Re: [Mailman-Users] Problem with mailman install
LuKreme wrote: On 17-May-2009, at 19:29, Mark Sapiro wrote: See the FAQ at http://wiki.list.org/x/tYA9 to understand more about this error. My confusion about the error is that mailman has ALWAYS been setu for uid/gid mailman, and has been for years and years. Yes, and the mail/mailman wrapper is group mailman and SETGID so that the pipe invoked by the MTA actually runs as effective group mailman and has appropriate access. However, the MTA invokes the pipe as some user:group determined by the MTA which may or may not be mailman. In order to provide some security against just anyone with shell access being able to run the wrapper from the command line, upon invocation the wrapper checks the original group with which the MTA invoked the wrapper, and if it is not the group the wrapper expects, the wrapper issues the group mismatch error. This is all explained in more detail in the FAQ. -- Mark Sapiro m...@msapiro.netThe highway is for gamblers, San Francisco Bay Area, Californiabetter use your sense - B. Dylan -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Users] Problem with mailman install
On 18-May-2009, at 08:35, Mark Sapiro wrote: In order to provide some security against just anyone with shell access being able to run the wrapper from the command line, upon invocation the wrapper checks the original group with which the MTA invoked the wrapper, and if it is not the group the wrapper expects, the wrapper issues the group mismatch error. This is all explained in more detail in the FAQ. Yes, but the MTA did not change. Recompiling mailman via ports with the same options it had been compiled with before failed (WITH_MAIL_GID=mailman). Restoring from backup (which files are gid mailman) worked. Same permissions on the mailman executable: 14 -rwxr-sr-x 1 root mailman 13661 Jun 8 2007 mail/mailman -- There is a road, no simple highway, between the dawn and the dark of night -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Users] Problem with mailman install
LuKreme wrote: Yes, but the MTA did not change. Recompiling mailman via ports with the same options it had been compiled with before failed (WITH_MAIL_GID=mailman). Restoring from backup (which files are gid mailman) worked. Same permissions on the mailman executable: And the group mismatch error you reported at the start of this thread said Mailman expected the mail wrapper script to be executed as group mailman, but the system's mail server executed the mail script as group nobody. Indicating that yes, the wrapper was compiled WITH_MAIL_GID=mailman, but it should have been compiled WITH_MAIL_GID=nobody. This has nothing to do with the gid of the files. It has to do only with the gid with which the MTA invokes the wrapper. -- Mark Sapiro m...@msapiro.netThe highway is for gamblers, San Francisco Bay Area, Californiabetter use your sense - B. Dylan -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
[Mailman-Users] phantom subscription requests
Mailman 2.1.12 on OpenBSD 4.5 Don't know if this is a coincidence, but ever since rebuilding a Mailman server that crashed last week and restoring the lists from archives, the site admin address has received a few dozen bogus subscription requests to lists on that server. This is odd, in that I'm site admin and have not sent any such requests. From the little bit of spot checking I've done, the requests appear to come mostly from machines in RIPE space in Europe. Is anyone else seeing this? What measures, if any, can a site admin take to block bogus subscription requests? thanks dn -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Users] phantom subscription requests
David Newman wrote: Don't know if this is a coincidence, but ever since rebuilding a Mailman server that crashed last week and restoring the lists from archives, the site admin address has received a few dozen bogus subscription requests to lists on that server. These can result from spam to the LIST-subscribe and/or LIST-join addresses. Check your MTA logs to see if that's where the requests are coming from. This is odd, in that I'm site admin and have not sent any such requests. From the little bit of spot checking I've done, the requests appear to come mostly from machines in RIPE space in Europe. Is anyone else seeing this? What measures, if any, can a site admin take to block bogus subscription requests? Short of disabling the -subscribe and -join addresses, you can't stop the requests, but you can use subscribe_policy to mitigate the impact. If it is spam, requests won't be confirmed. -- Mark Sapiro m...@msapiro.netThe highway is for gamblers, San Francisco Bay Area, Californiabetter use your sense - B. Dylan -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Users] mailman mali list already created
Hi Mark, I have the MAILMAN_SITE_LIST only defined in the Defaults.py program so I am unclear what is the problem. any other clues? r...@enabled:/usr/local/mailman/Mailman# grep MAILMAN_SITE_LIST Defaults.py MAILMAN_SITE_LIST = 'mailman' r...@enabled:/usr/local/mailman/Mailman# grep MAILMAN_SITE_LIST mm_cfg.py r...@enabled:/usr/local/mailman/Mailman# Cheers, Noah Mark Sapiro wrote: Noah wrote: I am migrating my old mailman system. mailman thinks the mailman mail list is not created although it is as identified correctly by the newlist program. What is going on here? What is/are the settings for MAILMAN_SITE_LIST in Defaults.py/mm_cfg.py? The Defaults.py setting should be MAILMAN_SITE_LIST = 'mailman' Is it changed or overridden in mm_cfg.py? -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Users] mailman mali list already created
Noah wrote: I have the MAILMAN_SITE_LIST only defined in the Defaults.py program so I am unclear what is the problem. any other clues? r...@enabled:/usr/local/mailman/Mailman# grep MAILMAN_SITE_LIST Defaults.py MAILMAN_SITE_LIST = 'mailman' r...@enabled:/usr/local/mailman/Mailman# grep MAILMAN_SITE_LIST mm_cfg.py r...@enabled:/usr/local/mailman/Mailman# My best guess at this point is that the mailmanctl being run by /etc/init.d/mailman is not the one in the /usr/local/mailman/bin/ directory. -- Mark Sapiro m...@msapiro.netThe highway is for gamblers, San Francisco Bay Area, Californiabetter use your sense - B. Dylan -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Users] mailman mali list already created
Mark Sapiro wrote: Noah wrote: I have the MAILMAN_SITE_LIST only defined in the Defaults.py program so I am unclear what is the problem. any other clues? r...@enabled:/usr/local/mailman/Mailman# grep MAILMAN_SITE_LIST Defaults.py MAILMAN_SITE_LIST = 'mailman' r...@enabled:/usr/local/mailman/Mailman# grep MAILMAN_SITE_LIST mm_cfg.py r...@enabled:/usr/local/mailman/Mailman# My best guess at this point is that the mailmanctl being run by /etc/init.d/mailman is not the one in the /usr/local/mailman/bin/ directory. okay Mark that is the right answer - thanks! -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Users] mailman mali list already created
on 5/18/09 5:41 PM, Noah said: I have the MAILMAN_SITE_LIST only defined in the Defaults.py program so I am unclear what is the problem. any other clues? Anything you put in Defaults.py will get wiped out by the next upgrade. If you want anything to survive into the next upgrade, you need to put that into mm_cfg.py instead. -- Brad Knowles b...@shub-internet.orgIf you like Jazz/RB guitar, check out LinkedIn Profile: my friend bigsbytracks on YouTube at http://tinyurl.com/y8kpxuhttp://preview.tinyurl.com/bigsbytracks -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
