Mailman in a jail
jim at ohlste.in
Fri Apr 22 11:50:01 UTC 2016
On 4/22/16 7:20 AM, Kristof Provost wrote:
>> On 22 Apr 2016, at 13:11, Jim Ohlstein <jim at ohlste.in
>> <mailto:jim at ohlste.in>> wrote:
>>> The main gotcha with Mailman is that it defaults to supporting Sendmail.
>>> It actually needs to be rebuilt to work with postfix. That's the first
>>> thing to look at. Did you install from ports or with pkg?
>> I built it with poudriere using the Postfix option.
> Okay, that’s good. I did exactly the same ;)
> It’s not quite clear to me if your problem is getting Postfix to deliver
> to mailman, or mailman to postfix.
> In my setup the list is on a separate (virtual) domain, and uses an
> aliases file
> (alias_maps = hash:/etc/aliases, hash:/usr/local/mailman/data/aliases).
> That file is maintained by mailman and will have things like 'test:
> "|/usr/local/mailman/mail/mailman post test”’ in it.
> Return delivery (i.e. mailman sending mail) is done using the DirectSMTP
> module. My ‘SMTPHOST’ is set to the hostname of the jail (so to an IP
> address the postfix is listening on). If you’ve still got that set to
> the default of ‘localhost’ that might also explain your problems.
> It might also be worth playing with telnet inside the jail and
> confirming that you can talk to your postfix that way.
That was the problem. I more or less figured it out late last night when
I looked at the mail logs of the front end server. My setup is like this:
web <--> fontend SSL termination/load balancer/cache <--> multiple
backends (not web accessible)
Mailman is installed in in a jail in a backend server. That jail has a
FQDN and it matches that of Mailman (lists.mydomain.com).
So in ~mailman/Mailman/mm_cfg.py I had:
SMTPHOST = 'lists.mydomain.com'
as instructed by the port upon installation.
That wound up having Mailman looking for the _real_ IP of that FQDN for
the outgoing mail server, which led it back to the frontend server to
which that IP is actually bound. That Postfix installation refused to
relay because the IP range of that backend server was not allowed in
"mynetworks" in its main.cf.
Allowing that IP range on Postfix on the frontend server got outgoing
mail working late last night. It was a fairly inelegant solution but it
worked. Editing ~mailman/Mailman/mm_cfg.py as follows got it working in
- SMTPHOST = 'lists.mydomain.com'
+ SMTPHOST = 'jail.ip.address'
What confused me were the port's instructions and the fact that the
Mailman actually resolved the FQDN and looked for that IP externally.
Thanks to everyone who helped. I'm a bit embarrassed at the simplicity
of the solution.
"Never argue with a fool, onlookers may not be able to tell the
difference." - Mark Twain
More information about the freebsd-ports