored there, but shall I assume that all mailing-lists configuration, all users configuration and all archives are in the DB?
I don't know the details of where the Debian package puts things, but there may be Postfix related files in /var/lib/mailman3/data, but yes, all mailing-lists configuration, all users configuration and all HyperKitty archives are in the DB?
2) I imported a list and all messages get a footer of: %(web_page_url)slistinfo/%(_internal_name)s which I guess changed between MM2 and MM3; however when I look at that list configuration in the web interface of MM3, I see no templates defined, nor any clue where this is configured: where may I change this?
import21 creates these templates in (I think in your case) /var/lib/mailman3/templates.
3) is there a configuration somewhere that can allow someone to create a mailman web account ONLY if he is already referenced somewhere in a mailing-list, and not otherwise? (or to create accounts that need approvals from an admin before being usable?)
No.
also, can a non-yet-referenced e-mail From: still subscribe to a private list (confirm+moderate) via e-mail regardless of the above?
Yes
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Hello,
On Wed, May 29, 2024 at 09:23:07AM -0400, Mark Sapiro wrote:
I don't know the details of where the Debian package puts things, but there may be Postfix related files in /var/lib/mailman3/data, but yes, all
Yes, exactly. Mailman3 under Debian can generate Postfix aliasesdb (it requires a manual Postfix configuration though to reference those files: I think it was already in the example deployment script I posted a few days ago).
Also, the start script of Mailman3 under Debian *seems* to systematically regenerate those files at Mailman startup, so it would probably not even be needed to restore this.
Great new!
Thank you.
On 5/29/24 9:30 AM, Marc SCHAEFER wrote:
Also, the start script of Mailman3 under Debian *seems* to systematically regenerate those files at Mailman startup, so it would probably not even be needed to restore this.
Yes, mailman start (re)generates those files. See
https://gitlab.com/mailman/mailman/-/issues/469
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Re,
On Wed, May 29, 2024 at 09:23:07AM -0400, Mark Sapiro wrote:
2) I imported a list and all messages get a footer of: %(web_page_url)slistinfo/%(_internal_name)s which I guess changed between MM2 and MM3; however when I look at that list configuration in the web interface of MM3, I see no templates defined, nor any clue where this is configured: where may I change this?import21 creates these templates in (I think in your case) /var/lib/mailman3/templates.
Yes, I used import21, and there are files there, and they contain the "web_page_url" that is the cause of the problem.
May I just modify those files, and is there any way to see, in the web GUI, where those files are referenced?
In the database itself, the template table is empty (as seen in the GUI) and I did not see the text "web_page_url" in a dump of the database, so I have some issues to understand how this is used by Mailman (except direct file access to /var/lib/mailman3/templates?)
On 5/29/24 9:48 AM, Marc SCHAEFER wrote:
May I just modify those files, and is there any way to see, in the web GUI, where those files are referenced?
Yes, you may modify them. The search algorithm for templates is described at https://gitlab.com/mailman/mailman/-/blob/master/src/mailman/utilities/i18n.... however, this is only for templates which have no entry or a mailman:/// entry in the template table in the database.
Also see https://docs.mailman3.org/projects/mailman/en/latest/src/mailman/rest/docs/t...
In the database itself, the template table is empty (as seen in the GUI) and I did not see the text "web_page_url" in a dump of the database, so I have some issues to understand how this is used by Mailman (except direct file access to /var/lib/mailman3/templates?)
It is by direct access following the search algorithm.
If you are looking at templates in Postorius, these can be created and will place the template in the postorius_emailtemplate table in the database and an entry in the templates table with a URI beginning with the POSTORIUS_TEMPLATE_BASE_URL setting to retrieve the template via the Postorius API. The Postorius template UI should show the current value for a template not yet set in Postorius, but it doesn't. See https://gitlab.com/mailman/postorius/-/issues/366.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Hello,
If someone tries to access an account multiple times with a bad password, is there anything in the Mailman3 web app to report this?
I didn't see any info about login errors in the logs I have, maybe I need to enable something?
is it possible to customize log output so that the proxified IP address is written in the log? (I use a reverse proxy)
The idea would be to trigger fail2ban & AbuseIPdb on those.
Thank you.
On 5/30/24 03:52, Marc SCHAEFER wrote:
Hello,
If someone tries to access an account multiple times with a bad password, is there anything in the Mailman3 web app to report this?
I didn't see any info about login errors in the logs I have, maybe I need to enable something?
is it possible to customize log output so that the proxified IP address is written in the log? (I use a reverse proxy)
The idea would be to trigger fail2ban & AbuseIPdb on those.
Web logins are handled by django-allauth <https://pypi.org/project/django-allauth/> This is a question for that project.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Hallo,
Am 27.05.2024 um 14:33 schrieb Mark Sapiro:
Enabling archivers is done in mailman.cfg similarly to
[archiver.hyperkitty] class: mailman_hyperkitty.Archiver enable: yes configuration: /opt/mailman/mm/mailman-hyperkitty.cfg
Thank you, archiver is now starting. Now there's another problem:
In mailman.log i'm finding:
"Jun 06 10:16:16 2024 (3556489) ACCEPT: <d3072553-2f52-4bd7-b14a-2701863812c7@***> Jun 06 10:16:17 2024 (3556492) HyperKitty failure on https://[URL]/mailman3/hyperkitty/api/mailman/urls: <html> <head><title>403 Forbidden</title></head> <body> <center><h1>403 Forbidden</h1></center> <hr><center>nginx</center> </body> </html> (403)"
in mailman-hyperkitty.cfg there is:
base_url: https://[URL]/mailman3/hyperkitty/api/mailman/urls
an in mailman-web.py
ALLOWED_HOSTS = [ #"localhost", # Archiving API from Mailman, keep it. # "lists.your-domain.org", # Add here all production URLs you may have. '*' ]
MAILMAN_ARCHIVER_FROM = '*'
(only for test, if it works i will use my domains/IPS)
If i try lynx https://[URL]/mailman3/hyperkitty/api/mailman/urls i'm getting
"The archiver key must be sent over the Authorization HTTP header." an no forbidden
What's the problem? Where i have to change something to get it working?
(I'm using plesk)
CU
-- Marcus Bautze marcus@mbautze.de
On Thu, Jun 6, 2024 at 11:28 AM Marcus Bautze via Mailman-users < mailman-users@mailman3.org> wrote:
Hallo,
Am 27.05.2024 um 14:33 schrieb Mark Sapiro:
Enabling archivers is done in mailman.cfg similarly to
[archiver.hyperkitty] class: mailman_hyperkitty.Archiver enable: yes configuration: /opt/mailman/mm/mailman-hyperkitty.cfgThank you, archiver is now starting. Now there's another problem:
In mailman.log i'm finding:
"Jun 06 10:16:16 2024 (3556489) ACCEPT: <d3072553-2f52-4bd7-b14a-2701863812c7@***> Jun 06 10:16:17 2024 (3556492) HyperKitty failure on https://[URL]/mailman3/hyperkitty/api/mailman/urls: <html> <head><title>403 Forbidden</title></head> <body> <center><h1>403 Forbidden</h1></center> <hr><center>nginx</center> </body> </html> (403)"
in mailman-hyperkitty.cfg there is:
base_url: https://[URL]/mailman3/hyperkitty/api/mailman/urls
The documentation says that mailman-hyperkitty.cfg should contain:
[general] base_url: https://[URL]/archives api_key: S0m3SecretArchiverAPIKey
In settings.py, you should have: MAILMAN_ARCHIVER_KEY = 'S0m3SecretArchiverAPIKey'
The KEY is quoted in settings.py,m but not in mailman-hyperkitty.cfg and it must be the same in both files.
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 In an Internet failure case, the #1 suspect is a constant: DNS. "Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-) [How to ask smart questions: http://www.catb.org/~esr/faqs/smart-questions.html]
Am 06.06.2024 um 10:42 schrieb Odhiambo Washington:
The documentation says that mailman-hyperkitty.cfg should contain:
[general] base_url: https://[URL]/archives api_key: S0m3SecretArchiverAPIKey
In settings.py, you should have: MAILMAN_ARCHIVER_KEY = 'S0m3SecretArchiverAPIKey'
The Keys are in mailman-hyperkitty.cfg and mailman-web.py and this are the same Keys.
I Think the error is produced from nginx :-/
the nginx.conf-file (/etc/nginx/plesk.conf.d/server.conf) says
(the [URL] ist lists.domain.tld, therefore the "lists*-section)
"server { listen [IP]:443 ssl; http2 on;
server_name lists.*;
ssl_certificate /opt/psa/var/certificates/scfwTGe5L; ssl_certificate_key /opt/psa/var/certificates/scfwTGe5L;
location / { proxy_pass https://[IP]:7081; proxy_hide_header upgrade; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } }
-- Marcus Bautze marcus@mbautze.de
On Thu, Jun 6, 2024 at 11:51 AM Marcus Bautze via Mailman-users < mailman-users@mailman3.org> wrote:
Am 06.06.2024 um 10:42 schrieb Odhiambo Washington:
The documentation says that mailman-hyperkitty.cfg should contain:
[general] base_url: https://[URL]/archives api_key: S0m3SecretArchiverAPIKey
In settings.py, you should have: MAILMAN_ARCHIVER_KEY = 'S0m3SecretArchiverAPIKey'
The Keys are in mailman-hyperkitty.cfg and mailman-web.py and this are the same Keys.
I Think the error is produced from nginx :-/
the nginx.conf-file (/etc/nginx/plesk.conf.d/server.conf) says
(the [URL] ist lists.domain.tld, therefore the "lists*-section)
"server { listen [IP]:443 ssl; http2 on;
server_name lists.*; ssl_certificate /opt/psa/var/certificates/scfwTGe5L; ssl_certificate_key /opt/psa/var/certificates/scfwTGe5L; location / { proxy_pass https://[IP]:7081; proxy_hide_header upgrade; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For$proxy_add_x_forwarded_for; } }
I see your installation is not what I am used to so I have to take two steps backwards. And my competence with nginx is quite wanting :-)
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 In an Internet failure case, the #1 suspect is a constant: DNS. "Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-) [How to ask smart questions: http://www.catb.org/~esr/faqs/smart-questions.html]
On 6/6/24 1:27 AM, Marcus Bautze via Mailman-users wrote:
in mailman-hyperkitty.cfg there is:
base_url: https://[URL]/mailman3/hyperkitty/api/mailman/urls
This is incorrect. It should be the base url to access HyperKitty up to but not including api/. I.e., if https://[URL]/mailman3/hyperkitty/api/ in a web browser gets you to a page of documentation of the api, you should have
base_url: https://[URL]/mailman3/hyperkitty/
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
participants (9)
-
admin@bclug.ca -
Danil Smirnov -
Dave McGuire -
Jeremy Stanley -
Marc SCHAEFER -
Marcus Bautze -
marcus@mbautze.de
-
Mark Sapiro -
Odhiambo Washington