angatar / mailman2 Goto Github PK
View Code? Open in Web Editor NEWA useful compact mailman2 container based on debian buster-slim to easily create and manage your mailing lists
License: MIT License
A useful compact mailman2 container based on debian buster-slim to easily create and manage your mailing lists
License: MIT License
Hi!
Really appreciate your hard work in building out this image, it made deployment a breeze for us :)
We need to disable the use of TLS 1.0 and 1.1 for our deployment (specifically for port 465), as they fail our compliance checks. It doesn't seem that Exim is using the /etc/ssl/openssl/cnf
config (which specifies MinProtocol = TLSv1.2
). It looks like Exim may use gnuTLS
instead, though there isn't an existing config for this that I could find. Attempts to create this manually /etc/gnutls/config
with the relevant config values inside didn't appear to make a difference.
I could be completely off base with what I've tried so far, so would really appreciate some guidance on how I might go about resolving this.
Thanks in advance!
I am currently running this on multiple domains but it requires some manual changes to configuration files which are obviously a bit annoying because they do not survive the respawn of a container via docker or docker compose.
The changes needed are the following:
mm_cfg.py
in the following way:add_virtualhost(DEFAULT_URL_HOST, DEFAULT_EMAIL_HOST)
add_virtualhost('lists.additional_domain_1.org', 'additional_domain_1.org')
add_virtualhost('lists.additional_domain_2.org', 'additional_domain_2.org')
/etc/exim4/update-exim4.conf.conf
# this is necessary otherwise exim will throw error 550 and reject relay
dc_other_hostnames=primary_domain.org:additional_domain_1.org:additional_domain_2.org
and to /etc/exim4/conf.d/main/04_mailman_options
domainlist mm_domains=primary_domain.org:additional_domain_1.org:additional_domain_2.org
With these changes mailman can handle multiple lists just fine.
It would be nice if we could please integrate this with the current RUN.sh
script. Probably the easiest would be to introduce two new ENV variables: URL_VIRTUAL_HOSTS and EMAIL_VIRTUAL_HOSTS
Then in RUN.sh something like that:
# Convert comma-separated lists into arrays
IFS=',' read -r -a url_hosts_array <<< "$URL_VIRTUAL_HOSTS"
IFS=',' read -r -a email_hosts_array <<< "$EMAIL_VIRTUAL_HOSTS"
# Check if the arrays have the same length
if [ ${#url_hosts_array[@]} -ne ${#email_hosts_array[@]} ]; then
echo "The lists have different lengths."
exit 1
fi
# Add virtual hosts to /etc/mailman/mm_cfg.py
for ((i = 0; i < ${#url_hosts_array[@]}; ++i)); do
echo "add_virtualhost('${url_hosts_array[$i]}', '${email_hosts_array[$i]}')" >> $mailmancfg
done
# Construct the domain list for Exim configuration
domain_list="$PRIMARY_DOMAIN"
for email_host in "${email_hosts_array[@]}"; do
domain_list+=":$email_host"
done
# Update /etc/exim4/update-exim4.conf.conf - not quite compatible with the current strategy based on sed
echo "dc_other_hostnames='$domain_list'" >> /etc/exim4/update-exim4.conf.conf
# Update /etc/exim4/conf.d/main/04_mailman_options
echo "domainlist mm_domains='$domain_list'" >> /etc/exim4/conf.d/main/04_mailman_options
echo "Configuration updated successfully."
I tried to add the generated DKIM key to my DNS setup and got the error:
The following errors have occurred:-
The Value cannot be longer than 255 characters.
The generated value appears to be about 400 characters. It is necessary to split the generated key into sections by inserting '" "' every so often. Maybe an update to your scripts, or to the docs, would be in order.
All other things are working fine, thank you (other than that gmail would not accept mails from sites without a valid DKIM).
I can't get to the admin interface to configure lists. The image is run with podman
, but docker
will likely get the same results.
$ podman run -d --name mailman2 -p 127.0.0.1:8080:80 -e URL_ROOT= docker.io/d3fk/mailman2
b0fff7047eea84e8ecabee861568cabdcc055ad341c46892669bb388322cb3ea
$ curl 127.0.0.1:8080
<html><h2>Welcome to lists.example.com</h2></html>
$ curl 127.0.0.1:8080/admin
<head><title>Bug in Mailman version 2.1.29</title></head>
<body bgcolor=#ffffff><h2>Bug in Mailman version 2.1.29</h2>
<p><h3>We're sorry, we hit a bug!</h3>
<p>Please inform the webmaster for this site of this
problem. Printing of traceback and other system information has been
explicitly inhibited, but the webmaster can find this information in the
Mailman error logs or the web server logs.
Hi,
First of all I am very impressed by your Mailman 2.1 container, works very nicely thank you :)
I have noticed that the below section adds a new line every time the container is restarted to /etc/mailman/mm_cfg.py
Lines 23 to 28 in 8a2e459
I have tested a fix locally that resolves this:
if ! grep 'DEFAULT_URL_PATTERN' $mailmancfg; then
if [ $URL_PATTERN != "http" ]; then
echo "DEFAULT_URL_PATTERN = 'https://%s/${URL_ROOT}'" >> $mailmancfg
else
echo "DEFAULT_URL_PATTERN = 'http://%s/${URL_ROOT}'" >> $mailmancfg
fi
fi
Thanks
Daniel
I am using mailman2:stable and, after some faffing about, I have it running on self-signed certificates. However I note that if I want to supply my own certificates that the Dockerfile exposes the exim ssl directory, but not the apache ssl locations: /etc/ssl/certs/ssl-cert-snakeoil.pem and /etc/ssl/private/ssl-cert-snakeoil.key. Also, those paths do not appear to be configurable in any way.
It therefore appears to be impossible to run this with SSL_SELFSIGNED=false.
Have i missed something?
Hi!
I just deployed your image with docker-compose.
Used this environment file:
HOSTNAME=lists
DOMAINNAME=mydomain.hu
URL_HOST=lists.mydomain.hu
URL_ROOT=""
URL_PATTERN=https
SSL_FROM_CONTAINER=true
SSL_SELFSIGNED=false
EMAIL_HOST=lists.mydomain.hu
ENABLE_SPF_CHECK=false
LIST_ADMIN=[email protected]
MASTER_PASSWORD=supersecretpassword
PGID=1000
PUID=1000
Everything is fine, i can create new lists, i can manage it, i can add user to it. Except the email sending itself.
I got this error for every email sending try:
F=[email protected] rejected RCPT [email protected]: relay not permitted
Its sound like an exim issue for me. I used postfix everywhere so im no familiar with exim config.
I only use the lists.mydomain.hu for he WEB URL and for the EMAIL host too.
Can you help me out what i do wrong?
Thx!
Peter
Hi all,
I'm looking for an example docker-compose file to deploy a test instance of this tool (I'm really not a Docker expert): would anyone mind sharing one?
Thanks in advance for any help!
I am using the docker-compose variant which works fine until I reboot my docker host. After that emails to maillists are accepted but not conveyed any longer.
I investigated this issue futher and found out that mailan's qrunner lock files are not deleted when stopping the container. Manually deleting the files solved the problem temporarily: docker-compose exec mailman bash -c "rm -f /var/run/lock/mailman/*"; docker-compose restart
I also observed that docker-compose stop
takes 10 seconds - thats the default timeout after which the processes are forcibly terminated. Increasing the timeout (compose option stop_grace_period: 3m
) leads to same result.
I shortly inspected /run.sh. Here the mailman process is started by /etc/init.d/mailman start
but never stopped when catching a SIGTERM signal. Consequently a container restart does not cleanup the locks which inhibits queue processing.
See title.
cron might need syslog, too.
Hi,
I am migrating lists from another server to a new image. My process is as follows:
tar up the following directories on the old server:
/var/lib/mailman/archives/private/[list].mbox
/var/lib/mailman/archives/private/[list]
/var/lib/mailman/lists/[list]/
and then I untar them on the container - I have mounted volumes as follows:
-v $(pwd)/lists:/var/lib/mailman/lists
-v $(pwd)/archives:/var/lib/mailman/archives \
I execute a shell on the docker image:
docker exec -it mailman /bin/bash
and check the permissions (repeat if it fails):
/usr/lib/mailman/bin/check_perms -f
I then fix the links:
/usr/lib/mailman/bin/withlist -l -r fix_url [list] -v -u [website url]
At this point I can browse all of my archives.
I send an email to the list address and it arrives at the server - /var/log/exim4/mainlog shows:
2021-04-16 15:46:28 1lXQfs-0000zK-5y <= mjudd@sa.[tld] H=(sa.[tld]) [redacted ip] P=esmtps X=TLS1.0:DHE_RSA_AES_256_CBC_SHA1:256 CV=no S=1565 id=d7ae7820-a057-aeb7-03c1-b5d8190774b2@sa.[tld]
2021-04-16 15:46:28 1lXQfs-0000zK-5y => tech <[email protected].[tld]> R=mailman_router T=mailman_transport
2021-04-16 15:46:28 1lXQfs-0000zK-5y Completed
As I understand it, all of the subscribed users on the list should receive a copy of that email - but they do not.
Have I missed a step in the migration ? Do I need to regenerate some aliases ??
Thanks for any help you might be able to provide.
None of the mailman aliases in /etc/aliases work. Exim issues pipe_transport unset in system_aliases router
The solution is something like:
.ifndef SYSTEM_ALIASES_PIPE_TRANSPORT
SYSTEM_ALIASES_PIPE_TRANSPORT = address_pipe
SYSTEM_ALIASES_USER = Debian-exim
SYSTEM_ALIASES_GROUP = daemon
.endif
somewhere in the main section of the split config.
Hi,
I've copied the dkim TXT record to my DNS and I am receiving a syntax error:
listsdkim._domainkey.lists.sa.[tld] IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA75p6i6YYw51PuRd9eSGgVwC09+d8PNSEX6m2qxb3GF0hlUzjFkR2uab0j9fLigNSI4cfqR6XDL5wFqf4VOuiOqvRsdgQgYf+3RFLZgKy+YwcKNHPYrKcwnXQZSKaJylJ9X9DlqJFAVr4m6XdOowCuVAtIJdsAh2eJ9HbkUGuqVVl+kobR7HzFGt7Yo6bdaQaQu8v70mejGg7YYaf3jaGg1knVJS2rz5ay3Di3xBjxRewRic0L3PO5c5onyCtOLSkrCuhg7oV+FaIqpQ50EG/BYJJHNChn0e1DP5T34o2fK/audQyCtaNzEujSO2nvTrfu2k//2app2QvgRZmnEj6CwIDAQAB"
[tld] = I removed my domain name
The error in bind is:
dns_rdata_fromtext: /etc/bind/primary/sa/sa:275: syntax error
I can generate a separate dkim which does work:
lists._domainkey.sa.[tld] IN TXT "v=DKIM1;t=s;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHaugpuWW72XLAGF+jXTALY89jpYUYt2Ca7j9tH2DXU7SDp8T1XcU3Ol5oLX5w8wGwTs/G361Rr4/W98c37LFoZWkte21JO9TGB944jqIkL1FXbJF4GsaDmetcaGO63ICAzBbNIx/8cdwlvbVTdFWsvWgf4DCyIVvhwr+8qc42hwIDAQAB"
Any ideas? Can I just use my key ? Can i update the private key somewhere on the image ?
Thanks for any help you can provide.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.