aboutsummaryrefslogtreecommitdiffstats
path: root/README.POSTFIX
blob: d5da5d5738dfaebbce5002cab873f70caf978b25 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
Mailman - The GNU Mailing List Management System
Copyright (C) 2001-2004 by the Free Software Foundation, Inc.
59 Temple Place - Suite 330, Boston, MA 02111-1307, USA


GENERAL SETUP INFORMATION

    Mailman should work pretty much out of the box with a standard
    Postfix installation.  As of this writing I've tested it with
    Postfix 19991231 up to pl13, 200010228 up to pl08, and up to
    Postfix 2.0.15.

    By default, Postfix treats -owner and -request addresses
    specially.  Since we want Postfix to deliver such messages to
    Mailman, you should turn off this option by adding this to your
    main.cf file:

        owner_request_special = no

    In order to support Mailman's optional VERP delivery, you will
    want to disable luser_relay (the default) and you will want to set
    recipient_delimiter for extended address semantics.  You should
    comment out any luser_relay value in your main.cf and just go with
    the defaults.  Also, add this to your main.cf file:

        recipient_delimiter = +

    Using + as the delimiter works well with the default values for
    VERP_FORMAT and VERP_REGEXP in Defaults.py.

    When attempting to deliver a message to a non-existent local address,
    Postfix may return a 450 error code.  Since this is a transient error
    code, Mailman will continue to attempt to deliver the message for
    DELIVERY_RETRY_PERIOD (5 days by default).  You might want to set Postfix
    up so that it returns permanent error codes for non-existent local users
    by adding the following to your main.cf file:

        unknown_local_recipient_reject_code = 550

    Finally, if you are using Postfix-style virtual domains, read the
    section on virtual domain support below.


INTEGRATING POSTFIX AND MAILMAN

    You can integrate Postfix and Mailman such that when new lists are
    created, or lists are removed, Postfix's alias database will be
    automatically updated.  The following are the steps you need to
    take to make this work.

    In the description below, we assume that you've installed Mailman
    in the default location, i.e. /usr/local/mailman.  If that's not
    the case, adjust the instructions according to your use of
    configure's --prefix and --with-var-prefix options.

    - If you are using virtual domains and you want Mailman to honor
      your virtual domains, read the section below first!

    - Add this to the bottom of the $prefix/Mailman/mm_cfg.py file:

      MTA = 'Postfix'

      The MTA variable names a module in Mailman/MTA which contains the
      MTA-specific functions to be executed when a list is created or
      removed.

    - Look at the Defaults.py file for the variables POSTFIX_ALIAS_CMD
      and POSTFIX_MAP_CMD command.  Make sure these point to your
      postalias and postmap programs respectively.  Remember that if
      you need to make changes, do it in mm_cfg.py.

    - Run the genaliases script to initialize your aliases file.

      % cd /usr/local/mailman
      % bin/genaliases

      Make sure that the owner of the data/aliases and data/aliases.db
      file is `mailman' and that the group owner for those files is
      `mailman'.  E.g.:

      % su
      % chown mailman:mailman data/aliases*

    - Hack your Postfix's main.cf file to include the following path
      in your alias_maps variable:

          /usr/local/mailman/data/aliases

      (no trailing .db).  Do not include this in your alias_database
      variable.  This is because you do not want Postfix's newaliases
      command to modify Mailman's aliases.db file, but you do want
      Postfix to consult aliases.db when looking for local addresses.

      You probably want to use a hash: style database for this entry.
      Here's an example:

      alias_maps = hash:/etc/postfix/aliases,
          hash:/usr/local/mailman/data/aliases

    - When you configure Mailman, use the --with-mail-gid=mailman
      switch (actually, this will be the default if you configured
      Mailman after adding the `mailman' owner).  Because the owner of
      the aliases.db file is `mailman', Postfix will execute Mailman's
      wrapper program as uid and gid mailman.

    That's it!  One caveat: when you add or remove a list, the
    aliases.db file will updated, but it will not automatically run
    "postfix reload".  This is because you need to be root to run this
    and suid-root scripts are not secure.  The only effect of this is
    that it will take about a minute for Postfix to notice the change
    to the aliases.db file and update its tables.  I consider this a
    minor inconvenience.


VIRTUAL DOMAINS

    Postfix 2.0 supports "virtual alias domains", essentially what
    used to be called Postfix-style virtual domains in earlier Postfix
    versions.  To make virtual alias domains work with Mailman, you
    need to do some setup in both Postfix and Mailman.  Mailman will
    write all virtual alias mappings to a file called, by default,
    /usr/local/mailman/data/virtual-mailman.  It will also use postmap
    to create the virtual-mailman.db file that Postfix will actually
    use.

    First, you need to set up the Postfix virtual alias domains as
    described in the Postfix documentation (see Postfix's virtual(5)
    manpage).  Note that it's your responsibility to include the
    "virtual-alias.domain anything" line as described manpage; Mailman
    will not include this line in virtual-mailman.  I highly encourage
    you to make sure your virtual alias domains are working properly
    before integrating with Mailman.

    Next, add a path to Postfix's virtual_alias_maps variable,
    pointing to the virtual-mailman file, e.g.:

    virtual_alias_maps = <your normal virtual alias files>,
        hash:/usr/local/mailman/data/virtual-mailman

    assuming you've installed Mailman in the default location.  If
    you're using an older version of Postfix which doesn't have the
    virtual_alias_maps variable, use the virtual_maps variable
    instead.

    Next, in your mm_cfg.py file, you will want to set the variable
    POSTFIX_STYLE_VIRTUAL_DOMAINS to the list of virtual domains that
    Mailman should update.  This may not be all of the virtual alias
    domains that your Postfix installation supports!  The values in
    this list will be matched against the host_name attribute of
    mailing lists objects, and must be an exact match.

    Here's an example:

    Let's say I've set up Postfix to handle the virtual domains
    dom1.ain, dom2.ain, and dom3.ain.  Let's say further that in
    main.cf you've got the following settings:

        myhostname = mail.dom1.ain
        mydomain = dom1.ain
        mydestination = $myhostname, localhost.$mydomain
        virtual_alias_maps =
            hash:/some/path/to/virtual-dom1,
            hash:/some/path/to/virtual-dom2,
            hash:/some/path/to/virtual-dom2

    Let's say further that in virtual-dom1, you've got the following
    lines:

        dom1.ain  IGNORE
        @dom1.ain @mail.dom1.ain

    This tells Postfix to deliver anything addressed to dom1.ain to
    the same mailbox at mail.dom1.com, its default destination.

    In this case you would not include dom1.ain in
    POSTFIX_STYLE_VIRTUAL_DOMAINS because otherwise Mailman will write
    entries for mailing lists in the dom1.ain domain as

        mylist@dom1.ain         mylist
        mylist-request@dom1.ain mylist-request
        # and so on...

    The more specific entries trump your more general entries, thus
    breaking the delivery of any dom1.ain mailing list.

    However, you would include dom2.ain and dom3.ain in mm_cfg.py:

        POSTFIX_STYLE_VIRTUAL_DOMAINS = ['dom2.ain', 'dom3.ain']

    Now, any list that Mailman creates in either of those two domains,
    will have the correct entries written to
    /usr/local/mailman/data/virtual-mailman

    As above with the data/aliases* files, you want to make sure that
    both data/virtual-mailman and data/virtual-mailman.db are user and
    group owned by the `mailman' user/group.  So to get things
    started, set up your virtual domains, run bin/genaliases, and
    check the ownerships of the files.  From here on out, you should
    be good to go.


AN ALTERNATIVE APPROACH

    Fil <fil@rezo.net> has an alternative approach based on virtual
    maps and regular expressions, as described at:

    (French)  http://listes.rezo.net/comment.php
    (English) http://listes.rezo.net/how.php

    This is a good (and simpler) alternative if you don't mind
    exposing an additional hostname in the domain part of the
    addresses people will use to contact your list.  I.e. if people
    should use mylist@lists.dom.ain instead of mylist@dom.ain.

    I have not extensively tested this approach however.



Local Variables:
mode: text
indent-tabs-mode: nil
End: