Re: [Mailman-Users] Migration Problem - No Publicly Advertised Lists

2012-05-12 Thread Dennis Putnam 
Ah! I took your command literally. So the problem is that my mm_cfg.py
seems to not be working. The resulting URL has the local FQDN not what I
specified. Here is my mm_cfg.py (sanitized):

# -*- python -*-

# Copyright (C) 1998,1999,2000,2001,2002 by the Free Software
Foundation, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.

"""This module contains your site-specific settings.

From a brand new distribution it should be copied to mm_cfg.py.  If you
already have an mm_cfg.py, be careful to add in only the new settings you
want.  Mailman's installation procedure will never overwrite your mm_cfg.py
file.

The complete set of distributed defaults, with documentation, are in the
file
Defaults.py.  In mm_cfg.py, override only those you want to change,
after the

  from Defaults import *

line (see below).

Note that these are just default settings; many can be overridden via the
administrator and user interfaces on a per-list or per-user basis.

"""

###
# Here's where we get the distributed defaults.

from Defaults import *
import pwd, grp

##
# Put YOUR site-specific settings below this line.

#ATTENTION: when you use SELinux, mailman might not
#be able to recompile the configuration file
#due to policy settings. If this is the case,
#please run (as root) the supplied "mailman-update-cfg" script

##
#Here's where we override shipped defaults with settings #
#suitable for the RPM package.   #
MAILMAN_UID = pwd.getpwnam('mailman')[2]
MAILMAN_GID = grp.getgrnam('mailman')[2]

##
#Set URL and email domain names  #
#
# Mailman needs to know about (at least) two fully-qualified domain
# names (fqdn)
#
# 1) the hostname used in your urls (DEFAULT_URL_HOST)
# 2) the hostname used in email addresses for your domain
(DEFAULT_EMAIL_HOST)
#
# For example, if people visit your Mailman system with
# "http://www.dom.ain/mailman"; then your url fqdn is "www.dom.ain",
# and if people send mail to your system via "yourl...@dom.ain" then
# your email fqdn is "dom.ain".  DEFAULT_URL_HOST controls the former,
# and DEFAULT_EMAIL_HOST controls the latter.  Mailman also needs to
# know how to map from one to the other (this is especially important
# if you're running with virtual domains).  You use
# "add_virtualhost(urlfqdn, emailfqdn)" to add new mappings.

# Default to using the FQDN of machine mailman is running on.
# If this is not correct for your installation delete the following 5
# lines that acquire the FQDN and manually edit the hosts instead.

from socket import *
try:
fqdn = getfqdn()
except:
fqdn = 'mm_cfg_has_unknown_host_domains'

DEFAULT_URL_HOST   = 'myhostname.myispdomain.com'
DEFAULT_EMAIL_HOST = 'myispdomain.net'

# Because we've overriden the virtual hosts above add_virtualhost
# MUST be called after they have been defined.
VIRTUAL_HOSTS.clear()
add_virtualhost(DEFAULT_URL_HOST, DEFAULT_EMAIL_HOST)

##
# Put YOUR site-specific configuration below, in mm_cfg.py . #
# See Defaults.py for explanations of the values.#

# Note - if you're looking for something that is imported from mm_cfg,
but you
# didn't find it above, it's probably in Defaults.py.

Thanks.

On 5/11/2012 7:35 PM, Mark Sapiro wrote:
> Dennis Putnam wrote:
>> Thanks for the reply. Unfortunately, 'dumpdb' is not installed and I
>> cannot find a package that contains it.
>
> It's part of Mailman. it's in Mailman's bin/ directory, not in /bin or
> /usr/bin, but /usr/lib/mailman/bin or somewhere like that.
>




signature.asc
Description: OpenPGP digital signature
--
Mailman-Users mailing list Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Migration Problem - No Publicly Advertised Lists

2012-05-12 Thread Mark Sapiro 
Dennis Putnam wrote:
>
>Ah! I took your command literally. So the problem is that my mm_cfg.py
>seems to not be working. The resulting URL has the local FQDN not what I
>specified. Here is my mm_cfg.py (sanitized):


Did you run fix_url AFTER editing mm_cfg.py?

If so, what is the exact command you ran?

/path/to/bin/withlist -l -a -r fix_url

should do it.

-- 
Mark Sapiro The highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan

--
Mailman-Users mailing list Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Migration Problem - No Publicly Advertised Lists

2012-05-12 Thread Dennis Putnam 
Thanks again. I did not, I had to boot anyway for other reasons and I
thought that would be sufficient. Obviously not. In any case I had to
run check_perms a couple of times but it seems to be working OK now.


On 5/12/2012 9:53 AM, Mark Sapiro wrote:
> Dennis Putnam wrote:
>> Ah! I took your command literally. So the problem is that my mm_cfg.py
>> seems to not be working. The resulting URL has the local FQDN not what I
>> specified. Here is my mm_cfg.py (sanitized):
>
> Did you run fix_url AFTER editing mm_cfg.py?
>
> If so, what is the exact command you ran?
>
> /path/to/bin/withlist -l -a -r fix_url
>
> should do it.
>




signature.asc
Description: OpenPGP digital signature
--
Mailman-Users mailing list Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Giving away the secrets of 99.3% email delivery

2012-05-12 Thread David 
On Thu, May 10, 2012 at 4:28 PM, Mark Sapiro  wrote:

>
> DKIM signing is normally done in an outgoing MTA. SPF and reverse DNS
> are DNS things, not Mailman.
>
> In general, best practices for Mailman servers are the same as best
> practices for sending mail in general.
>
> Mailman does have the ability to remove DKIM signatures from incoming
> mail where Mailman might break these signatures by, e.g., prefixing
> Subject: headers and/or adding list header or footer information to
> message bodies, but this is controversial. Also, DKIM signing of
> outgoing list mail is controversial because by doing so, you are
> saying that your server vouches for the legitimacy of this mail when,
> in fact, it may be spam that made it through your list.
>
> Read some of the hits returned by
> .
>
>
Thanks for the info and the search link. Interesting reading (some of it,
anyway). In regard to the controversial aspect of DKIM signing of outgoing
list mail, we moderate all messages, so I'm not too concerned about that
part.

I have DKIM implemented with opendkim and Postfix and messages sent out via
sendmail are signed properly.

However, messages sent out to the list's users by Mailman are not DKIM
signed. Any suggestions?
--
Mailman-Users mailing list Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Giving away the secrets of 99.3% email delivery

2012-05-12 Thread Mark Sapiro 
David wrote:
>
>I have DKIM implemented with opendkim and Postfix and messages sent out via
>sendmail are signed properly.
>
>However, messages sent out to the list's users by Mailman are not DKIM
>signed. Any suggestions?


Is Mailman sending outgoing mail via your local Postfix.

These headers from yor post at


Received: from myhost.hostingprovider.com (localhost [127.0.0.1])
   by localhost (Postfix) with ESMTP id E9CA1123AB;
   Wed,  9 May 2012 21:43:23 + (UTC)
X-Original-To: list at lists.example.com
Delivered-To: list at lists.example.com
Received: from fmailhost01.isp.att.net (fmailhost01.isp.att.net
 [204.127.217.101]) by localhost (Postfix) with ESMTP id 1D84D123A4
 for ; Wed,  9 May 2012 20:52:06 + (UTC)

indicate that it is.

Why such mail would not be DKIM signed by Postfix when mail submitted
via the Postfix sendmail command is DKIM signed by Postfix probably
has to do with the Postfix/opendkim configuration and is not something
I can answer offhand.

-- 
Mark Sapiro The highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan

--
Mailman-Users mailing list Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Giving away the secrets of 99.3% email delivery

2012-05-12 Thread David 
On Sun, May 13, 2012 at 12:51 AM, Mark Sapiro  wrote:

> David wrote:
> >
> >I have DKIM implemented with opendkim and Postfix and messages sent out
> via
> >sendmail are signed properly.
> >
> >However, messages sent out to the list's users by Mailman are not DKIM
> >signed. Any suggestions?
>
>
> Is Mailman sending outgoing mail via your local Postfix.
>

Yes.


> Why such mail would not be DKIM signed by Postfix when mail submitted
> via the Postfix sendmail command is DKIM signed by Postfix probably
> has to do with the Postfix/opendkim configuration and is not something
> I can answer offhand.
>

If you think of anything, please let me know. I have been reading all the
DKIM related posts I can find, both on this list and other places.

For a mailing list, would I have to expand my SigningTable in any way? My
opendkim SigningTable currently only has an entry for
*@list.example.com(which is associated with list._
domainkey.example.com).

But /var/log/mail.log shows a lot of entries like this:

no signing table match for [some member of the list]
>

So I think signing doesn't take place for messages passing through the list
because of the way I set up my SigningTable. But I didn't find any specific
info on setting up a SigningTable for a mailing list.

The mail log file also shows entries like this:

May 12 21:45:42 localhost opendkim[20976]: 55A4C122C5: DKIM-Signature
> header added
>

Although when I manually inspect emails I receive via the list from other
users they are never DKIM signed. (My own messages are signed -- and I
certainly match the signing table. But I can't match the log entries up to
individual users or to list activity, so far; therefore, a number of things
are still unclear.)

(Similarly, my trusted hosts table is limited to my own Mailman/Postfix
server. But I can't imagine it would be wise to change that.)
--
Mailman-Users mailing list Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Giving away the secrets of 99.3% email delivery

2012-05-12 Thread Mark Sapiro 
David wrote:
>
>For a mailing list, would I have to expand my SigningTable in any way? My
>opendkim SigningTable currently only has an entry for
>*@list.example.com(which is associated with list._
>domainkey.example.com).
>
>But /var/log/mail.log shows a lot of entries like this:
>
>no signing table match for [some member of the list]
>>
>
>So I think signing doesn't take place for messages passing through the list
>because of the way I set up my SigningTable. But I didn't find any specific
>info on setting up a SigningTable for a mailing list.
>
>The mail log file also shows entries like this:
>
>May 12 21:45:42 localhost opendkim[20976]: 55A4C122C5: DKIM-Signature
>> header added
>>
>
>Although when I manually inspect emails I receive via the list from other
>users they are never DKIM signed. (My own messages are signed -- and I
>certainly match the signing table. But I can't match the log entries up to
>individual users or to list activity, so far; therefore, a number of things
>are still unclear.)
>
>(Similarly, my trusted hosts table is limited to my own Mailman/Postfix
>server. But I can't imagine it would be wise to change that.)


It seems you have the appropriate information to diagnose your issue,
but you are asking the wrong list.

Try 


-- 
Mark Sapiro The highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan

--
Mailman-Users mailing list Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org