Running docker-based MM3 I get quite a few messages in mailmanweb.log:

ERROR 2018-01-19 19:09:07,467 401 hyperkitty.views.mailman Access to the archiving API endpoint was forbidden from IP 172.19.199.1, your MAILMAN_ARCHIVER_FROM setting may be misconfigured

which points to the docker host making those requests. But I have no scripts/code dunning on host to do that.

I've posted to this list earlier (see "mailman-web: ResponseNotReady" and "Getting connection refused on postfix trying to connect to mailman-core:lmtp") my woes with public vs private IPs in my setup and my "hack" was to set up docker-compose with explicit domainname and hostname:

mailman-core: domainname: my.com hostname: mailman ... networks: mailman: aliases: - mailman.my.com

where mailman.my.com is the public IP of the service.

so I think I'm in the weird state where mailman-core container starts off communication on a private docker IP and finishes it off on what it thinks is public someplace... not sure where is that coming from.

I ran a cross-ping for all containers to confirm they all see only private IPs and they do: core, web & nginx cross-pinging each-other and mailman.my.com all show private docker IPs so why would any packet be routed from external?

can I allow more than a single IP for MAILMAN_ARCHIVER_FROM ?

ITMT I've moved MAILMAN_ARCHIVER_FROM to settings_local.py and hardwired it to be 172.199.19.1 and I believe there are no errors in log files... but again - that's a lot of tiptoeing and tapdancing around the IP assignment in docker so I'm looking for input to simplify the setup.

-- Sr System and DevOps Engineer SoM IRT