Re: New releases
by Danil Smirnov
On Tue, 9 Jun 2020 at 00:05, Mark Sapiro <mark(a)msapiro.net> wrote:
> The first row of horizontal tabs is unchanged, but the `Settings` tab
> used to have a second horizontal row and now has a vertical list on the
> left.
>
Yeah Mark, thanks - now I see it :)
> After you upgraded did you run these django-admin commands?
> ```
> django-admin collectstatic --clear --noinput --verbosity 0
> django-admin compress
> django-admin compilemessages
> django-admin migrate
> ```
> These 4 commands should be run after every update to Postorius,
> HyperKitty or django_mainlman3.
>
Hm, interesting... Could you point me to some related docs please?
To upgrade, I've just bumped app versions in my Dockerfiles, built and
restarted...
Mailman-core worked right away with no issues.
Mailman-web (Hyperkitty) failed with the error:
----------
ERROR 2020-06-08 19:46:41,942 14 django.request Internal Server Error:
/hyperkitty/
Traceback (most recent call last):
File "/usr/lib/python3.6/site-packages/compressor/base.py", line 282, in
precompile
mod = import_module(mod_name)
File "/usr/lib/python3.6/importlib/__init__.py", line 126, in
import_module
return _bootstrap._gcd_import(name[level:], package, level)
File "<frozen importlib._bootstrap>", line 994, in _gcd_import
File "<frozen importlib._bootstrap>", line 971, in _find_and_load
File "<frozen importlib._bootstrap>", line 953, in _find_and_load_unlocked
ModuleNotFoundError: No module named 'sassc -t compressed {infile}
{outfile}'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File
"/usr/lib/python3.6/site-packages/django/core/handlers/exception.py", line
34, in inner
response = get_response(request)
File "/usr/lib/python3.6/site-packages/django/core/handlers/base.py",
line 115, in _get_response
response = self.process_exception_by_middleware(e, request)
File "/usr/lib/python3.6/site-packages/django/core/handlers/base.py",
line 113, in _get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/usr/lib/python3.6/site-packages/hyperkitty/views/index.py", line
118, in index
return render(request, "hyperkitty/index.html", context)
File "/usr/lib/python3.6/site-packages/django/shortcuts.py", line 36, in
render
content = loader.render_to_string(template_name, context, request,
using=using)
File "/usr/lib/python3.6/site-packages/django/template/loader.py", line
62, in render_to_string
return template.render(context, request)
File
"/usr/lib/python3.6/site-packages/django/template/backends/django.py", line
61, in render
return self.template.render(context)
File "/usr/lib/python3.6/site-packages/django/template/base.py", line
171, in render
return self._render(context)
File "/usr/lib/python3.6/site-packages/django/template/base.py", line
163, in _render
return self.nodelist.render(context)
File "/usr/lib/python3.6/site-packages/django/template/base.py", line
937, in render
bit = node.render_annotated(context)
File "/usr/lib/python3.6/site-packages/django/template/base.py", line
904, in render_annotated
return self.render(context)
File "/usr/lib/python3.6/site-packages/django/template/loader_tags.py",
line 150, in render
return compiled_parent._render(context)
File "/usr/lib/python3.6/site-packages/django/template/base.py", line
163, in _render
return self.nodelist.render(context)
File "/usr/lib/python3.6/site-packages/django/template/base.py", line
937, in render
bit = node.render_annotated(context)
File "/usr/lib/python3.6/site-packages/django/template/base.py", line
904, in render_annotated
return self.render(context)
File
"/usr/lib/python3.6/site-packages/compressor/templatetags/compress.py",
line 143, in render
return self.render_compressed(context, self.kind, self.mode,
forced=forced)
File
"/usr/lib/python3.6/site-packages/compressor/templatetags/compress.py",
line 119, in render_compressed
rendered_output = compressor.output(mode, forced=forced,
basename=file_basename)
File "/usr/lib/python3.6/site-packages/compressor/css.py", line 46, in
output
ret.append(subnode.output(*args, **kwargs))
File "/usr/lib/python3.6/site-packages/compressor/css.py", line 48, in
output
return super(CssCompressor, self).output(*args, **kwargs)
File "/usr/lib/python3.6/site-packages/compressor/base.py", line 314, in
output
output = '\n'.join(self.filter_input(forced))
File "/usr/lib/python3.6/site-packages/compressor/base.py", line 254, in
filter_input
for hunk in self.hunks(forced):
File "/usr/lib/python3.6/site-packages/compressor/base.py", line 228, in
hunks
precompiled, value = self.precompile(value, **options)
File "/usr/lib/python3.6/site-packages/compressor/base.py", line 287, in
precompile
return True, filter.input(**kwargs)
File "/usr/lib/python3.6/site-packages/compressor/filters/base.py", line
239, in input
return super(CachedCompilerFilter, self).input(**kwargs)
File "/usr/lib/python3.6/site-packages/compressor/filters/base.py", line
206, in input
raise FilterError(err)
compressor.exceptions.FilterError: Error: It's not clear which file to
import for '@import "../libs/bootstrap/stylesheets/bootstrap"'.
Candidates:
../libs/bootstrap/stylesheets/_bootstrap.scss
../libs/bootstrap/stylesheets/bootstrap.scss
Please delete or rename all but one of these files.
on line 4 of
../mailman-web-data/static/hyperkitty/sass/hyperkitty.scss
>> @import "../libs/bootstrap/stylesheets/bootstrap";
----------
I've fixed the error by removing the older file which is
/opt/mailman-web-data/static/hyperkitty/libs/bootstrap/stylesheets/_bootstrap.scss
After that everything seems to be working fine.
My best regards,
Danil Smirnov
5 years, 1 month
Re: Source Installation Assistance
by actionmystique@gmail.com
mark.van.holsteijn@gmail.com
I stumbled across the same issue as Brian Carpenter within a slightly different environment:
Ubuntu focal 20.04
PostgreSQL 12.1-1
I tried to replace the following line in ```/usr/lib/python3/dist-packages/hyperkitty/migrations/0007_allauth_20160808_1604.py``` from ```python3-django-hyperkitty``` (1.3.0-1ubuntu1):
```
cursor.execute("SELECT 1 from social_auth_usersocialauth")
```
with
```
cursor.execute("SELECT 1 from information_schema.tables where table_name ='social_auth_usersocialauth' and to_regclass('social_auth_usersocialauth') is not null")
```
then
```
python3 manage.py makemigrations
```
leads to a different issue:
```
"Traceback (most recent call last):",
" File \"/usr/lib/python3/dist-packages/django/db/backends/utils.py\", line 84, in _execute",
" return self.cursor.execute(sql, params)",
"psycopg2.errors.UndefinedTable: relation \"social_auth_usersocialauth\" does not exist",
"LINE 3: FROM social_auth_usersocialauth usa",
" ^",
"",
"",
"The above exception was the direct cause of the following exception:",
"",
"Traceback (most recent call last):",
" File \"manage.py\", line 10, in <module>",
" execute_from_command_line(sys.argv)",
" File \"/usr/lib/python3/dist-packages/django/core/management/__init__.py\", line 381, in execute_from_command_line",
" utility.execute()",
" File \"/usr/lib/python3/dist-packages/django/core/management/__init__.py\", line 375, in execute",
" self.fetch_command(subcommand).run_from_argv(self.argv)",
" File \"/usr/lib/python3/dist-packages/django/core/management/base.py\", line 323, in run_from_argv",
" self.execute(*args, **cmd_options)",
" File \"/usr/lib/python3/dist-packages/django/core/management/base.py\", line 364, in execute",
" output = self.handle(*args, **options)",
" File \"/usr/lib/python3/dist-packages/django/core/management/base.py\", line 83, in wrapped",
" res = handle_func(*args, **kwargs)",
" File \"/usr/lib/python3/dist-packages/django/core/management/commands/migrate.py\", line 234, in handle",
" fake_initial=fake_initial,",
" File \"/usr/lib/python3/dist-packages/django/db/migrations/executor.py\", line 117, in migrate",
" state = self._migrate_all_forwards(state, plan, full_plan, fake=fake, fake_initial=fake_initial)",
" File \"/usr/lib/python3/dist-packages/django/db/migrations/executor.py\", line 147, in _migrate_all_forwards",
" state = self.apply_migration(state, migration, fake=fake, fake_initial=fake_initial)",
" File \"/usr/lib/python3/dist-packages/django/db/migrations/executor.py\", line 245, in apply_migration",
" state = migration.apply(state, schema_editor)",
" File \"/usr/lib/python3/dist-packages/django/db/migrations/migration.py\", line 124, in apply",
" operation.database_forwards(self.app_label, schema_editor, old_state, project_state)",
" File \"/usr/lib/python3/dist-packages/django/db/migrations/operations/special.py\", line 190, in database_forwards",
" self.code(from_state.apps, schema_editor)",
" File \"/usr/lib/python3/dist-packages/hyperkitty/migrations/0007_allauth_20160808_1604.py\", line 43, in migrate_social_users",
" \"\"\", (provider_old,))",
" File \"/usr/lib/python3/dist-packages/django/db/backends/utils.py\", line 67, in execute",
" return self._execute_with_wrappers(sql, params, many=False, executor=self._execute)",
" File \"/usr/lib/python3/dist-packages/django/db/backends/utils.py\", line 76, in _execute_with_wrappers",
" return executor(sql, params, many, context)",
" File \"/usr/lib/python3/dist-packages/django/db/backends/utils.py\", line 84, in _execute",
" return self.cursor.execute(sql, params)",
" File \"/usr/lib/python3/dist-packages/django/db/utils.py\", line 89, in __exit__",
" raise dj_exc_value.with_traceback(traceback) from exc_value",
" File \"/usr/lib/python3/dist-packages/django/db/backends/utils.py\", line 84, in _execute",
" return self.cursor.execute(sql, params)",
"django.db.utils.ProgrammingError: relation \"social_auth_usersocialauth\" does not exist",
"LINE 3: FROM social_auth_usersocialauth usa",
" ^"
],
"stdout_lines": [
"No changes detected",
"Operations to perform:",
" Apply all migrations: account, admin, auth, contenttypes, django_mailman3, django_q, hyperkitty, postorius, sessions, sites, socialaccount",
"Running migrations:",
" Applying contenttypes.0001_initial... OK",
" Applying auth.0001_initial... OK",
" Applying account.0001_initial... OK",
" Applying account.0002_email_max_length... OK",
" Applying admin.0001_initial... OK",
" Applying admin.0002_logentry_remove_auto_add... OK",
" Applying admin.0003_logentry_add_action_flag_choices... OK",
" Applying contenttypes.0002_remove_content_type_name... OK",
" Applying auth.0002_alter_permission_name_max_length... OK",
" Applying auth.0003_alter_user_email_max_length... OK",
" Applying auth.0004_alter_user_username_opts... OK",
" Applying auth.0005_alter_user_last_login_null... OK",
" Applying auth.0006_require_contenttypes_0002... OK",
" Applying auth.0007_alter_validators_add_error_messages... OK",
" Applying auth.0008_alter_user_username_max_length... OK",
" Applying auth.0009_alter_user_last_name_max_length... OK",
" Applying auth.0010_alter_group_name_max_length... OK",
" Applying auth.0011_update_proxy_permissions... OK",
" Applying sites.0001_initial... OK",
" Applying django_mailman3.0001_initial... OK",
" Applying django_mailman3.0002_maildomain... OK",
" Applying django_q.0001_initial... OK",
" Applying django_q.0002_auto_20150630_1624... OK",
" Applying django_q.0003_auto_20150708_1326... OK",
" Applying django_q.0004_auto_20150710_1043... OK",
" Applying django_q.0005_auto_20150718_1506... OK",
" Applying django_q.0006_auto_20150805_1817... OK",
" Applying django_q.0007_ormq... OK",
" Applying django_q.0008_auto_20160224_1026... OK",
" Applying django_q.0009_auto_20171009_0915... OK",
" Applying socialaccount.0001_initial... OK",
" Applying socialaccount.0002_token_max_lengths... OK",
" Applying socialaccount.0003_extra_data_default_dict... OK",
" Applying hyperkitty.0001_initial... OK",
" Applying hyperkitty.0002_auto_20150311_0913... OK",
" Applying hyperkitty.0003_thread_starting_email... OK",
" Applying hyperkitty.0004_archived_date_and_subject... OK",
" Applying hyperkitty.0005_MailingList_list_id... OK",
" Applying hyperkitty.0006_thread_on_delete... OK",
" Applying hyperkitty.0007_allauth_20160808_1604..."
]
```
5 years, 8 months
Basic settings for a discussion list
by paul@arenson.org
Over the last 20 hours I have been trying to figure out setup for list members to sign up. One person has kindly helped out, though I am still unsure of the difference between the several signups. That thread is here and I welcome more advice.
https://lists.mailman3.org/archives/list/mailman-users@mailman3.org/thread/…
But it occurs to me that my problem is that I have not actually configured my list. So this thread is for help on that. I have found a guide for general users here: http://docs.mailman3.org/en/latest/userguide.html
But I have only found a highly technical guide for administrators here:
https://docs.mailman3.org/projects/mailmanclient/en/latest/src/mailmanclien…
It is written for coders and I am looking for a guide similar to the one for users. It seems not to exist yet.
WHAT I WANT
Discussion only list. Ideally anyone who signs up via the various ways should be able to get the archives and post via email and the interface if they want. The list should be closed to others.
In the absence of any guide, all I can do is cross check with you guys and hope I am on the right track. I am non technical, although I managed a Mailman 2 list without difficulty.
1) FIRST ANOMALY
Under https://list.tokyoprogressive.org/postorius/accounts/subscriptions/
I see myself twice:
List Name Subscription Address Delivery Mode Role
discuss.list.tokyoprogressive.org paul(a)tokyoprogressive.org None member
discuss.list.tokyoprogressive.org paul(a)tokyoprogressive.org regular owner
Is this correct? I added My name in one field somewhere and this is the result. I even got a welcome message.
I think it is because I subscribed to my own list.If this was not necessary, what should I do?
Global based preferences are listed. Address and email based ones are not showing either enabled or disabled.
2) MANAGE LISTS
For myself I have done the following in my MAILING LIST SETTINGS
Subscribe to this list
My email and name
(Maybe that is why i am listed twice)
Now I see
3) Users
For now only me- I am listed as member and owner.
There will be no other moderators or owners
I have no idea what a non member is (if they register aren't they a member?)
4) Templates
This is showing nothing at this point. Before it was. I am not sure what i did to stop it from showing. Perhaps because I made it a private list?
5) Settings
a) List identity
I have it set for NOT SHOWING on the Index page because I will link to it from my news magazine website as a way to comment on articles. Is this ok? Other data will be filled in later. I think I am confusing this with private list. I also will have no other list.
b) AUTO RESPOND LIST OWNER-- I added a short note thanking people. Respond and Continue Processing
c) AUTO RESPOND POSTER--Your message has been been received. If you are a member, it should be posted soon. Respond and Continue Processing
d) AUTO RESPOND REQUESTS--No auto response
OTHER THINGS DEFAULT
e) URL WELCOME MESSAGE--NOT SURE. I want people to subscribe themselves but I also have 500 people from another list from DADA I will import. I want them automatically be able to post. Is it possible? If so, I hope to add them manually. DO I compose a text on my website and welcome them by adding the URL, or enter it in my list?
f) NOTIFY OF MEMBERSHIP CHANGES--Yes
g) ALTER MESSAGES ---I have left most things as they are. However, as this is a discussion list, I want replies ONLY to go to the list. I chose that.
h) DMARC --I have left as is
i) DIGEST--I have left as is
6) MASS OPERATIONS--I have left as is
7) BAN--left as is
8) MESSAGE ACCEPTANCE--I have left as is
9) HEADER FILTERS--left as is
10) ARCHIVES--Private Archives (Maybe this is why templates do not show???)
11) SUBSCRIPTION POLICY--MODERATE-- I intend to send them an email to confirm their reasons for subscribing to avoid spammers.
LAST THING. My Gravity does not work. I edited it online as per instructions but it does not appear.
That is all I can think of.
Thanks in advance.
paul
5 years, 11 months
Re: how to integrate subscription into static jekyll website
by Hagen Bauer
Since I am running mailman in a docker container I thought it may be an
approach to put https://github.com/dthree/mailit along.
This seems to be used by a good amount of people and would allow me to
have a rest api just for sending the mails to mailman.
I am not a javascript specialist but currently I do not see any security
risks.
Do I miss something?
Regards
Hagen
On 10/19/18 8:05 PM, Stephen J. Turnbull wrote:
> Hagen Bauer writes:
>
> > Has anybody tried to hide the direct api access behind a nginx reverse
> > proxy url?
>
> Sounds straightforward.
>
> I doubt anybody's done it, though, because you still face the problem
> that anybody with that access is a site manager, with unclear limits
> on their power outside of Mailman. (Shouldn't be much they can do
> outside of Mailman, but I wouldn't bet my host on it.) In many cases,
> the real site manager is also the host admin, so they have sufficient
> access to a shell account. There's no need for her to have a proxy;
> why make it available to people who are supposed to have less power?
>
> Note I'm *not* saying this *never* makes sense. I'm just saying that
> in a lot of cases it won't buy you very much because Mailman isn't set
> up to provide granular authorization of REST endpoints.
>
> > on the Webseite I would have a url like this
> >
> > mailmanserver.tld/subcsribe/user(a)mail.com
> >
> > And within the nginx proxy configuration on the server this would
> > translate to
> >
> > localhost:80xx/"mailman-restapi-with-credentials"user(a)mail.com
>
> First of all, the address to subscribe is a variable, so at a bare
> minimum your nice static site has to provide a form, which isn't very
> static. I guess you could put the URL to the nginx proxy as the
> action URL in the form, but then the proxy needs to deal with a
> form-encoded query string to translate to the appropriate REST
> endpoint.
>
> I suppose you could also have the user type the URL including the
> email address into the browser address bar, but Abhilash's idea of
> providing a mailto:subscribe@mailmanserver.tld URL seems more
> convenient. The mailto URL also solves the problem of confirming
> ownership of the mailbox, since that logic is built in to the
> subscribe-by-mail code.
>
> Second, if your proxy is configured very carefully, you might be able
> to restrict this to only the exact operations you want to expose, here
> subscription. However, although the email interface implements
> verification by providing a one-time token that must be read from the
> mailbox of the address (and so proves ownership of the mailbox), I
> don't think the REST API implements operations like that. IIRC that
> is implemented in Postorius. (Abhilash?) If my memory is correct,
> you would also need to implement that, and that's definitely not static.
>
> > So the public does not see the credentials. And if my nginx host
> > config is hacked I have a problem anyway.
>
> I can't speak for Abhilash, but what would worry me is not that nginx
> is already hacked, but rather that if not properly configured, it
> might be possible for someone to access REST endpoints you don't want
> exposed through this interface, and maybe even to other parts of the
> webserver. To give a simple example, consider a variant on the
> ancient Apache traversal bug:
>
> mailmanserver.tld/subscribe/../unsubscribe/user(a)mail.com
>
> Probably nginx and/or Mailman and/or your proposed proxy config are
> already capable of stopping this particular well-known attack, but
> undoubtedly there are more sophisticated attacks that I don't know
> about.
> _______________________________________________
> Mailman-users mailing list -- mailman-users(a)mailman3.org
> To unsubscribe send an email to mailman-users-leave(a)mailman3.org
> https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/
>
6 years, 9 months
Re: Member Issue Discovered
by Brian Carpenter
On 10/20/20 11:19 PM, Mark Sapiro wrote:
> On 10/20/20 6:54 AM, Brian Carpenter wrote:
>> Respectively, I think you are asking the wrong question here. The real
>> question is why isn't a display_name being removed when a list
>> subscriber is unsubscribed.
>
> I'd like to understand the real requirement. It seems to me that this
> issue has come up because a list admin wanted to change the display name
> shown in the membership roster for a user. Since there is currently no
> UI to do this, the list admin tried to do it by unsubscribing and
> resubscribing the user. That didn't work which led to this
> "unsubscribing a user should remove the user's information" thread, but
> the real issue is the lack of a UI for changing display names. It seems
> if that UI existed and was available, the "unsubscribing a user should
> remove the user's information" issue would never have been raised.
There are two real requirements. One is to be able to do something as
easy as changing a name for a list member. I did a lot of testing with
the relationship between a name used for a subscription versus a name
used for registering via the U.I. (Postorius/Django) and it is very
confusing. I still am having a very difficult time understanding the
logic presented here for the way Mailman 3 handles user information.
The second requirement is ALL data should be removed if someone
unsubscribes from a list that is just a list member of a single list. I
feel very strongly about that. I don't really care for the reasoning
behind why the data is retained. I just think it should be removed for a
list member who has no need for an account that manages multiple email
address and is subscribed to multiple lists.
I host many single lists. So it is very important to me, and as an
advocate for my clients, I will state very clearly how important it is
to me (and my clients) regards of other user scenarios out there
(looking at you Mr. Turnbull). I care about my own.
> So perhaps what we should be talking about is UIs for changing user
> information, what they would look like and who should be able to change
> what.
That is a start and I thought I brought that up. We also need a separate
conversation on the retention of data apparently.
> Note that I personally am a member of many lists, an admin of multiple
> lists and a site admin for multiple mailman installations. I am well
> aware of the frustrations of list admins who wind up just doing it
> because it's way easier than instruction some users as to how to do it
> themselves. However, I don't think that is necessarily sufficient reason
> to hand over control of global, non-list specific user information to
> the admin of one particular list that the user happens to be a member of.
I never asked for global control for list owners. You have made that
almost a necessity with the multiple email address per user account
feature that you brought in. I don't think List owners should have
global control but server owners certainly do. But the rightful
avoidance of such control for List owners, I think has resulted in a
wrongful limiting of what they can do currently.
I so disagree with S. Turnbull's disparaging comments that I think we
ought to be designing for List owners primarily and not list
members/users when it comes to user interfaces. From what I see, it is
mostly server and list owners that are interacting with this
(mailman-user) list and not list members/users. In my experience, I
never hear from list members. Just list owners. Whatever issue list
owners have with their own list members are easily handled by them when
it comes to Mailman 2. Not so much with Mailman 3.
>
> Even in mailman 2.1, while a list admin could go to a user's options
> page for the list and change things, the "change globally" check boxes
> only worked for the user, not for the list admin.
>
--
Brian Carpenter
Harmonylists.com
Emwd.com
4 years, 9 months
Re: signup / registration error - permissions and cert chains
by David Newman
On Dec 31, 2021, at 03:43, Victoriano Giralt <victoriano(a)uma.es> wrote:
>
> El viernes, 31 de diciembre de 2021 1:48:38 (CET) David Newman escribió:
>> I'd like for regular (non-admin) list subscribers to be able to manage
>> their subscription preferences and view list archives.
>
> That's a good way to go :-)
>
> My response is more of a (very) old sysadmin and Django user (since 2008)
> hunch that a proper one based on code and documentation review, but I've been
> trying to contribute several times and always (super) Mark Sapiro beats me :-)
>
>> If I'm reading the error correctly, this is related to an inability to
>> verify the cert chain. The /etc/mailman3/settings.py file points to the
>> same cert and key files used by Nginx, Postfix, and Dovecot.
>
> You are right in your diagnose but not in your interpretation (see my comment
> below inside the traceback). It is certificate related, but not for server
> TLS, but for CLIENT authentication.
>
>
>> EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
>> EMAIL_HOST = 'localhost'
>> EMAIL_PORT = 25
>> EMAIL_HOST_USER = 'dnewman(a)networktest.com'
>> EMAIL_HOST_PASSWORD = 'wouldnt-you-like-to-know'
>> EMAIL_USE_TLS = 'True'
>> EMAIL_SSL_CERTFILE = '/etc/ssl/certs/myhost.crt'
>> EMAIL_SSL_KEYFILE = '/etc/ssl/private/myhost.key'
>
> All these settings above are used for SENDING messages and, if I'm not
> mistaken, the SSL key and cert are used for authenticating the user sending
> the email. Actually, using TLS and SMTP Auth for localhost is a bit too much.
> I've been configuring SMTP servers since 1990 and my mail servers just accept
> mail form localhost, if they are broken into, the user and password have
> already been exposed :-)
>
>> But this might only be for email, not Postorius/Django.
>
> You are right (if I also am)
>
>> What additional configuration is needed to allow regular users to create
>> and manage their own accounts?
>
> I'd say that is more what is not needed (the SMTP TLS authentication)
>
> I'll remove the "noise". These are the tell tale lines:
>
>> "/opt/mailman/venv/lib/python3.9/site-packages/django/core/mail/backends/smt
>> p.py", line 67, in open
>> self.connection.starttls(keyfile=self.ssl_keyfile,
>> certfile=self.ssl_certfile)
>
> The SMTP Django backend is trying to connect to the mail server to send the
> Mailman account confirmation message and failing, probably because the user
> Django runs as cannot open the private key (which is a very sensible thing if
> that private key is the one used for the web facing TLS certificate, I can
> tell you how bad in private or search for my name, wasd, apache and VMS ;-))
>
> That certificate is not needed for sending email from Django, and, as I said,
> not even SMTP Auth for sending via localhost. Actually, doing SMTP Auth on
> port 25 is not even recommended practice.
Hi Victoriano,
Thanks for this. I could use some clarification on what specific changes you are suggesting. I *think* you are saying to remove the EMAIL_USE_TLS stuff and also move to another port (maybe 587), but I am not sure.
Also, the reason I added the TLS in the first place was that I was getting errors without it. And I am unclear why the cert / private key pair do not work for Django when they do work OK for Postfix, Nginx, and Dovecot.
Thanks for clarifying — and happy and safe 2022 to you as well!
dn
>
> Happy, healthy, safe and well ventilated New Year to all.
>
> --
> Victoriano Giralt Innovation Director
> Digital Transformation Vicerectorate University of Malaga
> +34952131415 SPAIN
> ==================================================================
> Note: signature.asc is the electronic signature of present message
> A: Yes.
>> Q: Are you sure ?
>>> A: Because it reverses the logical flow of conversation.
>>>> Q: Why is top posting annoying in email ?
>
>
>
> _______________________________________________
> Mailman-users mailing list -- mailman-users(a)mailman3.org
> To unsubscribe send an email to mailman-users-leave(a)mailman3.org
> https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/
3 years, 7 months
Re: Getting connection refused on postfix trying to connect to mailman-core:lmtp
by Abhilash Raj
On Thu, Oct 5, 2017, at 08:56 PM, Dmitry Makovey wrote:
> On 10/05/2017 07:20 PM, Abhilash Raj wrote:
> > On Thu, Oct 5, 2017, at 05:36 PM, Dmitry Makovey wrote:
> >> On 10/05/2017 03:20 PM, Abhilash Raj wrote:
> >>> On Thu, Oct 5, 2017, at 03:08 PM, Dmitry Makovey wrote:
> >>>>
> >>>> I've got a setup where postfix runs inside one VM(container) and mailman
> >>>> runs inside another one (maxking containers). I've wired everything
> >>>> according to docs yet I'm getting:
> >>>>
> >>>> postfix/lmtp[266]: 66A72800A87: to=<somelist(a)lists.here.stanford.edu>,
> >>>> relay=none, delay=0.5, delays=0.48/0.01/0/0, dsn=4.4.1, status=deferred
> >>>> (connect to mailman-01.stanford.edu[1.2.3.4]:8024: Connection refused)
> >
> > I found this in your settings:
> >
> > [mta] lmtp_host: mailman-01.stanford.edu
> > [mta] lmtp_port: 8024
> >
> >
> > And the log message above.
> >
> > I believe that the LMTP runner died because it wasn't able to bind to
> > `mailman-01.stanford.edu`, which I am assuming is the hostname assigned
> > to the host running these containers.
> >
> > `MM_HOSTNAME` env variable in the docker containers should be something
> > that the process inside mailman-core container can bind to and can be
> > reached by postfix (which can run either on host or on another
> > container). (Now that I read it myself, I agree that the name of the
> > variable sounds not-so-intuitive.)
>
> thank you so much for the hints! I've changed docker-compose to include
> MM_HOSTNAME variable *and* made sure that for the mailman-core I've got:
>
> services:
> mailman-core:
> hostname: mailman-01
> domainname: stanford.edu
> ...
> environment:
> ...
> MM_HOSTNAME: mailman-01.stanford.edu
>
>
> that solved the issue while keeping the mentioned mailman config. Is
> that what you've had in mind? I was looking for a quick hack, but still
> would like to find out proper solution if that isn't the one.
If that is the address that can be used to reach the container from
postfix, nothing else is needed. That is the proper solution.
>
> > The default configuration (and docker-compose.yaml) sets this value to
> > the IP Address of the container (172.19.199.2), which is reachable from
> > the host. If you set this value to whatever IP the mailman-core is
> > assigned and re-create the containers (or just re-start and run `mailman
> > aliases` in mailman-core to re-generate transport_maps), it would work
> > out.
>
> if I understand above correctly that means semi-manual mangling of
> postfix aliases file which I'd rather not do.
Not exactly manual, next time you re-create the container, these aliases
should be generated correctly. I asked for re-generating aliases as
you'd have wrong ones. BUT, because `mailman-01.stanford.edu` was
actually the correct address, it probably wasn't needed.
> Using above technique
> mailman-core does generate proper aliases while binding to the
> appropriate IP. kind of icky but seems to work.
>
> >
> > Also, I see your docker-compose.yaml configuration (`MAILMAN_CORE_IP:
> > 172.19.199.2`) is not consistent with your output of `mailman
> > conf`([webservice] hostname: 172.19.199.5`). I am not sure how that
> > happened though, just wanted to point it out. This *might* cause the
> > rest runner to die to and thus Postorius/HK wouldn't work.
>
> right, some of the IPs keep on popping at me and I've got to look for
> them - I intentionally removed direct IP assignment in
> docker-compose.yaml yet I get the feeling that someplace there's another
> IP assignement I've missed.
>
> > Hope that was helpful!
>
> very much so! thanks for your quick responses - provided my existing
> deadlines I value them that much more :)
>
> --
> Sr System and DevOps Engineer SoM IRT
>
> Email had 1 attachment:
> + signature.asc
> 1k (application/pgp-signature)
--
Abhilash Raj
maxking(a)asynchronous.in
7 years, 9 months
[Mailman-Users] Listservers currently hosted with EMWD - urgent request for assistance
by Stephen J. Turnbull
Note: Reply-To set to mailman-users(a)mailman3.org. Please check that
any replies are addressed to that list, and not mailman-users(a)python.org.
Jonathan,
FWIW, I haven't heard anything. I have 3 students submitting MS/PhD
theses in less than (checks watch) 18 hours, but after that I'll see
if I can find out anything. I wouldn't bet on it, though, as I don't
think anyone here has a connection to the Carpenter family or whoever
is left of the EMWD staff. I assume you have checked the emwd.com
website?
> We have our listservers hosted with EMWD which stopped working on
> 23 December.
What does "stopped working" mean? I assume that list traffic is no
longer being forwarded to subscribers, but perhaps other services are
working. It may help if you can answer the following questions.
1. Are you using the GNU Mailman-supplied Postorius/HyperKitty
combination for administration and archiving, or EMWD's
proprietary "Harmony" (Affinity/Empathy) platform?
2. Can you see archives (if any)?
3. Can you log in to the administrative interface?
4. Is mail to the lists being returned to sender, or just
disappearing into the void?
5. You mention an automated response in a later message. Is that to
an email you sent, or from a web-based issue-tracking system?
What does it say about the current status of EMWD services, if
anything?
Regards,
Steve
> We have since found out the devastating news that
> Brian Carpenter passed away last year. Brian was really helpful
> when we moved our listservers from a legacy system to hosting on
> the EMWD platform. My sincere condolences to his family and
> friends.
>
> As we can no longer get a response from EMWD about our listserver issue I was wondering if any one else in this community could help.
>
> Many thanks.
>
> Jonathan
>
> Jonathan Ashby
> ICT Strategic Communications Project Manager
> Londonwide LMCs and Londonwide Enterprise Ltd
> Working days: Tuesday and Wednesday
> Direct dial: 020 3818 6228
> Mobile: 07768 109601
> Fax: 020 7383 7442
> Email: jonathan.ashby(a)lmc.org.uk
> Web: www.lmc.org.uk
> Twitter: @LondonwideLMCs
>
>
>
> ----------------------------
> Visit www.lmc.org.uk/coronavirus-covid-19 for the latest official resources and guidance on covid-19.
>
> Remember that you can use WhatsApp and FaceTime for online consultations as well as the usual online tools.
> 🌲 Think of the environment. Do you really need to print this email?
> This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please accept our apologies and notify the sender.
>
> The registered and office address for Londonwide Local Medical Committees Limited is: Tavistock House South, Tavistock Square, London WC1H 9LG. Registered in England No: 6391298.
>
> Londonwide Enterprise Limited is a wholly owned subsidiary of Londonwide Local Medical Committees Limited. Londonwide Enterprise Limited is registered at: Tavistock House South, Tavistock Square, London WC1H 9LG. Registered in England No. 6990874. Londonwide Enterprise Limited is registered as a Company Limited by Shares. VAT no: 130 1454 66.
>
> Londonwide Local Medical Committees Limited and Londonwide Enterprise Limited do not provide legal or financial advice and thereby excludes all liability howsoever arising in circumstances where any individual, person or entity has suffered any loss or damage arising from the use of information provided by Londonwide Local Medical Committees Limited and Londonwide Enterprise Limited in circumstances where professional legal or financial advice ought reasonably to have been obtained.
>
> Londonwide Local Medical Committees Limited and Londonwide Enterprise Limited provide guidance and support to GPs and practice teams in the Londonwide area. Additionally Londonwide Local Medical Committees Limited provides representation to GPs and practice teams in the Londonwide area. Londonwide Local Medical Committees Limited and Londonwide Enterprise Limited strongly advises individuals or practices to obtain independent legal or financial advice.
>
> ------------------------------------------------------
> Mailman-Users mailing list -- mailman-users(a)python.org
> To unsubscribe send an email to mailman-users-leave(a)python.org
> https://mail.python.org/mailman3/lists/mailman-users.python.org/
> Mailman FAQ: http://wiki.list.org/x/AgA3
> Security Policy: http://wiki.list.org/x/QIA9
> Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
> https://mail.python.org/archives/list/mailman-users@python.org/
3 years, 6 months
Re: Digests not working correctly
by Joel Lord
Now I'm on one of the lists in digest mode and I can see that it's a
mess. Periodic digests are definitely NOT working, so I'll lay that out
here.
root@host2:/# cat /etc/cron.d/mailman
# This goes in /etc/cron.d/mailman
# Replace "apache" by your webserver user ("www-data" on Debian systems) and
# set the path to the Django project directory
0 23 * * * lists /usr/local/bin/mailman digests --periodic
0 23 * * * lists /usr/local/bin/mailman notify
root@host2:/# grep digests /var/log/cron.log
Jun 11 23:00:01 host2 CRON[1632765]: (lists) CMD (/usr/local/bin/mailman
digests --periodic)
Jun 12 23:00:01 host2 CRON[2177286]: (lists) CMD (/usr/local/bin/mailman
digests --periodic)
root@host2:/home/members/directory# su - lists
lists@host2:~$ /usr/local/bin/mailman digests --periodic
lists@host2:~$ ls var/lists/<list>/
digest.mmdf
In this case I've got /usr/local/bin/mailman as a symlink to the mailman
binary inside the venv's bin directory, just for simplicity. That
digest.mmdf file is dated June 9th and clearly ought to have been
cleared out on any of the nightly runs between then and today but has
not. There are no errors anywhere I can find.
How can I try and track this down?
-Joel
On 6/4/2023 10:15 PM, Joel Lord wrote:
> The May 4th digest that went out was _also_ size-triggered, so this may
> have nothing to do with periodic digests at all, and possibly my
> periodic digests aren't working. I'm not on any of my own lists in
> digest mode, I'm slowly extracting diagnostic information out of people
> who are. Also, since this is a ~2 month cycle, it's really difficult to
> get data points to work with. I'll need to remember to go in and look
> when this settles down again (new cycle of activity started last night)
> to see if there's anything left pending.
>
> (venv) root@host2:/home/lists/mailman/venv/bin# pip freeze | grep -i hyper
> HyperKitty==1.3.7
>
> On 6/4/2023 10:05 PM, Mark Sapiro wrote:
>> On 6/4/23 18:35, Joel Lord wrote:
>>>
>>> The periodic digests do seem to be coming out. I also now have
>>> confirmation that the one message in this morning's digest that was
>>> from May 4th was also included in the last digest back on May 4th, so
>>> it seems that the one message was left behind in the digest queue
>>> when the periodic digest was sent.
>>
>> I don't see how that can happen. The process that sends a digest
>> renames the var/lists/<list-id>/digest.mmdf mailbox file in which the
>> messages are accumulated to
>> var/lists/<list-id>/digest.<volume>.<issue>.mmdf, where <volume> and
>> <issue> are the volume and issue numbers of that digest, and then
>> queues a message in the `digest` queue to tell the digest runner to
>> create the digest from the messages in that mbox and send it. Thus, it
>> leaves no var/lists/<list-id>/digest.mmdf mailbox file behind and that
>> is created anew when the next post arrives. Further, if there is a
>> non-empty digest.mmdf file, its messages should be sent no later than
>> the next 11 PM `cron digests`.
>>
>>
>>> There was one earlier message to the list back on May 4th, before the
>>> one that got duplicated, but I can't tell if that triggered a
>>> size-based digest to be sent: the logs aren't clear enough on that
>>> detail for me to tell >
>>
>> OK
>>
>>
>>> Just to inform things:
>>>
>>> (venv) lists@host2:~/mailman/venv/bin$ pip freeze | grep mailman
>>> django-mailman3==1.3.9
>>> mailman==3.3.8
>>> mailman-hyperkitty==1.2.1
>>> mailman-web==0.0.6
>>> mailmanclient==3.3.5
>>> (venv) lists@host2:~/mailman/venv/bin$ pip freeze | grep hyper
>>> mailman-hyperkitty==1.2.1
>>
>> Actually, it's HyperKitty, not hyperkitty, but I assume HyperKitty is
>> up to date as are the others.
>>
>>> (venv) lists@host2:~/mailman/venv/bin$ pip freeze | grep post
>>> postorius==1.3.8
>>>
>>>
>>
>
--
Joel Lord
2 years, 1 month
Re: [Django] ERROR (EXTERNAL IP): Service Unavailable
by dancab@caltech.edu
Thanks Mark. I ended up just restoring the database from a backup.
One last question. One more question.
I'm testing a custom footer via the template creation tool in Postorius.
However my messages aren't being delivered when I have the template activated.
If I delete the template then suddenly my message goes through.
I see the out queue folder seems to have the message stuck.
The smtp.log is just filling up with the output below.
Mar 04 11:44:33 2021 (416) IndividualDelivery to: dancab(a)systems.caltech.edu
Mar 04 11:44:33 2021 (416) Using agent: <mailman.mta.deliver.Deliver object at 0x7f49976f0710>
Mar 04 11:44:33 2021 (416) IndividualDelivery to: dancab(a)systems.caltech.edu
Mar 04 11:44:33 2021 (416) Using agent: <mailman.mta.deliver.Deliver object at 0x7f49977ea390>
Mar 04 11:44:33 2021 (416) IndividualDelivery to: dancab(a)systems.caltech.edu
Mar 04 11:44:33 2021 (416) Using agent: <mailman.mta.deliver.Deliver object at 0x7f4997895e48>
Mar 04 11:44:33 2021 (416) IndividualDelivery to: dancab(a)systems.caltech.edu
Mar 04 11:44:34 2021 (416) Using agent: <mailman.mta.deliver.Deliver object at 0x7f499770e908>
Mar 04 11:44:34 2021 (416) IndividualDelivery to: dancab(a)systems.caltech.edu
Mar 04 11:44:34 2021 (416) Using agent: <mailman.mta.deliver.Deliver object at 0x7f49978f2f28>
Mar 04 11:44:34 2021 (416) IndividualDelivery to: dancab(a)systems.caltech.edu
Mar 04 11:44:34 2021 (416) Using agent: <mailman.mta.deliver.Deliver object at 0x7f49977e8320>
Mar 04 11:44:34 2021 (416) IndividualDelivery to: dancab(a)systems.caltech.edu
Mar 04 11:44:34 2021 (416) Using agent: <mailman.mta.deliver.Deliver object at 0x7f499784c588>
Mar 04 11:44:34 2021 (416) IndividualDelivery to: dancab(a)systems.caltech.edu
Mar 04 11:44:34 2021 (416) Using agent: <mailman.mta.deliver.Deliver object at 0x7f499775c860>
Mar 04 11:44:34 2021 (416) IndividualDelivery to: dancab(a)systems.caltech.edu
Mar 04 11:44:34 2021 (416) Using agent: <mailman.mta.deliver.Deliver object at 0x7f49976f79e8>
Mar 04 11:44:34 2021 (416) IndividualDelivery to: dancab(a)systems.caltech.edu
Mar 04 11:44:34 2021 (416) Using agent: <mailman.mta.deliver.Deliver object at 0x7f499775e9e8>
Mar 04 11:44:34 2021 (416) IndividualDelivery to: dancab(a)systems.caltech.edu
Mar 04 11:44:34 2021 (416) Using agent: <mailman.mta.deliver.Deliver object at 0x7f499aa18b00>
Mar 04 11:44:34 2021 (416) IndividualDelivery to: dancab(a)systems.caltech.edu
Mar 04 11:44:34 2021 (416) Using agent: <mailman.mta.deliver.Deliver object at 0x7f499aa66ac8>
Mar 04 11:44:34 2021 (416) IndividualDelivery to: dancab(a)systems.caltech.edu
Mar 04 11:44:34 2021 (416) Using agent: <mailman.mta.deliver.Deliver object at 0x7f499784fcf8>
Mar 04 11:44:34 2021 (416) IndividualDelivery to: dancab(a)systems.caltech.edu
Mar 04 11:44:34 2021 (416) Using agent: <mailman.mta.deliver.Deliver object at 0x7f49976df080>
Mar 04 11:44:34 2021 (416) IndividualDelivery to: dancab(a)systems.caltech.edu
Mar 04 11:44:34 2021 (416) Using agent: <mailman.mta.deliver.Deliver object at 0x7f499d64d438>
Mar 04 11:44:34 2021 (416) IndividualDelivery to: dancab(a)systems.caltech.edu
Mar 04 11:44:34 2021 (416) Using agent: <mailman.mta.deliver.Deliver object at 0x7f499780b160>
Mar 04 11:44:34 2021 (416) IndividualDelivery to: dancab(a)systems.caltech.edu
Mar 04 11:44:34 2021 (416) Using agent: <mailman.mta.deliver.Deliver object at 0x7f499784c048>
Mar 04 11:44:34 2021 (416) IndividualDelivery to: dancab(a)systems.caltech.edu
Mar 04 11:44:35 2021 (416) Using agent: <mailman.mta.deliver.Deliver object at 0x7f499784ceb8>
Mar 04 11:44:35 2021 (416) IndividualDelivery to: dancab(a)systems.caltech.edu
Mar 04 11:44:35 2021 (416) Using agent: <mailman.mta.deliver.Deliver object at 0x7f49977f8828>
Mar 04 11:44:35 2021 (416) IndividualDelivery to: dancab(a)systems.caltech.edu
Mar 04 11:44:35 2021 (416) Using agent: <mailman.mta.deliver.Deliver object at 0x7f4997764160>
Mar 04 11:44:35 2021 (416) IndividualDelivery to: dancab(a)systems.caltech.edu
Mar 04 11:44:35 2021 (416) Using agent: <mailman.mta.deliver.Deliver object at 0x7f499784c2e8>
Mar 04 11:44:35 2021 (416) IndividualDelivery to: dancab(a)systems.caltech.edu
Mar 04 11:44:35 2021 (416) Using agent: <mailman.mta.deliver.Deliver object at 0x7f49978b2cc0>
Mar 04 11:44:35 2021 (416) IndividualDelivery to: dancab(a)systems.caltech.edu
Mar 04 11:44:35 2021 (416) Using agent: <mailman.mta.deliver.Deliver object at 0x7f49978d89b0>
Mar 04 11:44:35 2021 (416) IndividualDelivery to: dancab(a)systems.caltech.edu
Mar 04 11:44:35 2021 (416) Using agent: <mailman.mta.deliver.Deliver object at 0x7f4997a374e0>
Mar 04 11:44:35 2021 (416) IndividualDelivery to: dancab(a)systems.caltech.edu
Mar 04 11:44:35 2021 (416) Using agent: <mailman.mta.deliver.Deliver object at 0x7f499775c470>
Mar 04 11:44:35 2021 (416) IndividualDelivery to: dancab(a)systems.caltech.edu
Mar 04 11:44:35 2021 (416) Using agent: <mailman.mta.deliver.Deliver object at 0x7f49978d8dd8>
Mar 04 11:44:35 2021 (416) IndividualDelivery to: dancab(a)systems.caltech.edu
Mar 04 11:44:35 2021 (416) Using agent: <mailman.mta.deliver.Deliver object at 0x7f499784f9e8>
Mar 04 11:44:35 2021 (416) IndividualDelivery to: dancab(a)systems.caltech.edu
Mar 04 11:44:35 2021 (416) Using agent: <mailman.mta.deliver.Deliver object at 0x7f499784ce48>
Mar 04 11:44:35 2021 (416) IndividualDelivery to: dancab(a)systems.caltech.edu
Mar 04 11:44:35 2021 (416) Using agent: <mailman.mta.deliver.Deliver object at 0x7f499aa60860>
Mar 04 11:44:35 2021 (416) IndividualDelivery to: dancab(a)systems.caltech.edu
Mar 04 11:44:35 2021 (416) Using agent: <mailman.mta.deliver.Deliver object at 0x7f4997819e80>
Mar 04 11:44:35 2021 (416) IndividualDelivery to: dancab(a)systems.caltech.edu
4 years, 4 months