~phil.pennock/mailman/dmarc-reject

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
Mailman - The GNU Mailing List Management System
Copyright (C) 1998,1999,2000,2001,2002 by the Free Software Foundation, Inc.
59 Temple Place - Suite 330, Boston, MA 02111-1307, USA

MORE INFORMATION

You might be interested in some information that Norbert Bollow has
written about Mailman and Qmail integration, available here:

    http://mailman.cis.to/qmail-verh/


QMAIL ISSUES

There are some issues that users of the qmail mail transport agent
have encountered.  None of the core maintainers use qmail, so all of
this information has been contributed by the Mailman user community,
especially Martin Preishuber and Christian Tismer, with notes by
Balazs Nagy (BN) and Norbert Bollow (NB).

- You might need to set the mail-gid user to either "qmail", "mailman", or
  "nofiles" by using the --with-mail-gid configure option.

  BN: it highly depends on your mail storing policy.  For example if
  you use the simple ~alias/.qmail-* files, you can use `id -g alias`.
  But if you use /var/qmail/users, the specified mail gid can be
  used.

  If you are going to be directing virtual domains directly to the
  "mailman" user (using "virtualdomains" on a list-only domain, for
  example), you will have to use --with-mail-gid=<gid of mailman user's group>
  This is incompatible with having list aliases in ~alias, unless that alias
  simply forwards to "mailman-listname*".

- If there is a user `mailman' on your system, the alias
  `mailman-owner' will work only in ~mailman.  You have to do a "touch
  .qmail-owner" in ~mailman directory to create this alias.

  NB: An alternative, IMHO better solution is to `chown root
  ~mailman', that will stop qmail from considering `mailman' to be a
  user to whom mail can be delivered.  (See `man 8 qmail-getpw'.)

- In a related issue, if you have any users with the same name as one
  of your mailing lists, you will have problems if list names contain
  `-' in them.  Putting .qmail redirections into the user's home
  directory doesn't work because the Mailman wrappers will not get
  spawned with the proper GID.  The solution is to put the following
  lines in the /var/qmail/users/assign file:

  +zope-:alias:112:11:/var/qmail/alias:-:zope-:
  .

  where in this case the listname is e.g. zope-users.

  NB: Alternatively, you could host the lists on a virtual domain, and
  use the /var/qmail/control/virtualdomains file to put the mailman
  user in charge of this virtual domain.

- BN: If inbound messages are delivered by another user than mailman,
  it's necessary to allow it to access ~mailman.  Be sure that
  ~mailman has group writing access and setgid bit is set.  Then put
  the delivering user to mailman group, and you can deny access to
  ~mailman to others.  Be sure that you can do the same with the WWW
  service.

  By the way the best thing is to make a virtual mail server to handle
  all of the mail.  NB: E.g. make an additional "A" DNS record for the
  virtual mailserver pointing to your IP address, add the line
  `lists.kva.hu:mailman' to /var/qmail/control/virtualdomains and a
  `lists.kva.hu' line to /var/qmail/control/rcpthosts file.  Don't
  forget to HUP the qmail-send after modifying "virtualdomains".  Then
  every mail to lists.kva.hu will arrive to mail.kva.hu's mailman
  user.

  Then make your aliases:
      .qmail              => mailman@...'s letters
      .qmail-owner        => mailman-owner's letters


  For list aliases, you can either create them manually:
      .qmail-list         => posts to the 'list' list
      .qmail-list-admin   => posts to the 'list's owner
      .qmail-list-request => requests to 'list'
      etc

  or for automatic list alias handling (when using the lists.kva.hu virtual
  as above), see "contrib/qmail-to-mailman.py" in the Mailman distribution.
  Modify the "~mailman/.qmail-default" to include:

      |/path/to/python /path/to/qmail-to-mailman.py

  and new lists will automatically be picked up.

- You have to make sure that the localhost can relay.  If you start
  qmail via inetd and tcpenv, you need some line the following in your 
  /etc/hosts.allow file:

  tcp-env: 127. 10.205.200 : setenv RELAYCLIENT

  where 10.205.200. is your IP address block.  If you use tcpserver, then you
  need something like the following in your /etc/tcp.smtp file:

  10.205.200.:allow,RELAYCLIENT=""
  127.:allow,RELAYCLIENT=""

- BN: Bigger /var/qmail/control/concurrencyremote values work better
  sending outbound messages, within reason.  Unless you know your system
  can handle it (many if not most cannot) this should not be set to a value
  greater than 120.

- More information about setting up qmail and relaying can be found in 
  the qmail documentation.

BN: Last but not least, here's a little script to generate aliases to
your lists (if for some reason you can/will not have them
automatically picked up using "contrib/qmail-to-mailman.py"):

#!/bin/sh
if [ $# = 1 ]; then
    i=$1
    echo Making links to $i...
    echo "|preline /home/mailman/mail/mailman post $i" > .qmail-$i
    echo "|preline /home/mailman/mail/mailman mailowner $i" > .qmail-$i-admin
    echo "|preline /home/mailman/mail/mailman mailowner $i" > .qmail-$i-owner
    echo "|preline /home/mailman/mail/mailman mailowner $i" > .qmail-owner-$i
    echo "|preline /home/mailman/mail/mailman mailcmd $i" > .qmail-$i-request
fi


Local Variables:
mode: text
indent-tabs-mode: nil
End: