Search results for "Postorius" - Mailman-users

Re: GDPR - save subscriptions confirmation emails

by Mark Sapiro

On 06/03/2018 12:34 PM, contact(a)maadix.net wrote: > Thanks Selva for you answer. > > In my Mailman 3 installation there is no /var/log/mailman/subscribe Correct. Mailman 2.1 had a subscribe log. Mailman 3 does not. Many things are logged in the 'mailman' log, but subscription confirmations are not. > I have logs about confirmations emails in > mailman/var/logs/smtp.log > > the format is the following: > > Jun 03 13:45:27 2018 (20764) ('127.0.0.1', 40145) handling connection > Jun 03 13:45:27 2018 (20764) ('127.0.0.1', 40145) Data: b'LHLO > mails.example.com' > Jun 03 13:45:27 2018 (20764) ('127.0.0.1', 40145) Data: b'MAIL > FROM:<contact(a)maadix.net>' > Jun 03 13:45:27 2018 (20764) ('127.0.0.1', 40145) sender: > contact(a)example.net > Jun 03 13:45:27 2018 (20764) ('127.0.0.1', 40145) Data: b'RCPT > TO:<prueba-confirm+7c010b0d89513b26d72cb4642e80447a2280ac86(a)list.example.org>' > Jun 03 13:45:27 2018 (20764) ('127.0.0.1', 40145) recip: > prueba-confirm+7c010b0d89513b26d72cb4642e80447a2280ac86(a)list.example.org > Jun 03 13:45:27 2018 (20764) ('127.0.0.1', 40145) Data: b'DATA' > Jun 03 13:45:27 2018 (20764) ('127.0.0.1', 40145) Data: b'QUIT' > > So, one solution that comes to my mind is to grep this log file. > > This is not a perfect solution and the full confirmation email is still > missing. > > I am not sure if this would be GDPR compliant. Also, while I don't think it is currently possible to confirm a subscription via REST, not to mention Postorius, it may be in the future and this would bypass email all together. I think the best thing is to implement logging. Of course, you might be able to get your MTA to save all mail to the LIST-confirm address to a separate mailbox in addition to delivering it to Mailman. -- Mark Sapiro <mark(a)msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan

7 years

Re: problem configuring mailman3 on debian bullseye

by Odhiambo Washington

On Wed, Mar 15, 2023 at 6:21 PM Servizio Informatico U.I.C.I. Sezione territoriale di Brescia <servizioinformatico(a)uicibrescia.it> wrote: > Hello all, > > I'm a blind server administrator living in Italy. I use mailman since > 2010 and I was very happy for this list manager. > > When was released the version 3 I started to have many problems to > configure it. > > In this days I installed a new server for my association and I have this > problem that I don't know to solve. > > The server is a debian bullseye. > > I installed mailman3-full from the standard packege. > > I'm using nginx as web server. > > I configured mailman3 and mailman3-web wit https support. > > All is working fine, but if I attempt to subscribe someone it does not > work. > > I send a subscription e-mail to the address list and I receive correctly > the request to confirm subscription. When I reply to the request mailman > log gives this error: > > requests.exceptions.SSLError: HTTPSConnectionPool(host='localhost', > port=443): Max retries exceeded with url: > /postorius/api/templates/list/listname.domain/list:user:notice:welcome > (Caused by SSLError(SSLCertVerificationError("hostname 'localhost' > doesn't match either of 'example.com', 'www.example.com'"))) > > The strange thing is that I configured a domain list.example.com and in > the configuration files I put this domain. > > Mailman3-web works fine I can create lists and make settings. > > Have you an idea about this issue? > Assuming that you created this template - list:user:notice:welcome - what are its contents? -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-)

2 years, 2 months

SMTPAuthenticationError at /accounts/login/

by Stephen J. Turnbull

mmasoudf(a)aaas.org writes: > I have setup the stack according to: > Mailman Suite Documentation. Release 3.3 PDF file. > I configured > EMAIL_HOST_USER and > EMAIL_HOST_PASSWORD > in Django settings.py. I could not find the place that I might > configure it for Postfix I think it helps to start thinking about it from the other end. That is, Postfix is the mail server for all users on a multiuser system. Therefore in "normal" configurations it will use the authentication mechanisms provided by the host operating system.[1] You need to have a user for Mailman in any case, typically called "mailman" or "list".[2] Once you've configured a user for Mailman on the Postfix side, you use that user and authentication data for Mailman core, Postorius, and HyperKitty to send mail via Postfix. > I am running the site on AWS and to be able to use AWS mail-servers > I have to define following parameter for AWS: > smtp_sasl_password_maps which points to a hash for AWS 'ACCESS KEY > ID' and 'SECRET ACCESS KEY' I don't think that has anything to do with the Mailman-to-Postfix side of things; that's for Postfix to send to AWS's mail exchanger (aka MX). Steve Footnotes: [1] It may also be possible to create Postfix-only "virtual" users who have no existence as far as the OS is concerned, but I don't know anything about that. [2] I haven't thought carefully about whether using Mailman's user in Django would be a security risk, but as long as it only has access to Mailman I don't see how it can do more harm than Mailman itself can, and I don't see why it would be more subject to exploitation than Mailman itself is. Anybody with security chops who wants to weigh in, please do.

5 years, 1 month

Re: Could not locate column in row for column 'user.id'

by Shashikanth Komandoor

Hi Mark, Thank you for your response. And sorry for not giving you complete information as I am not sue what to share with you. I am using Postgresql-11.7 as my backend database. The below is the structure of the address table in* mailman *database: mailman=# \d address; Table "public.address" Column | Type | Collation | Nullable | Default ----------------+-----------------------------+-----------+----------+------------------------------------- id | integer | | not null | nextval('address_id_seq'::regclass) email | character varying | | | _original | character varying | | | display_name | character varying | | | verified_on | timestamp without time zone | | | registered_on | timestamp without time zone | | | user_id | integer | | | preferences_id | integer | | | Indexes: "address_pkey" PRIMARY KEY, btree (id) "ix_address_email" UNIQUE, btree (email) "ix_address_preferences_id" btree (preferences_id) "ix_address_user_id" btree (user_id) Foreign-key constraints: "address_preferences_id_fkey" FOREIGN KEY (preferences_id) REFERENCES preferences(id) "address_user_id_fkey" FOREIGN KEY (user_id) REFERENCES "user"(id) Referenced by: TABLE ""user"" CONSTRAINT "_preferred_address" FOREIGN KEY (_preferred_address_id) REFERENCES address(id) ON DELETE SET NULL TABLE "autoresponserecord" CONSTRAINT "autoresponserecord_address_id_fkey" FOREIGN KEY (address_id) REFERENCES address(id) TABLE "member" CONSTRAINT "member_address_id_fkey" FOREIGN KEY (address_id) REFERENCES address(id) TABLE "onelastdigest" CONSTRAINT "onelastdigest_address_id_fkey" FOREIGN KEY (address_id) REFERENCES address(id) The below is the structure of *user* table: mailman=# \d user; Table "public.user" Column | Type | Collation | Nullable | Default -----------------------+-----------------------------+-----------+----------+---------------------------------- id | integer | | not null | nextval('user_id_seq'::regclass) display_name | character varying | | | password | character varying | | | _user_id | uuid | | | _created_on | timestamp without time zone | | | is_server_owner | boolean | | | _preferred_address_id | integer | | | preferences_id | integer | | | Indexes: "user_pkey" PRIMARY KEY, btree (id) "ix_user__user_id" btree (_user_id) "ix_user_preferences_id" btree (preferences_id) Foreign-key constraints: "_preferred_address" FOREIGN KEY (_preferred_address_id) REFERENCES address(id) ON DELETE SET NULL "user_preferences_id_fkey" FOREIGN KEY (preferences_id) REFERENCES preferences(id) Referenced by: TABLE "address" CONSTRAINT "address_user_id_fkey" FOREIGN KEY (user_id) REFERENCES "user"(id) TABLE "domain_owner" CONSTRAINT "domain_owner_user_id_fkey" FOREIGN KEY (user_id) REFERENCES "user"(id) TABLE "member" CONSTRAINT "member_user_id_fkey" FOREIGN KEY (user_id) REFERENCES "user"(id) mailman=# \dn List of schemas Name | Owner --------+---------- public | postgres (1 row) mailman=# select * from user; user ---------- postgres (1 row) *The above command output is not showing any fields. But if use the table as public.user (schema.tablename) with select command, it is showing the data. But without schema name this table is not showing those fields. Not sure if this the expected behavior or not.* I have not done any changes. Few days back I made DR machine up as I am taking primary into maintenance. The entire database was running streaming replication and I even kept the /var/lib/mailman directory in sync where all the components are installed. Please let me know if any more things I need to share. On Mon, Jul 27, 2020 at 7:45 AM Mark Sapiro <mark(a)msapiro.net> wrote: > On 7/26/20 10:56 AM, Shashikanth Komandoor wrote: > > Hi Team, > > > > I am currently running Mailman 3 with version 3.3.1 and in built > postfix > > version 2.10.1-6 on RHEL 7.5 in production environment from the past 2 > > months almost. > > > > From the past few days, I found my server is responding to the users > > very slowly and throwing the Server Error page (of course getting the > > required page after multiple refreshes) for almost every click on the > > postorius pages (not yet observed on hyperkitty front end which in fact > is > > not so important for me as of now). > > > > During that time, I observed in the mailman.log an error message > saying > > "Could not locate column in row for column 'user.id'". The complete > > traceback log is attached with the mail. The error message is generated > for > > almost all the lists and all the clicks. > > > I don't understand what's going on. I suspect some kind of database > corruption, but I don't know what. > > The traceback indicates Mailman is getting the Members of a list and in > this process is trying to get the display_name for a member. The > member's subscriber attribute doesn't have a display_name so it is > trying to get is from the member's user attribute so it is trying to get > the user record for the member's email address via > IUserManager.get_user(). This in turn gets the Address record for the > email address and returns it's user attribute. > > This leads to the > > sqlalchemy.exc.NoSuchColumnError: "Could not locate column in row for > column 'user.id'" > > error which I don't understand. There is no table with a 'user.id' > column. user.id refers to the id column in the user table which comes > from the user_id column in the address table which should be a reference > to the id column in the user table, not a reference to ay 'user.id' > column. > > What is your backend database and what is the structure of the address > table in that database. Have you done any kind of direct database query > that might have affected this? > > -- > Mark Sapiro <mark(a)msapiro.net> The highway is for gamblers, > San Francisco Bay Area, California better use your sense - B. Dylan > _______________________________________________ > Mailman-users mailing list -- mailman-users(a)mailman3.org > To unsubscribe send an email to mailman-users-leave(a)mailman3.org > https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/ > -- Thanks & Regards, Shashi Kanth.K 9052671936

4 years, 10 months

Re: Add old email address

by Quanah Gibson-Mount

--On Friday, March 13, 2020 4:18 PM +0900 "Stephen J. Turnbull" <turnbull.stephen.fw(a)u.tsukuba.ac.jp> wrote: > You can certainly add extra addresses to a Mailman 3 user (I don't > know offhand whether/how an admin can do it through Postorius, but the > core database certainly has that facility and the REST API allows it). I was able to resolve this via the Django admin interface. > However, this doesn't have the same semantics as in Mailman 2 because > Mailman 2 doesn't have users at all. So as an admin how do you know > which addresses correspond to particular users? More generally, what > do you mean by "associate with an account", and why do you want to do > it? > > Normally I would not ask the latter question, it's your business why > you want to do it. But here I'm trying to get at what semantics you > want. If I were going to do this for the kind of purposes I can > imagine, it would be a matter of informing the users that this feature > is available, and I'd ask the users to do it if they care. It seems > you have some project goal in mind though. Because I've been a member of the project for close to 20 years, and the email addresses I've had over that time have changed in relation to the jobs I've had. Same deal for other long time members of the project. By adding addresses I no longer have to my account and marking them verified, I can easily associate nearly 20 years of postings that I've made with myself when I look at the archives. --Quanah -- Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: <http://www.symas.com>

5 years, 2 months

Re: using SSH/TLS with external MTA

by Mark Sapiro

On 7/28/24 06:26, Roland Giesler via Mailman-users wrote: > On 2024/07/28 00:39, Mark Sapiro wrote: >> >> What do you see in Mailman's smtp.log and in the mail.log on the mail >> server? > > The smtp log is in syslog... The smtp.log I refer to is Mailman's smtp.log which is in Mailman's var/logs/ directory. > I think I see what's going on here. The mail is being sent from > postorius(a)giesler.za.net and there is no log entry on > box2.gtahardware.co.za that shows this logon attempt. So it seems it's > not going to that server, but rather to the local postfix. > > A mail was sent to root on the localhost with the following content: > > Return-Path: <root(a)giesler.za.net> > X-Original-To: root@localhost > Delivered-To: root@localhost > Received: from mailman.fast.za.net (localhost [IPv6:::1]) > by mailman.localdomain (Postfix) with ESMTP id 2174A120A5B > for <root@localhost>; Sun, 28 Jul 2024 13:11:03 +0000 (UTC) > Content-Type: text/plain; charset="utf-8" > MIME-Version: 1.0 > Content-Transfer-Encoding: quoted-printable > Subject: [Django] ERROR (EXTERNAL IP): Internal Server Error: > /accounts/login/ > From: root(a)giesler.za.net > To: root@localhost > Date: Sun, 28 Jul 2024 13:11:03 -0000 > Message-ID: <172217226313.2150.10895652368679013629(a)mailman.fast.za.net> > > Internal Server Error: /accounts/login/ > > SMTPRecipientsRefused at /accounts/login/ > {'roland(a)giesler.za.net': (454, b'4.7.1 <roland(a)giesler.za.net>: Relay > acce= > ss denied')} This is mail from django-allauth, not from Mailman. Your settings in mailman.cfg do not affect how this mail is sent. See https://docs.djangoproject.com/en/5.0/topics/email/#smtp-backend for the Django settings for this. -- Mark Sapiro <mark(a)msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan

10 months, 1 week

Re: Problem updating mailman

by Brian Carpenter

Mark Sapiro wrote: > On 1/24/21 1:03 AM, Odhiambo Washington wrote: > > I uninstalled rubygem-sass from the OS. I don't > > remember consciously > > installing that because it was never in the guide I followed (which is your > > own writeup). > > But I still have a problem: > > (venv) [mailman3@gw ~/mm]$ /opt/mailman/mm/bin/mailman-post-update > > > > '[' False == False ']' > > mkdir -p /opt/mailman/mm/static > > /opt/mailman/mm/bin/django-admin collectstatic --clear --noinput > > --verbosity 0 > > /opt/mailman/mm/bin/django-admin compress > > CommandError: An error occurred during rendering > > /opt/mailman/mm/venv/lib/python3.7/site-packages/django_mailman3-1.3.5-py3.7.egg/django_mailman3/templates/socialaccount/signup.html: > > /bin/sh: sass: not found > > > > You can't just uninstall rubygem-sass. You have to replace it. Here's > one recipe for Ubuntu > cd /usr/local/lib > # See https://github.com/sass/dart-sass/releases/tag/1.32.5 for the > # appropriate version. > wget > https://github.com/sass/dart-sass/releases/download/1.32.5/dart-sass-1.32.5-... > sudo tar -xf dart-sass-1.32.5-linux-x64.tar.gz > sudo chmod -R o-w dart-sass > sudo ln -s dart-sass/sass /usr/local/bin/sass > rm dart-sass-1.32.5-linux-x64.tar.gz > Then you should see the command > sass --version > prints > 1.32.5 > Then, because dart-sass doesn't recognize the short form -t option for > --style, you have to edit your settings(_local).py and change > COMPRESS_PRECOMPILERS = ( > ('text/x-scss', 'sass -t compressed {infile} {outfile}'), > ('text/x-sass', 'sass -t compressed {infile} {outfile}'), > ) > to > COMPRESS_PRECOMPILERS = ( > ('text/x-scss', 'sass --style compressed {infile} {outfile}'), > ('text/x-sass', 'sass --style compressed {infile} {outfile}'), > ) I had to do a new installation of Mailman 3 with Postorius/Hyperkitty today and these directions were very helpful. Thank you, Mark.

4 years, 4 months

Re: Template for Password Reset Email

by Mark

On 2024-11-18 01:38, Mark Sapiro wrote: > On 11/17/24 16:57, Mark wrote: >> >> I can see the French text for the "Password Reset Email" in the >> django.po file. And running the compilemessages command reports the >> "django.po" for French is okay and up to date. Should I be recompiling >> the ".mo" file? > > No, It's fine. The issue is the language context for this message has > nothing to do with any Mailman list's preferred language. > > Again, see > https://docs.djangoproject.com/en/5.1/topics/i18n/translation/#how-django-d… > > If all the lists on your server are French, you could set > > LANGUAGE_CODE = 'fr' > > in your Django settings. Otherwise, the user's browser has to include > an Accept-Language: header specifying French as the most preferred > language in it's request. > > Also note the ordering of SessionMiddleware, LocaleMiddleware and > CommonMiddleware in the above doc. I have recently updated the various > places where we suggest or supply MIDDLEWARE settings, but you may > find that your settings have LocaleMiddleware after CommonMiddleware > and you should fix that. It's just the one list that is using French. Others are in English I've edited the order of the middleware settings in this file ... /opt/mailman/venv/lib/python3.11/site-packages/mailman_web/settings/base.py I reordered as below, restarted everything but no joy :-( ... at Line 76 ... MIDDLEWARE = ( 'allauth.account.middleware.AccountMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.middleware.locale.LocaleMiddleware', 'django.middleware.common.CommonMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', 'django.middleware.security.SecurityMiddleware', 'django_mailman3.middleware.TimezoneMiddleware', 'postorius.middleware.PostoriusMiddleware', ) ... I'm thinking this is not the file I'm looking for. Apologies for my cluelessness here.

6 months, 3 weeks

Can creating too many Django accounts crash Mailman3 server?

by Stephen J. Turnbull

Mohsen Masoudfar writes: > It seems anybody can go to the site: > https://LISTSERVNAME/mailman3/postorius/lists/ > and click on the [Sign up] on the top-right corner and create an > account. Yes. > This can easily be automated, even though the next step, confirming > the email address, being ignored. I believe it can be used as a > target for a DOS attack by creating so many accounts, that > eventually causes an 'out of space' error. > > Is this a justified concern? "Justified" depends on who you think the attacker is. Theoretically it's a real possibility, but the space used by an unverified account is not large. I suspect there are always much more painful DoS attacks to worry about. > Is there a way to manage this feature in a secure way? In some sense, I don't think there is. The point of the feature is to allow anybody to sign up without authentication beyond having a usable email address. Either you allow the DoS attack or anything you do is likely to deny service to legitimate users. Brian's approach (cron job purging unverified users) is generally good hygiene, but I don't think it would do much against an deliberate attack. And it shouldn't be hard to automate the confirmation process. I guess you could handle that by purging accounts with no subscriptions or other roles on any lists, but that might annoy a few legitimate users. Probably the best you could do for an open server would be to throttle user creation to say 1 per minute (adjustable to the scale of your site). I don't know if there is currently a way to require admin approval for account creation (as opposed to list subscription). Perhaps we should add that if we don't have it. Steve

4 years, 8 months

Ansible role to install Mailman3

by samuel.d.darwin＠gmail.com

Hi, Before installing the Mailman Suite, I searched on https://galaxy.ansible.com/ for Ansible roles that might automate the whole process. https://github.com/galaxyproject/ansible-mailman3 turned out to be quite good. However, it was slightly out-of-date. I cloned it, made a few bug fixes, and corrected linting errors. Then, going further, added optional basic installations of Nginx, Postfix, PostgreSQL into the role. If anyone is installing Mailman they are welcome to try it out. https://github.com/cppalliance/ansible-mailman3 Now, I see there was a discussion on this very list about https://github.com/rivimey/ansible-mailman3 which was also a fork of natefoo's repo. What are the differences? As Stephen Turnbull wrote: "her (rivimey's) setup may be more complicated than most folks need (IIRC, she has a multi-homed setup with Mailman core, Postorius, and HyperKitty on three separate IPs on a separate subnet in the DMZ, while Mailman was really designed for three Mailman applications running on the same host, along with the database server and MTA)." My version of the role didn't follow the tactic of "three separate IPs on a separate subnet in the DMZ". Mainly, it adds postfix and postgres. Fixes small errors. Also, in a git branch of the repository named mailman3-core, I removed all the web code, so there is a version of the role that only installs core. We will use that while bundling the web components into another Django app, already deployed with docker. There is an open question about maintenance. Among the three roles mentioned here, which is being actively kept up-to-date? Perhaps there are no guarantees from any of them. At this instant in time, https://github.com/cppalliance/ansible-mailman3 is the most recent. Would it make sense to mention these roles in the official documentation? Not sure. Installing mailman3 is complicated and because of that, is a good fit for Ansible.

1 year, 10 months

Mailman-users search results for query "Postorius"