Re: Reg Archive Inactive Status
by Nirmal J
DNS Report for that list1.iitm.ac.in is 10.24.5.52
-----Original Message-----
From: Nirmal <nirmal(a)iitm.ac.in>
To: Nirmal <nirmal(a)iitm.ac.in>
Cc: Stephen <steve(a)turnbull.jp>; mailman-users <mailman-users(a)mailman3.org>
Date: Friday, 26 September 2025 3:28 PM IST
Subject: Re: [MM3-users] Re: Reg Archive Inactive Status
Yes I have it. I am also sharing that also settings_local.py file
# This file is imported by the Mailman Suite. It is used to override
# the default settings from /usr/share/mailman3-web/settings.py.
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = 'vWzgIJ1Hvjgy4yXJz7l71vpxX6+pJcBLMdv8mWNNAd0ajVr1'
ADMINS = (
('Mailman Suite Admin', 'nirmal(a)iitm.ac.in'),
)
# Hosts/domain names that are valid for this site; required if DEBUG is False
# See https://docs.djangoproject.com/en/1.8/ref/settings/#allowed-hosts
# Set to '*' per default in the Deian package to allow all hostnames. Mailman3
# is meant to run behind a webserver reverse proxy anyway.
ALLOWED_HOSTS = [
#"localhost", # Archiving API from Mailman, keep it.
# "lists.your-domain.org",
# Add here all production URLs you may have.
'*'
]
# Mailman API credentials
MAILMAN_REST_API_URL = 'http://localhost:8001'
MAILMAN_REST_API_USER = 'restadmin'
MAILMAN_REST_API_PASS = '/EqNGU+Mj8udFpw4ueIkhWXzAy3kJIy17wwzChrXb3P8Vh4e'
MAILMAN_ARCHIVER_KEY = 'n/ZZnR5bRgNdUEyNK4p731C1+gWJLw0/'
MAILMAN_ARCHIVER_FROM = ('127.0.0.1', '::1', '10.24.5.52')
# Application definition
INSTALLED_APPS = (
'hyperkitty',
'postorius',
'django_mailman3',
# Uncomment the next line to enable the admin:
'django.contrib.admin',
# Uncomment the next line to enable admin documentation:
# 'django.contrib.admindocs',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.sites',
'django.contrib.messages',
'django.contrib.staticfiles',
'rest_framework',
'django_gravatar',
'compressor', 'haystack',
'django_extensions',
'django_q',
'allauth',
'allauth.account',
'allauth.socialaccount',
'django_mailman3.lib.auth.fedora',
#'allauth.socialaccount.providers.openid',
#'allauth.socialaccount.providers.github',
#'allauth.socialaccount.providers.gitlab',
#'allauth.socialaccount.providers.google',
#'allauth.socialaccount.providers.facebook',
#'allauth.socialaccount.providers.twitter',
#'allauth.socialaccount.providers.stackexchange',
)
# Database
# https://docs.djangoproject.com/en/1.8/ref/settings/#databases
DATABASES = {
'default': {
# Use 'sqlite3', 'postgresql_psycopg2', 'mysql', 'sqlite3' or 'oracle'.
'ENGINE': 'django.db.backends.sqlite3',
#'ENGINE': 'django.db.backends.postgresql_psycopg2',
#'ENGINE': 'django.db.backends.mysql',
# DB name or path to database file if using sqlite3.
'NAME': '/var/lib/mailman3/web/mailman3web.db',
# The following settings are not used with sqlite3:
'USER': '',
'PASSWORD': '',
# HOST: empty for localhost through domain sockets or '127.0.0.1' for
# localhost through TCP.
'HOST': '',
# PORT: set to empty string for default.
'PORT': '',
# OPTIONS: Extra parameters to use when connecting to the database.
'OPTIONS': {
# Set sql_mode to 'STRICT_TRANS_TABLES' for MySQL. See
# https://docs.djangoproject.com/en/1.11/ref/ # databases/#setting-sql-mode
#'init_command': "SET sql_mode='STRICT_TRANS_TABLES'",
},
}
}
# If you're behind a proxy, use the X-Forwarded-Host header
# See https://docs.djangoproject.com/en/1.8/ref/settings/#use-x-forwarded-host
USE_X_FORWARDED_HOST = True
# And if your proxy does your SSL encoding for you, set SECURE_PROXY_SSL_HEADER
# https://docs.djangoproject.com/en/1.8/ref/settings/#secure-proxy-ssl-header
# SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
# SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_SCHEME', 'https')
# Other security settings
# SECURE_SSL_REDIRECT = True
# If you set SECURE_SSL_REDIRECT to True, make sure the SECURE_REDIRECT_EXEMPT
# contains at least this line:
# SECURE_REDIRECT_EXEMPT = [
# "archives/api/mailman/.*", # Request from Mailman.
# ]
# SESSION_COOKIE_SECURE = True
# SECURE_CONTENT_TYPE_NOSNIFF = True
# SECURE_BROWSER_XSS_FILTER = True
# CSRF_COOKIE_SECURE = True
# CSRF_COOKIE_HTTPONLY = True
# X_FRAME_OPTIONS = 'DENY'
# Internationalization
# https://docs.djangoproject.com/en/1.8/topics/i18n/ LANGUAGE_CODE = 'en-us'
TIME_ZONE = 'UTC'
USE_I18N = True
USE_L10N = True
USE_TZ = True
# Set default domain for email addresses.
EMAILNAME = 'list1.iitm.ac.in'
# If you enable internal authentication, this is the address that the emails
# will appear to be coming from. Make sure you set a valid domain name,
# otherwise the emails may get rejected.
# https://docs.djangoproject.com/en/1.8/ref/settings/#default-from-email
# DEFAULT_FROM_EMAIL = "mailing-lists(a)you-domain.org"
DEFAULT_FROM_EMAIL = 'postorius@{}'.format(EMAILNAME)
# If you enable email reporting for error messages, this is where those emails
# will appear to be coming from. Make sure you set a valid domain name,
# otherwise the emails may get rejected.
# https://docs.djangoproject.com/en/1.8/ref/settings/#std:setting-SERVER_EMAIL
# SERVER_EMAIL = 'root(a)your-domain.org'
SERVER_EMAIL = 'root@{}'.format(EMAILNAME)
# Django Allauth
ACCOUNT_DEFAULT_HTTP_PROTOCOL = "https"
#
# Social auth
#
SOCIALACCOUNT_PROVIDERS = {
#'openid': {
# 'SERVERS': [
# dict(id='yahoo',
# name='Yahoo',
# openid_url='http://me.yahoo.com'),
# ],
#},
#'google': {
# 'SCOPE': ['profile', 'email'],
# 'AUTH_PARAMS': {'access_type': 'online'},
#}, #'facebook': {
# 'METHOD': 'oauth2',
# 'SCOPE': ['email'],
# 'FIELDS': [
# 'email',
# 'name',
# 'first_name',
# 'last_name',
# 'locale',
# 'timezone',
# ],
# 'VERSION': 'v2.4',
#},
}
# On a production setup, setting COMPRESS_OFFLINE to True will bring a
# significant performance improvement, as CSS files will not need to be
# recompiled on each requests. It means running an additional "compress"
# management command after each code upgrade.
# http://django-compressor.readthedocs.io/en/latest/usage/#offline-compression
COMPRESS_OFFLINE = True
POSTORIUS_TEMPLATE_BASE_URL = 'http://localhost/mailman3/'
SITE_ID = 2
import ldap
from django_auth_ldap.config import LDAPSearch # LDAP server URI
AUTH_LDAP_SERVER_URI = "ldap://127.0.0.1"
# Bind DN & password (service account from IITM LDAP admin)
AUTH_LDAP_BIND_DN = "cn=ldapreader,ou=Services,dc=iitm,dc=ac,dc=in"
AUTH_LDAP_BIND_PASSWORD = "642126"
# Where to search for users
AUTH_LDAP_USER_SEARCH = LDAPSearch(
"ou=People,dc=iitm,dc=ac,dc=in",
ldap.SCOPE_SUBTREE,
"(uid=%(user)s)"
)
# Map LDAP attributes to Django user fields
AUTH_LDAP_USER_ATTR_MAP = {
"first_name": "cn",
"last_name": "sn",
# "email": "mail" # optional if not present
}
# Authentication backends (LDAP first, fallback to Django DB)
AUTHENTICATION_BACKENDS = [
"django_auth_ldap.backend.LDAPBackend",
"django.contrib.auth.backends.ModelBackend",
]
import logging
logger = logging.getLogger('django_auth_ldap')
logger.setLevel(logging.DEBUG)
logger.addHandler(logging.StreamHandler())
-----Original Message-----
From: Nirmal <nirmal(a)iitm.ac.in>
To: Stephen <steve(a)turnbull.jp>
Cc: mailman-users <mailman-users(a)mailman3.org>
Date: Friday, 26 September 2025 3:27 PM IST
Subject: Re: [MM3-users] Re: Reg Archive Inactive Status
Yes I have it. I am also sharing that also settings_local.py
-----Original Message-----
From: Stephen <steve(a)turnbull.jp>
To: Nirmal <nirmal(a)iitm.ac.in>
Cc: mailman-users <mailman-users(a)mailman3.org>
Date: Friday, 26 September 2025 3:09 PM IST
Subject: [MM3-users] Re: Reg Archive Inactive Status
Nirmal J via Mailman-users writes:
> Hereby I am sharing the full settings.py file.
Are you sure this is the settings.py being used by your installation?
It appears to be the distribution file, unchanged.
> MAILMAN_ARCHIVER_FROM = ('127.0.0.1', '::1')# Application definition
If this is from the installed settings.py, it isn't going to work,
since you specified a routable domain (I think, although
"list1.iitm.ac.in" is not in the public DNS), which will have a
routable address, not localhost.
What IP does your DNS report for "list1.iitm.ac.in"?
> HOSTNAME = 'localhost.local'
That isn't what you told Mailman via hyperkitty.cfg. I'm not sure it
matters, but I think you should make sure all the config files agree
on the name of the host.
> # If you enable email reporting for error messages, this is where those emails
> # will appear to be coming from. Make sure you set a valid domain name,
> # otherwise the emails may get rejected.
> # https://docs.djangoproject.com/en/1.8/ref/settings/#std:setting-SERVER_EMAIL
> # SERVER_EMAIL = 'root(a)your-domain.org'
> SERVER_EMAIL = 'root@{}'.format(HOSTNAME)
This can be problematic, at least if you enable error messages by email.
> try:
> from settings_local import *
> except ImportError:
> pass
Do you have a "settings_local.py" file?
--
GNU Mailman consultant (installation, migration, customization)
Sirius Open Source https://www.siriusopensource.com/
Software systems consulting in Europe, North America, and Japan
2 weeks, 4 days
Re: Newbie hyperkitty question
by Stephen Daniel
Thanks. Very helpful.
On Tue, Jan 11, 2022 at 2:03 PM Mark Sapiro <mark(a)msapiro.net> wrote:
> On 1/11/22 8:27 AM, Stephen Daniel wrote:
> > Mailman users --
> >
> > I am setting up a new mailman3 installation, and this is my first
> > experience with the suite. All of the software is up and running, but I
> > cannot tell if hyperkitty is actually running.
>
>
> In Postorius, in the list's `info` view can you click the Archives
> button and see archived messages? That's HyperKitty.
>
> If the messages aren't there with the hyperkitty archiving option
> enabled, check `mailman.log` for why.
>
> Also do messages from the list have an Archived-At: header?
>
>
> > When I look at my test mailing list, two archive options are available,
> > hyperkitty and "prototype", and both are enabled. I can see that my
> email
> > is being archived, but I think "prototype" is what is doing the
> archiving.
> > I see that a test message will end up in
> >
> /opt/mailman/mm/var/archives/prototype/<LISTNAME>@<LISTDOMAIN.org>/new/164....
> > and nowhere else. This suggests that "prototype" is archiving, but
> > hyperkitty is not.
>
>
> No this says the prototype archiver is working. It says nothing about
> Hyperkitty.
>
>
> > So, this opens up a raft of questions on hyperkitty:
>
>
> David Newman has answered some of this, but ...
>
>
> > - How do I tell if hyperkitty is actually running?
>
>
> It doesn't actually run. it is a Django web UI and a web API that serves
> things on request.
>
>
> > - Does hyperkitty have a web-UI for admins or users? How would I
> access
> > it?
>
> See above.
>
>
> > - I can not find any documentation on hyperkitty, other than
> > installation instructions and change logs. Does documentation exist?
>
> No, not really.
>
>
> > - How do I set policies on how long archives are kept?
> > - Assuming I want to back up my archives, what do I need to back up?
>
>
> Messages are kept forever unless you do something to delete them.
> HyperKitty's messages are stored in the database configured in the
> DATABASES setting in your Django settings. How you backup the database
> depends on the database manager. You already found the prototype
> archiver's messages.
>
>
> --
> Mark Sapiro <mark(a)msapiro.net> The highway is for gamblers,
> San Francisco Bay Area, California better use your sense - B. Dylan
> _______________________________________________
> Mailman-users mailing list -- mailman-users(a)mailman3.org
> To unsubscribe send an email to mailman-users-leave(a)mailman3.org
> https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/
>
3 years, 9 months
Re: About to Install MM3 -- Seeking clarification
by Onyeibo Oku
Help!
Regards
Onyeibo
On Thu Oct 13, 2022 at 6:03 AM WAT, Onyeibo Oku wrote:
> On Wed, 12 Oct 2022 17:52:47 -0700
> Mark Sapiro <mark(a)msapiro.net> wrote:
>
> Thanks Eggert and Sapiro.
>
> >
> > As Eggert suggests, see
> > https://docs.mailman3.org/en/latest/install/virtualenv.html and
> > follow that.
>
> I already started out on the above route. Its an adaptation because I
> am running Fedora. I had no problem with system-wide installations via
> dnf package management. However, some parts of the documentation does
> not add up.
>
> > You don't need to download the source from GitLab.
> > Following that doc will get the latest releases from PyPI via pip.
> > Those are still somewhat out of date - we really should make new
> > releases - so if you want the latest from GitLab, there are a couple
> > of ways to do it. Perhaps the easiest is to just run the various `pip
> > install` commands as documented and then upgrade Mailman core in your
> > venv with ```
> > pip install --upgrade git+https://gitlab.com/mailman/mailman@master
> > ```
> > and update the various mailman web packages with
> > ```
> > pip install --upgrade git+https://gitlab.com/mailman/xxx@master
> > ```
> > where xxx is mailman-web, mailman-hyperkitty, django-mailman3,
> > postorius, hyperkitty. I.e., run it 5 times, once for each value of
> > xxx.
> >
>
> I will come to this eventually (assuming that does not break things
> later). I aim to get it all working with regular pip packages first. I
> have installed mailman core already.
>
> Fedora expects mailman files to reside at /usr/lib/mailman. It appears
> to ship with a mailman unix user. I adapted to those system defaults.
>
> Now I observe that "su - mailman" gives me the proper prompt but
> .bashrc doesn't kick in. I still have to manually change to the
> virtual environment despite setting the automatic change in .bashrc.
> However, "su mailman" runs .bashrc but the prompt says "bash X.XX $".
> Is this normal?
>
> Subsequent parts of the doc show the path "/opt/mailman/mm/var/*" which
> should correspond to "/usr/lib/mailman/mm/var/*" on my instance.
> However, I don't see any instructions on how to get the "/mm" folder
> and the associated sub-folders. I just have "/usr/lib/mailman"
>
> I am lost
>
> "pip list" within the venv environment confirms that I have "mailman
> 3.3.5". What am I missing?
>
> Regards
> Onyeibo
>
>
> _______________________________________________
> Mailman-users mailing list -- mailman-users(a)mailman3.org
> To unsubscribe send an email to mailman-users-leave(a)mailman3.org
> https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/
2 years, 11 months
Re: Missing Base64 encoding from control message reply
by Jana Berger
On 22.09.2023 18:32, Stephen J. Turnbull wrote:
> lists-mailman3(a)janaberger.de writes:
>
> > I have a setup with GNU Mailman 3.3.8 where a user tried to
> > subscribe. When replying to the "confirm" message, the user
> > received a completely garbled response, like so:
> >
> > N?z??? ??zf???&???j?????u?[zZ0:???v???,j?z???k?e?0
> >
> 4D???r?^b??r?????*'???y????{ax?L?X????0:???v???,j?z???k?d?m?-???zz?r
n??l]y+???-E?(
> >
> ?^N??'??M???t???Mz?????^i?????}?o?\????6sN?zf??????r??z?????????b?{h?????f?r?ne==
>
> To diagnose, we really need to see that in context of the raw message
> as received by the user.
You can see the same or similar result by opening the EML I quoted. Does
the list support attachments? Then I will attach the file directly.
>
> > The user then forwarded the .eml file to me, which clearly shows
> > the contents of the mail as plain text while being announced as
> > base64 (Content-Transfer-Encoding: base64):
>
> It also clearly doesn't show anything like the mojibake above. What
> is the relation between the two?
Sorry, I should have made that clearer - when opening the EML file with
e.g. Thunderbird, the contents (message text) of the mail as displayed
is the garbled string. I assume it is the result of Thunderbird trying
to process the contents as base64-encoded, which it is not.
>
> While the problems could be related to Mailman, it could also be any
> MTA along the way or the user's mail client.
>
> I suspect that the .eml file has been significantly altered by
> intervening software. As far as I know, the Python email package does
> not MIME-encode plain ASCII text as you see in the email's subject.
I have multiple control messages, all received from my instance which
all contain the "Content-Transfer-Encoding: base64" marker, their
contents is plain text (Content-Type: text/plain; charset="utf-8"), but
they are still encoded using base64.
Of course that is not proof, but an indication that it is either done by
the mail server itself or widely across MUAs.
>
> The only other thing I can think of is it might have something to do
> with your internationalization settings. What is the default language
> of the list? (This is available in Postorius.) Have you changed the
> default encoding for English on your site? (I think you need to look
> in mailman.cfg for this.) What is the default language of the site?
Global "Preferred language" is "English (USA)", which is not overridden
by the list in question. I have not changed the default encoding. Is
there a surefire way to detect this?
My mailman.cfg has no section pertaining to encoding, and all related
files also do not mention encoding.
2 years
Re: mailman3 on new Debian 12 installation, got ssl apache working on all URLs except /mailman3
by Odhiambo Washington
On Fri, Mar 28, 2025 at 12:06 AM Philip Bondi <pjbondi(a)systemdatabase.com>
wrote:
> LE and certbot created those paths for me, somehow. Both on CentOS and
> Debian. Don't know why. Checked my putty logs. Cannot find the first
> emergence of strange path. You guys are superheroes.
>
> Debian 12:
>
> <PRE>
> pjbondi@shackleton12:~$ sudo -i
> root@shackleton12:~# cat /etc/os-release
> PRETTY_NAME="Debian GNU/Linux 12 (bookworm)"
> NAME="Debian GNU/Linux"
> VERSION_ID="12"
> VERSION="12 (bookworm)"
> VERSION_CODENAME=bookworm
> ID=debian
> HOME_URL="https://www.debian.org/"
> SUPPORT_URL="https://www.debian.org/support"
> BUG_REPORT_URL="https://bugs.debian.org/"
> root@shackleton12:~# ls -alF /etc/letsencrypt/live/
> total 32
> drwx------ 7 root root 4096 Nov 29 07:57 ./
> drwxr-xr-x 9 root root 4096 Mar 27 15:02 ../
> -rw-r--r-- 1 root root 740 Nov 27 10:27 README
> drwxr-xr-x 2 root root 4096 Mar 6 09:03 systemdatabase.ca/
> drwxr-xr-x 2 root root 4096 Mar 6 09:03 systemdatabase.ca-0001/
> drwxr-xr-x 2 root root 4096 Mar 6 09:04 systemdatabase.com/
> drwxr-xr-x 2 root root 4096 Mar 6 09:04 systemdatabase.com-0001/
> drwxr-xr-x 2 root root 4096 Mar 6 09:04 systemdatabase.homelinux.com/
> root@shackleton12:~#
> </PRE>
>
> CentOS 7:
>
> <PRE>
> [1004] $ cat /etc/os-release
> NAME="CentOS Linux"
> VERSION="7 (Core)"
> ID="centos"
> ID_LIKE="rhel fedora"
> VERSION_ID="7"
> PRETTY_NAME="CentOS Linux 7 (Core)"
> ANSI_COLOR="0;31"
> CPE_NAME="cpe:/o:centos:centos:7"
> HOME_URL="https://www.centos.org/"
> BUG_REPORT_URL="https://bugs.centos.org/"
>
> CENTOS_MANTISBT_PROJECT="CentOS-7"
> CENTOS_MANTISBT_PROJECT_VERSION="7"
> REDHAT_SUPPORT_PRODUCT="centos"
> REDHAT_SUPPORT_PRODUCT_VERSION="7"
>
> [1005] $ ls -alF /etc/letsencrypt/live/
> total 4
> drwx------. 7 root root 168 Aug 15 2023 ./
> drwxr-xr-x. 9 root root 108 Jan 19 03:22 ../
> -rw-r--r--. 1 root root 740 Jul 2 2020 README
> drwxr-xr-x. 2 root root 93 Jan 19 2023 systemdatabase.ca/
> drwxr-xr-x. 2 root root 112 Jan 19 03:22 systemdatabase.ca-0001/
> drwxr-xr-x. 2 root root 112 Feb 5 2021 systemdatabase.com/
> drwxr-xr-x. 2 root root 112 Jan 19 03:21 systemdatabase.com-0001/
> drwxr-xr-x. 2 root root 112 Jan 19 03:20 systemdatabase.homelinux.com/
> </PRE>
>
> Again. We're almost there with ssl apache configs.
> - works for LE challenge and Subversion https://systemdatabase.ca/
> - 6 paths work for MM3 https://systemdatabase.ca/postorius/, etc
> - But https://systemdatabase.ca/mailman3 fails
>
So, might you be having a file named /etc/mailman3/urls.py and what does it
contain?
--
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
In an Internet failure case, the #1 suspect is a constant: DNS.
"Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-)
[How to ask smart questions:
http://www.catb.org/~esr/faqs/smart-questions.html]
6 months, 2 weeks
Re: Archive not updated
by Marc SCHAEFER
Hello,
On Mon, Sep 02, 2024 at 09:08:09AM -0000, mailman3--- via Mailman-users wrote:
> Debian bookworm
Archival works here.
Here is my simplified auto-deployement script (some might not be useful to you, I am using a local Postfix):
PS: replace services_install by apt-get install
djangoauth=@@@REPLACE
# this is a bash array: server, user, pw
psqlauth=@@@REPLACE
services_install postfix
(while read line
do
case $line in
*=*) postconf -e "$line";;
*) echo "TOSSING: $line" >&2;;
esac
done) <<EOF
myhostname = $lists
mydestination = $lists
mynetworks = 127.0.0.0/8
inet_protocols = ipv4
inet_interfaces = all
transport_maps = hash:/var/lib/mailman3/data/postfix_lmtp
local_recipient_maps = hash:/var/lib/mailman3/data/postfix_lmtp
relay_domains = hash:/var/lib/mailman3/data/postfix_domains
relayhost = @@@REPLACE
EOF
cat >> /etc/aliases <<EOF
postorius: root
www-data: root
root: ${djangoauth[1]}
EOF
newaliases
services_install dbconfig-pgsql
cat > /etc/dbconfig-common/mailman3.conf <<EOF
dbc_install='true'
dbc_upgrade='true'
dbc_remove='false'
dbc_dbtype='pgsql'
dbc_dbuser='${psqlauth[1]}'
dbc_dbpass='${psqlauth[2]}'
dbc_dbserver='${psqlauth[0]}'
dbc_dbname='mailman'
dbc_dbadmin='postgres'
EOF
sed < /etc/dbconfig-common/mailman3.conf \
> /etc/dbconfig-common/mailman3-web.conf \
"s/^dbc_dbname=.*/dbc_dbname='mailmanweb'/"
chmod 600 /etc/dbconfig-common/mailman3.conf \
/etc/dbconfig-common/mailman3-web.conf
services_install mailman3-full mailman3-web
sed --in-place "s/^site_owner: .*/site_owner: ${djangoauth[1]}/" \
/etc/mailman3/mailman.cfg
# archiving mails from mailing-lists automatically
cat >> /etc/mailman3/mailman.cfg <<'EOF'
[archiver.hyperkitty]
class: mailman_hyperkitty.Archiver
enable: yes
configuration: /etc/mailman3/mailman-hyperkitty.cfg
[styles]
default: private-default
EOF
# enable archiver key
sed -i "s%^api_key:.*%api_key: $(egrep MAILMAN_ARCHIVER_KEY /etc/mailman3/mailman-web.py | awk '{print $NF;}' | sed "s/'//g")%" /etc/mailman3/mailman-hyperkitty.cfg
# work-around: SQLAlchemy no longer supports "postgres"
sed --in-place "s%^url: postgres://%url: postgresql://%" \
/etc/mailman3/mailman.cfg
sed --in-place "s/.*'Mailman Suite Admin', 'root@localhost').*/('Mailman Suite Admin', '${djangoauth[1]}'),/;s/^EMAILNAME\s*=.*/EMAILNAME = '$lists'/;/django_mailman3.lib.auth.fedora/d" /etc/mailman3/mailman-web.py
# aliases mailman <-> postfix
mkdir -p /var/lib/mailman3/data
chown list:list /var/lib/mailman3/data
for i in postfix_lmtp postfix_lmtp postfix_domains
do
touch /var/lib/mailman3/data/$i
postmap /var/lib/mailman3/data/$i
done
chown list:list /var/lib/mailman3/data/postfix_*
# work-around for django_q
# (does not seem to work, and DEFAULT_AUTO_FIELD should be also
# configured to django.db.models.BigAutoField)
dpkg-divert --rename /usr/lib/python3/dist-packages/django_q/conf.py
sed < /usr/lib/python3/dist-packages/django_q/conf.py.distrib \
> /usr/lib/python3/dist-packages/django_q/conf.py \
's%TIMEOUT = conf.get("timeout", None)%TIMEOUT = conf.get("timeout", 59)%'
pkill -e -2 --full 'python3 manage.py qcluster' || true
# fix example.com
PGPASSWORD=${psqlauth[2]} psql -h ds-services-psql -U ${psqlauth[1]} mailmanweb -c "UPDATE django_site SET domain = '$lists', name = '$lists' WHERE id = 1"
# workaround required?
#chgrp list /var/lib/mailman3/locks/
#chmod g+rwx /var/lib/mailman3/locks/
chgrp list /var/log/mailman3/*.log
# https://docs.djangoproject.com/en/3.0/ref/django-admin/#django-admin-create…
env DJANGO_SUPERUSER_PASSWORD=${djangoauth[3]} \
DJANGO_SUPERUSER_USERNAME=${djangoauth[2]} \
DJANGO_SUPERUSER_EMAIL=${djangoauth[1]} \
mailman-web createsuperuser --noinput \
|| echo "django super user already exists in DB, ignored"
# then I migrate the lists
1 year, 1 month
Re: Can creating too many Django accounts crash Mailman3 server?
by Abhilash Raj
On Tue, Sep 15, 2020, at 12:09 AM, Stephen J. Turnbull wrote:
> Mohsen Masoudfar writes:
>
> > It seems anybody can go to the site:
> > https://LISTSERVNAME/mailman3/postorius/lists/
> > and click on the [Sign up] on the top-right corner and create an
> > account.
>
> Yes.
>
> > This can easily be automated, even though the next step, confirming
> > the email address, being ignored. I believe it can be used as a
> > target for a DOS attack by creating so many accounts, that
> > eventually causes an 'out of space' error.
> >
> > Is this a justified concern?
>
> "Justified" depends on who you think the attacker is. Theoretically
> it's a real possibility, but the space used by an unverified account
> is not large. I suspect there are always much more painful DoS
> attacks to worry about.
>
> > Is there a way to manage this feature in a secure way?
>
> In some sense, I don't think there is. The point of the feature is to
> allow anybody to sign up without authentication beyond having a usable
> email address. Either you allow the DoS attack or anything you do is
> likely to deny service to legitimate users.
>
> Brian's approach (cron job purging unverified users) is generally good
> hygiene, but I don't think it would do much against an deliberate
> attack. And it shouldn't be hard to automate the confirmation
> process. I guess you could handle that by purging accounts with no
> subscriptions or other roles on any lists, but that might annoy a few
> legitimate users.
>
> Probably the best you could do for an open server would be to throttle
> user creation to say 1 per minute (adjustable to the scale of your
> site).
>
> I don't know if there is currently a way to require admin approval for
> account creation (as opposed to list subscription). Perhaps we should
> add that if we don't have it.
I checked django-allauth, it doesn't have a feature like that. We could implement
something on-top of that to optionally allow for admin approval but some other
details would need to be figured out and would be a sizeable task involving a new
view for account approvals.
We potentially also would have to modify the models used in django-allauth to
add the flag for "approved", which I am not sure would be an easy task to figure
out.
Perhaps, it might be easier to make a feature request and implement it in
django-allauth though.
>
> Steve
> _______________________________________________
> Mailman-users mailing list -- mailman-users(a)mailman3.org
> To unsubscribe send an email to mailman-users-leave(a)mailman3.org
> https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/
>
--
thanks,
Abhilash Raj (maxking)
5 years
Re: Bulk changes to delivery mode and moderation action
by Mark Sapiro
On 1/7/22 11:06 AM, David Newman wrote:
>
> 1. In Users/Members, moderation action for the newly resubscribed users
> shows as "None". Is there a method, either in the UI or the command
> line, to change this to "Default processing" for all users?
I assume you don't want to set `Default action to take when a member
posts to the list` to Default Processing because you want new member
posts to be held. This is a good practice. To set all members to default
processing in mailman shell
```
$ mailman shell -l list.example.com
Welcome to the GNU Mailman shell
Use commit() to commit changes.
Use abort() to discard changes since the last commit.
Exit with ctrl+D does an implicit commit() but exit() does not.
The variable 'm' is the list.example.com mailing list
>>> from mailman.interfaces.action import Action
>>> for mbr in m.members.members:
... mbr.moderation_action = Action.defer
...
>>> commit()
>>>
```
> 2. Although Delivery Mode shows as "Regular" for all users in
> Users/Members list, clicking on a member's name shows all options such
> as delivery status, delivery mode, etc., as undefined.
They show as undefined, but if you look at your own settings by
selecting `Mailman settings` from the dropdown under your username at
the upper right in Postorius, you will see you have Global Mailman
preferences, Address-based preferences and List-based preferences. If a
list based preference is unset for a list, it falls back to the address
based preference for the address and if that's unset, to the global
preference.
When you as an admin look at a user, you only see the user's list based
preferences.
> Similar question: How to set subscriber options for all members in one go?
Per the above, you only need to set the user's preferences if they don't
have address based preferences and the preference differs from the
global (default) preferences.
However, if you want to set the member's list preferences, you could add
to the beginning of the above:
```
>>> from mailman.interfaces.member import DeliveryMode, DeliveryStatus
>>> english = getUtility(ILanguageManager).get('en')
```
and to the `for` loop in the above:
```
... mbr.preferences.acknowledge_posts = False
... mbr.preferences.delivery_mode = DeliveryMode.regular
... mbr.preferences.delivery_status = DeliveryStatus.enabled
... mbr.preferences.hide_address = False
... mbr.preferences.preferred_language = english
... mbr.preferences.receive_list_copy = False
... mbr.preferences.receive_own_postings = True
```
Or whatever you think these settings should be.
> 3. As a subscriber to this list, I received email notification that I'd
> been unsubscribed. Where is the control for enabling/disabling
> subscription notifications?
Settings -> Automatic Responses
> Settings/Member Policy/Un-subscription Policy is set to Confirm, but I
> don't think that's relevant here since I unsubscribed users as the
> Django superuser.
Correct.
--
Mark Sapiro <mark(a)msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
3 years, 9 months
Re: There are currently no mailing lists!?
by Christian
I meant to say I updated Buster.
When I ran 'sudo systemctl start mailman' I get
Job for mailman.service failed because the control process exited with error code.
See "systemctl status mailman.service" and "journalctl -xe" for details.
root@lists:~# systemctl status mailman.service
● mailman.service - GNU Mailing List Manager
Loaded: loaded (/lib/systemd/system/mailman.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Tue 2024-07-23 04:15:47 PDT; 10s ago
Process: 1357 ExecStart=/opt/mailman/mm/bin/mailman start (code=exited, status=2)
Jul 23 04:15:46 lists.gaiapacha.ie systemd[1]: Starting GNU Mailing List Manager...
Jul 23 04:15:47 lists.gaiapacha.ie mailman[1357]: Usage: mailman start [OPTIONS]
Jul 23 04:15:47 lists.gaiapacha.ie mailman[1357]: Try 'mailman start -h' for help.
Jul 23 04:15:47 lists.gaiapacha.ie mailman[1357]: Error: A previous run of GNU Mailman did not exit cleanly (stale_lock). Try using --force
Jul 23 04:15:47 lists.gaiapacha.ie systemd[1]: mailman.service: Control process exited, code=exited, status=2/INVALIDARGUMENT
Jul 23 04:15:47 lists.gaiapacha.ie systemd[1]: mailman.service: Failed with result 'exit-code'.
Jul 23 04:15:47 lists.gaiapacha.ie systemd[1]: Failed to start GNU Mailing List Manager.
root@lists:~# journalctl -xe
Jul 23 04:14:54 lists.gaiapacha.ie postfix/smtpd[1042]: 591AD2403D7: client=localhost[127.0.0.1]
Jul 23 04:14:54 lists.gaiapacha.ie postfix/cleanup[1046]: 591AD2403D7: warning: header Subject: [Django] ERROR (EXTERNAL IP): Service Unavailable: /mailman3/system/ from localhost[127
Jul 23 04:14:54 lists.gaiapacha.ie postfix/cleanup[1046]: 591AD2403D7: message-id=<172173329436.628.16645057357232267420(a)lists.gaiapacha.ie>
Jul 23 04:14:54 lists.gaiapacha.ie postfix/qmgr[744]: 591AD2403D7: from=<noreply(a)lists.gaiapacha.ie>, size=19287, nrcpt=1 (queue active)
Jul 23 04:14:54 lists.gaiapacha.ie postfix/smtpd[1042]: disconnect from localhost[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Jul 23 04:14:54 lists.gaiapacha.ie postfix/smtp[1047]: 591AD2403D7: to=<csa(a)web-analysts.net>, relay=box.ecovillage.cc[45.79.28.18]:25, delay=0.15, delays=0/0/0/0.14, dsn=2.0.0, statu
Jul 23 04:14:54 lists.gaiapacha.ie postfix/qmgr[744]: 591AD2403D7: removed
Jul 23 04:14:54 lists.gaiapacha.ie kernel: [UFW BLOCK] IN=eth0 OUT= MAC=f2:3c:94:e9:54:57:00:00:0c:9f:f0:1e:08:00 SRC=104.156.155.36 DST=192.46.218.224 LEN=40 TOS=0x00 PREC=0x00 TTL=2
Jul 23 04:14:55 lists.gaiapacha.ie kernel: [UFW BLOCK] IN=eth0 OUT= MAC=f2:3c:94:e9:54:57:00:00:0c:9f:f0:1e:08:00 SRC=3.142.189.15 DST=192.46.218.224 LEN=40 TOS=0x00 PREC=0x00 TTL=234
Jul 23 04:14:56 lists.gaiapacha.ie kernel: [UFW BLOCK] IN=eth0 OUT= MAC=f2:3c:94:e9:54:57:00:00:0c:9f:f0:1e:08:00 SRC=103.99.1.78 DST=192.46.218.224 LEN=40 TOS=0x00 PREC=0x00 TTL=238
Jul 23 04:14:57 lists.gaiapacha.ie python[621]: looking for plugins in '/usr/lib64/sasl2', failed to open directory, error: No such file or directory
Jul 23 04:14:58 lists.gaiapacha.ie python[639]: looking for plugins in '/usr/lib64/sasl2', failed to open directory, error: No such file or directory
Jul 23 04:14:59 lists.gaiapacha.ie kernel: [UFW BLOCK] IN=eth0 OUT= MAC=f2:3c:94:e9:54:57:00:00:0c:9f:f0:1e:08:00 SRC=45.227.253.131 DST=192.46.218.224 LEN=40 TOS=0x08 PREC=0x20 TTL=2
Jul 23 04:14:59 lists.gaiapacha.ie kernel: [UFW BLOCK] IN=eth0 OUT= MAC=f2:3c:94:e9:54:57:00:00:0c:9f:f0:1e:08:00 SRC=104.156.155.36 DST=192.46.218.224 LEN=40 TOS=0x00 PREC=0x00 TTL=2
Jul 23 04:15:01 lists.gaiapacha.ie CRON[1135]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 23 04:15:01 lists.gaiapacha.ie CRON[1136]: (root) CMD (command -v debian-sa1 > /dev/null && debian-sa1 1 1)
Jul 23 04:15:01 lists.gaiapacha.ie CRON[1135]: pam_unix(cron:session): session closed for user root
Jul 23 04:15:03 lists.gaiapacha.ie kernel: [UFW BLOCK] IN=eth0 OUT= MAC=f2:3c:94:e9:54:57:00:00:0c:9f:f0:1e:08:00 SRC=79.110.62.133 DST=192.46.218.224 LEN=40 TOS=0x00 PREC=0x00 TTL=23
Jul 23 04:15:25 lists.gaiapacha.ie kernel: [UFW BLOCK] IN=eth0 OUT= MAC=f2:3c:94:e9:54:57:00:00:0c:9f:f0:1e:08:00 SRC=104.156.155.36 DST=192.46.218.224 LEN=40 TOS=0x00 PREC=0x00 TTL=2
Jul 23 04:15:46 lists.gaiapacha.ie systemd[1]: Starting GNU Mailing List Manager...
-- Subject: A start job for unit mailman.service has begun execution
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- A start job for unit mailman.service has begun execution.
--
-- The job identifier is 239.
Jul 23 04:15:47 lists.gaiapacha.ie mailman[1357]: Usage: mailman start [OPTIONS]
Jul 23 04:15:47 lists.gaiapacha.ie mailman[1357]: Try 'mailman start -h' for help.
Jul 23 04:15:47 lists.gaiapacha.ie mailman[1357]: Error: A previous run of GNU Mailman did not exit cleanly (stale_lock). Try using --force
Jul 23 04:15:47 lists.gaiapacha.ie kernel: [UFW BLOCK] IN=eth0 OUT= MAC=f2:3c:94:e9:54:57:00:00:0c:9f:f0:1e:08:00 SRC=172.206.148.147 DST=192.46.218.224 LEN=40 TOS=0x00 PREC=0x00 TTL=
Jul 23 04:15:47 lists.gaiapacha.ie systemd[1]: mailman.service: Control process exited, code=exited, status=2/INVALIDARGUMENT
-- Subject: Unit process exited
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- An ExecStart= process belonging to unit mailman.service has exited.
--
-- The process' exit code is 'exited' and its exit status is 2.
Jul 23 04:15:47 lists.gaiapacha.ie systemd[1]: mailman.service: Failed with result 'exit-code'.
-- Subject: Unit failed
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- The unit mailman.service has entered the 'failed' state with result 'exit-code'.
Jul 23 04:15:47 lists.gaiapacha.ie systemd[1]: Failed to start GNU Mailing List Manager.
-- Subject: A start job for unit mailman.service has failed
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- A start job for unit mailman.service has finished with a failure.
--
-- The job identifier is 239 and the job result is failed.
Jul 23 04:16:04 lists.gaiapacha.ie kernel: [UFW BLOCK] IN=eth0 OUT= MAC=f2:3c:94:e9:54:57:00:00:0c:9f:f0:1e:08:00 SRC=79.110.62.213 DST=192.46.218.224 LEN=40 TOS=0x00 PREC=0x00 TTL=23
lines 1745-1798/1798 (END)
-----Original Message-----
From: Odhiambo Washington via Mailman-users <mailman-users(a)mailman3.org>
Sent: Monday, July 22, 2024 3:48 PM
To: csa(a)web-analysts.net
Cc: mailman-users(a)mailman3.org
Subject: [MM3-users] Re: There are currently no mailing lists!?
On Mon, Jul 22, 2024 at 9:06 PM Christian via Mailman-users < mailman-users(a)mailman3.org> wrote:
> I recently upgraded Debian 10 'buster' and when I logged in to
> Postorius in the browser I got the ' Mailman REST API not available.
> Please start Mailman core' message. So I started it up from the
> command line doing 'sudo -u mailman /opt/mailman/mm/venv/bin/mailman
> start -f' which yielded
>
You upgraded Debian from Buster to what??? Bullseye or Bookworm?
Why not just 'sudo systemctl start mailman'?
> Starting Mailman's master runner
> Generating MTA alias maps
> mailman@lists:
>
> Now when I do '
> https://lists.ccalternatives.org/mailman3/lists/?all-lists
> '
> in my browser I get the message ' There are currently no mailing lists.'
> Meanwhile their archives exist. Are the lists actually gone or ?
>
The lists are there since your DB is intact and your venv is intact as well.
>
> What am I doing wrong/what's going on here please? Thank you in advance.
>
I suspect your Python was upgraded to a version different than the one you use to create your virtualenv in the 1st place.
If that is the case, you'll need to create a new virtualenv and migrate the data.
> One more thing...I am running mailman core version GNU Mailman 3.3.5,
> Core API Version 3.1, and Core Python Version 3.7.3.
>
Is there a reason you did not upgrade MM3 core and MM3 Web all this time?
Anyway, check the version of Python used to build your virtualenv against the system version after you upgraded:
# cat /opt/mailman/mm/venv/pyvenv.cfg
home = /usr/local/bin
include-system-site-packages = false
version = 3.11.2
executable = /usr/local/bin/python3.11
command = /usr/local/bin/python -m venv /opt/mailman/mm/venv
If older than the system version, you just need to build a new virtualenv and migrate the data.
HTH.
--
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
In an Internet failure case, the #1 suspect is a constant: DNS.
"Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-) [How to ask smart questions:
http://www.catb.org/~esr/faqs/smart-questions.html]
_______________________________________________
Mailman-users mailing list -- mailman-users(a)mailman3.org To unsubscribe send an email to mailman-users-leave(a)mailman3.org https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/
Archived at: https://lists.mailman3.org/archives/list/mailman-users@mailman3.org/message…
This message sent to csa(a)web-analysts.net
1 year, 2 months
Re: Mails are not archived at all -- how to check if Hyperkitty is running or not?
by Stephen J. Turnbull
Franklin Weng writes:
> In Debian's setting, under /usr/share/mailman3-web/ are these files:
>
> manage.py
> settings_local.py -> /etc/mailman3/mailman-web.py
> settings_local.py.sample
> settings.py
> urls.py
> wsgi.py
That looks right. This is a typical Debian approach to preserving
local configuration automatically when Debian is upgraded.
> In the top of settings_locas.py there are comments saying that this
> file is to override default settings in
> /usr/share/mailman3-web/settings.py, so I suppose hyperkitty
> database should define here,
Yes.
> though it is different from /usr/share/mailman3-web/settings.py.
In Debian, you can't control the contents of that file. It may be
overwritten in any upgrade. That's why the settings_local.py approach
is used.
> In the settings_local.py, it defines sqliet3 and the file of 'NAME'
> /var/lib/mailman3/web/mailman3web.db exists and is a sqlite3 format file.
That's OK (until you need higher performance).
> But in settings.py (which is supposed to be overridden by setting_local.py)
> it defines using postgresql, which doesn't exist in my Debian system.
I assume it is overridden, unless Debian really messed up its
packaging. But it seem to be working for other users (at least, no
complaints I can recall).
> Is there any log I can trace the executing path?
You really don't want to do that.
> 14233 ? Ss 0:01 /usr/bin/uwsgi --plugin python3 --ini
> /etc/mailman3/uwsgi.ini
> 14236 ? Sl 0:00 /usr/bin/uwsgi --plugin python3 --ini
> /etc/mailman3/uwsgi.ini
I don't know much about uswgi, so I can't say whether multiple
processes with the same invocation is a problem. It's something to
keep in mind.
Recently uwsgi is problematic. There are multiple threads in the last
few weeks. Unfortunately, Mailman devs are mostly using Apache +
mod_swgi or gunicorn, so we can't be terribly helpful if there is a
problem with uwsgi. Apparently the Apache process with mod_swgi is
irrelevant.
> The /var/log/mailman3/web/mailman-web.log is at
> https://pastebin.com/U3jHR6JS
That log looks perfectly normal to me. Since the log looks normal,
you don't need to worry about uwsgi yet, but you should review the
threads in our archives.
The only thing that strikes me about the log is that there are no
accesses to ".../hyperkitty/api/...", which is how HyperKitty receives
messages to archive. Perhaps you simply didn't send any messages
during the period of the captured log, but if you did, it should be
there. Three questions:
1. Do you have HyperKitty configured as the Mailman archiver in Mailman?
2. In mailman.cfg do you have
[archiver.hyperkitty]
class: mailman_hyperkitty.Archiver
enable: yes
configuration: /path/to/here/mailman-hyperkitty.cfg
where the "configuration" value should give the full path to a
mailman-hyperkitty.cfg file?
3. Do your lists have archiving configured on in Postorius?
Steve
5 years, 11 months