Mailman is a list manager with web front end and built in @@ -12,7 +19,7 @@ documentation describes the configuration of Exim (version 4) to work with Mailman version 2.1
-This document describes how to set up a basic working configuration using Exim 4 as an MTA for the Mailman MLM. The @@ -70,11 +78,9 @@ Mailman or exim is not covered here - the documentation for the programs concerned should be read for this information.
- -For basic operation there is no Mailman configuration needed other than the standard options detailed in the Mailman install @@ -114,8 +120,7 @@ the config file (which is the default mode of operation)
- -The Exim configuration is built so that a list created within Mailman automatically appears to Exim without the need for @@ -152,8 +157,7 @@ enforcement. Remember that the exim daemon needs restarting before it sees configuration changes.
- -First, you need to add some macros to the top of your Exim
config file. These just make the routers and transport below a
@@ -192,8 +196,7 @@
MM_LISTCHK=MM_HOME/lists/${lc::$local_part}/config.pck
-
- Exim Router
+
This router picks up all the addresses going to the Mailman
lists. Initially it selects only the domains that have may have
@@ -214,16 +217,15 @@
require_files = MM_LISTCHK
local_part_suffix_optional
local_part_suffix = -admin : \
- -bounces : -bounces+* : \
+ -bounces : -bounces+* : \
-confirm : -confirm+* : \
- -join : -leave : \
- -owner : -request : \
- -subscribe : -unsubscribe
+ -join : -leave : \
+ -owner : -request : \
+ -subscribe : -unsubscribe
transport = mailman_transport
-
- Exim Transport
+
The transport for Exim 4 can be placed anywhere where under the begin transports line of your Exim config file.
@@ -250,8 +252,7 @@ - -Exim has a lot configurability, especially where the ACL (Access Control Lists) used during SMTP reception are concerned. @@ -261,8 +262,7 @@ filtering traffic that is going into the mailing list, however
- -Exim's receiver verification feature is very useful -- it lets
Exim reject unrouteable addresses at SMTP time. However, this is
@@ -309,8 +309,7 @@
accept hosts = 127.0.0.1
-
- Tuning of numbers of recipients
+
By default Mailman will send up to 500 recipients on each message it injects into exim. However this is not necessarily a @@ -344,11 +343,9 @@ issue if you are pushing your system near its operational limits.
- -VERP (Variable Envelope Return Paths) encodes the (original) receipient address @@ -365,7 +362,7 @@ (return path), for each of your subscribers - this means that it will generate more traffic since you cannot bundle up deliveries together. An analysis + href="http://www.python.org/cgi-bin/faqw-mm.py?req=show%26file=faq04.012.htp">analysis of the costs of VERP can be found in the Mailman FAQ Wizard.
@@ -409,8 +406,7 @@ day, so ideally this approach should only be taken if the lists have more than 20 message per day throughput. - -Mailman can also personalise each message it sends out on a list. This allows, for example, the recipient's own address to @@ -434,8 +430,7 @@ interface a new set of options has appeared in the Non-digest options section.
- -One drawback of VERP is that as well as increasing the bandwidth outgoing mail requires, it also causes Mailman to send @@ -465,14 +460,15 @@ mailman_verp_router: driver = dnslookup # we only consider messages sent in through loopback - condition = ${if eq{$sender_host_address}{127.0.0.1}{yes}{no}} + condition = ${if or{{eq{$sender_host_address}{127.0.0.1}} + {eq{$sender_host_address}{::1}}}{yes}{no}} # we do not do this for traffic going to the local machine domains = !+local_domains:!+mm_domains ignore_target_hosts = <; 0.0.0.0; \ + 64.94.110.11; \ 127.0.0.0/8; \ - ::1/128; \ - fe80::/10; \ - ff00::/8 + ::1/128;fe80::/10;fe \ + c0::/10;ff00::/8 # only the un-VERPed bounce addresses are handled senders = "*-bounces@*" transport = mailman_verp_smtp @@ -496,8 +492,7 @@ max_rcpt = 1 # Errors-To: may carry old return_path headers_remove = Errors-To - headers_add = Errors-To: \ - ${local_part:$return_path}+$local_part=$domain@${domain:$return_path} + headers_add = Errors-To: ${return_path}
Once this has been configured, Mailman can be set to not do @@ -513,8 +508,7 @@
If you have set personalisation on any list, this will still be handled, and VERPed, by Mailman.
- -One approach to handling virtual domains is to use a separate Mailman installation for each virtual domain. (Currently, this is @@ -530,8 +524,7 @@
and modify the mm_domains domain list appropriately.
- -Most list policy handling is done within Mailman using the Web GUI. However some issues may be better handled by the MTA, @@ -550,8 +543,7 @@ causes Mailman generated traffic to bypass the machine intensive checks.
- -I would recommend that mailing lists now scan for both spam and viruses on incoming mail - this is due to the potential for a @@ -583,8 +575,7 @@ which have a given spam rating (as well as bouncing messages with a very high rating).
- -You may wish to apply various checks to incoming messages to ensure that they are sane. These may include:-
@@ -600,8 +591,7 @@ may alienate by imposing too strict a set of controls, and balance that against the reduced amount of unwanted bulk mail. - -Lists should never receive bounce messages to the posting address unless the bounced message is either a forgery using the @@ -613,7 +603,7 @@
# Reject bounce (null sender) messages to the list
- reject message = "Recipient never sends mail so cannot cause bounces"
+ deny message = "Recipient never sends mail so cannot cause bounces"
senders = :
domains = +mm_domains
condition = ${if exists{MM_LISTCHK} {yes}{no}}
@@ -626,18 +616,17 @@
# Reject bounce (null sender) messages to the list
- reject message = "Recipient never sends mail so cannot cause bounces"
+ deny message = "Recipient never sends mail so cannot cause bounces"
senders = :
domains = +mm_domains
local_parts = \N^.*-(admin|join|leave|owner|request)$\N
- reject message = "Recipient never sends mail so cannot cause bounces"
+ deny message = "Recipient never sends mail so cannot cause bounces"
senders = :
domains = +mm_domains
local_parts = \N^.*-(subscribe|unsubscribe)$\N
-
- SMTP callbacks
+ SMTP callbacks
Exim's SMTP callback feature is an even more powerful way to
detect bogus sender addresses than normal sender verification.
@@ -656,7 +645,7 @@
# Do callback verification unless Mailman incoming bounce
- reject !local_parts = *-bounces : *-bounces+*
+ deny !local_parts = *-bounces : *-bounces+*
!verify = sender/callout=30s,defer_ok
@@ -666,8 +655,7 @@
especially when the message is going to Mailman's bounce
processor
-
- List verification
+ List verification
This is how a set of address tests for the Exim lists look on a
working system. The list in question is
@@ -679,15 +667,15 @@
% exim -bt testlist@list.example.com
testlist@list.example.com
router = mailman_router, transport = mailman_transport
-
+
% exim -bt testlist-request@list.example.com
testlist-request@list.example.com
router = mailman_router, transport = mailman_transport
-
+
% exim -bt testlist-bounces@list.example.com
testlist-bounces@list.example.com
router = mailman_router, transport = mailman_transport
-
+
% exim -bt testlist-bounces+luser=example.com@list.example.com
testlist-bounces+luser=example.com@list.example.com
router = mailman_router, transport = mailman_transport
@@ -699,8 +687,7 @@
that your Exim/Mailman installation is functioning perfectly,
though!
-
- Possible Problems
+ Possible Problems
Like many documents of this type, it has evolved and taken on contributions by many many helpful folks, mainly those on the Mailman and exim mailing lists. To all of you, who have made @@ -750,6 +753,6 @@ You.