User Tools

Site Tools


build:lists

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
build:lists [2007/07/22 23:48]
24.207.253.154 Added info about log files. (CMB)
build:lists [2018/05/28 03:34] (current)
SLUUG Administration [Logs]
Line 1: Line 1:
-====== ​Mailing Lists ======+====== ​MailMan ​======
  
-We originally considered using Majordomo, but then decided to go with Mailman.+We originally considered using Majordomo, but then decided to go with Mailman. ​There are several advantages of MailMan over Majordomo:
  
-====== Mailman ====== 
- 
-=====Choosing Mailman===== 
   - Newer   - Newer
   - Better docs   - Better docs
Line 12: Line 9:
   - Tool for member migration from majordomo   - Tool for member migration from majordomo
   - htdig patch   - htdig patch
- 
  
 The initial installed version was mailman 2.1.9 installed on 11/18/06 by Jeff Muse. The initial installed version was mailman 2.1.9 installed on 11/18/06 by Jeff Muse.
  
-=====Install Notes=====+===== Installation ​=====
  
 [[http://​www.gnu.org/​software/​mailman/​index.html]] [[http://​www.gnu.org/​software/​mailman/​index.html]]
Line 26: Line 22:
  
 We also used a patch from [[http://​www.openinfo.co.uk/​mm/​patches/​444884/​index.html]] to enable searching list archives via htdig. We also used a patch from [[http://​www.openinfo.co.uk/​mm/​patches/​444884/​index.html]] to enable searching list archives via htdig.
- 
- ===== 
  
 =====Preface===== =====Preface=====
Line 47: Line 41:
 [[http://​www.openinfo.co.uk/​mm/​patches/​444884/​index.html]]. ​ [[http://​www.openinfo.co.uk/​mm/​patches/​444884/​index.html]]. ​
 Put both in /​usr/​local/​src. Put both in /​usr/​local/​src.
- 
- 
  
 =====Create User and Group===== =====Create User and Group=====
Line 58: Line 50:
 =====Install Dependencies===== =====Install Dependencies=====
 <​code>​ <​code>​
-sudo apt-get install htdig htdig-doc gawk libdb2 ​lockfile-progs gettext +sudo apt-get install htdig htdig-doc gawk lockfile-progs gettext 
-sudo apt-get install ​python2.4-dev+sudo apt-get install ​python-dev
 </​code>​ </​code>​
  
-Create system link from python to python2.4 ​ 
-<code root> 
-sudo update-alternatives /​usr/​bin/​python python /​usr/​bin/​python2.4 1 
-</​code>​ 
  
 +NOTE: MailMan requires at least Python 2.4. Debian 4.0 meets this requirement. Debian 3.1 did not, so we had to install Python 2.4 and use update-alternatives to make it the default version. Debian 3.1 also required installing libdb2.
  
-Rebuild: We did not need to install libdb2. Debian 4.0 now uses python-2.4.4 as the default, so we did not do the update-alternatives step. 
  
 =====Pre-installation Steps===== =====Pre-installation Steps=====
-As root, create /​usr/​local/​mailman-2.1.9, make it owned by group mailman, and chgrp 2775 /​usr/​local/​mailman.+As root, create ​the Mailman directory, set its ownership and permissions:​ 
 +<code rootshell>​ 
 +mkdir /​usr/​local/​mailman-2.1.9 
 +chown mailman ​/​usr/​local/​mailman-2.1.9 
 +chmod 2775 /​usr/​local/​mailman-2.1.9 
 +ln -s mailman-2.1.9 /​usr/​local/​mailman 
 +</​code>​
  
 =====Extract and Prepare Source===== =====Extract and Prepare Source=====
-The Debian Mailman package did not include search ​capibility. To enable search Mailman has to be compiled with htdig. ​ Extract the source file into /​usr/​local/​src/​mailman-2.1.9 and move the patch into that directory. gunzip the patch. ​+The Debian Mailman package did not include search ​capability. To enable search Mailman has to be compiled with htdig. ​ Extract the source file into /​usr/​local/​src/​mailman-2.1.9 and move the patch into that directory. gunzip the patch. ​
  
 Disable most language support. This is an ugly hack to get around a problem with Japanese-language support in python on Debian Etch. Comment out the following line in messages/​Makefile.in:​ Disable most language support. This is an ugly hack to get around a problem with Japanese-language support in python on Debian Etch. Comment out the following line in messages/​Makefile.in:​
Line 129: Line 123:
 </​code>​ </​code>​
  
-=====Apache===== +=====Apache ​configuration for all lists===== 
-Then edit /​etc/​apache2/​sites-available/​www.sluug.org and add:+Then edit /​etc/​apache2/​sites-available/​000-www.sluug.org and add:
  
 <code root> <code root>
 +        # Mailing list archives using Mailman
         ScriptAlias /mailman/ /​usr/​local/​mailman/​cgi-bin/​         ScriptAlias /mailman/ /​usr/​local/​mailman/​cgi-bin/​
-     ​Alias /pipermail/ /​usr/​local/​mailman/​archives/​public/​ + Alias /pipermail/ /​usr/​local/​mailman/​archives/​public/​
-     <​Directory /​usr/​local/​mailman/​archives/​public/>​ +
-        ​Options FollowSymlinks +
- AuthType Basic +
-           ​AuthName "SLUUG Discussion Archive Access"​ +
-           ​AuthUserFile /​etc/​apache2/​passwords +
- Require valid-user +
-     </​Directory>​+
 </​code>​ </​code>​
  
 =====Protect with Password===== =====Protect with Password=====
 +Do this for lists that have their archives password protected to prevent e-mail address harvesting. ​ If a list's archives are not password protected, this section is not needed for that list.  At this time, the discuss and steercom lists share the discuss list's password, while the sysadmin list has a separate password.
 +  * For the discuss list:
 +      * Directory /​usr/​local/​mailman/​archives/​public/​discuss
 +      * AuthName "SLUUG Discussion Archive Access"​
 +      * AuthUserFile /​etc/​apache2/​discuss-passwords
 +      * Username for the htpasswd command: ​ discuss
 +  * For the steercom list:
 +      * Directory /​usr/​local/​mailman/​archives/​public/​steercom
 +      * AuthName "SLUUG Discussion Archive Access"​
 +      * AuthUserFile /​etc/​apache2/​discuss-passwords
 +      * Username for the htpasswd command: ​ Don't create one, use the one created for the discuss list.
 +  * For the sysadmin list:
 +      * Directory /​usr/​local/​mailman/​archives/​public/​sysadmin
 +      * AuthName "SLUUG Sysadmin Archive Access"​
 +      * AuthUserFile /​etc/​apache2/​sysadmin-passwords
 +      * Username for the htpasswd command: ​ sysadm
 +
 +====Tell Apache to use password protection====
 +Edit /​etc/​apache2/​sites-available/​000-www.sluug.org and <​del>​add a new directory section</​del>,​ filling in the directory where the archive is stored, the name of the list for the AuthName, and the file with the password.
 +<code root>
 +        # Define password protection for this list's archives
 + <​Directory /​usr/​local/​mailman/​archives/​public/​CUSTOM>​
 + Options FollowSymlinks
 + AuthType Basic
 + AuthName "SLUUG CUSTOM Archive Access"​
 + AuthUserFile /​etc/​apache2/​CUSTOM-passwords
 + Require valid-user
 + </​Directory>​
 +</​code>​
 +
 +===Security holes===
 +
 +In 2018, on amber, it was found there were two major holes that allowed bots
 +to access all mailing list contents:
 +  - Each archived posting has two URLs, ''/​pipermail/''​ and  ''/​mailman/​htdig/'',​ however only the first is protected.
 +  - The sluug.org and stlwebdev.org archives are defined in separate config files, and only protect the lists defined in each, but all lists are accessible through either domain.
 +
 +Therefore, the above ''<​Directory>''​ sections were replaced with
 +''<​LocationMatch>''​ sections that first denied all access to the two URLs,
 +then allowed password protected access to to selected lists available through
 +that domain. ​ Also unlimited access to two lists used for announcements.
 +Any list not overridden by a subsequent section will be blocked by the
 +first global section.
 +Using wildcards allowed protecting both URL paths without duplicating all the
 +password statements.
 +
 +<​code>​
 +    # Heavy use of symbolic links in Mailman configuration
 +    <​Directory /​usr/​local/​mailman/​archives/​public>​
 +        Options FollowSymlinks
 +    </​Directory>​
 +
 +    # Block all access to other lists' archives
 +    # Alternate path to same files via htdig search results
 +    <​LocationMatch "​^(/​mailman/​htdig|/​pipermail)">​
 +        Order allow,deny
 +        Deny from all
 +    </​LocationMatch>​
 +
 +    # Define password protection for this list's archives
 +    # For all these lists: discuss steercom jobs test*
 +    # Alternate path to same files via htdig search results
 +    <​LocationMatch "​^(/​mailman/​htdig/​(discuss|steercom|jobs|test)|/​pipermail/​(discuss|steercom|jobs|test))">​
 +        Allow from all
 +        AuthType Basic
 +        AuthName "SLUUG Discussion Archive Access"​
 +        AuthUserFile /​etc/​apache2/​discuss-passwords
 +        Require valid-user
 +    </​LocationMatch>​
 +
 +    # Define password protection for this list's archives
 +    # For sysadmin list only
 +    # Alternate path to same files via htdig search results
 +    <​LocationMatch "​^(/​mailman/​htdig/​sysadmin|/​pipermail/​sysadmin)">​
 +        Allow from all
 +        AuthType Basic
 +        AuthName "SLUUG Sysadmin Archive Access"​
 +        AuthUserFile /​etc/​apache2/​sysadmin-passwords
 +        Require valid-user
 +    </​LocationMatch>​
 +
 +    # No password protection for this list's archives
 +    # For all these lists: announce users
 +    # Alternate path to same files via htdig search results
 +    <​LocationMatch "​^(/​mailman/​htdig/​(announce|users)|/​pipermail/​(announce|users))">​
 +        Allow from all
 +    </​LocationMatch>​
 +</​code>​
 +
 +All common parts of the port 80 and port 443 ''<​VirtualHost>''​ definitions
 +were moved to a common file to eliminate complete duplication.
 +
 +Make similar changes to the stlwebdev web site definition.
 +====Create the  password file====
 +The name of the file matches the AuthUserFile configuration statement. ​ The username for the htpasswd command is whatever is used for that password file.  You will be prompted for the password by the htpasswd command.
 <code root> <code root>
 cd /​etc/​apache2/​ cd /​etc/​apache2/​
-sudo htpasswd -c passwords ​discuss +sudo htpasswd -c CUSTOM-passwords ​CUSTOM 
-sudo chown root:​www-data passwords +sudo chown root:​www-data ​CUSTOM-passwords 
-sudo chmod 640 passwords+sudo chmod 640 CUSTOM-passwords 
 +</​code>​ 
 + 
 +=====Have Apache recognize the configuration file changes===== 
 +<code root>
 sudo /​etc/​init.d/​apache2 reload sudo /​etc/​init.d/​apache2 reload
 </​code>​ </​code>​
Line 206: Line 293:
 </​code>​ </​code>​
  
 +Edit ''​crontab''​ before or after installation to:
 +  * Comment the ''​gate_news''​ entry. ​ We are not using any usenet gateway.
 =====Copy Apache Images to Mailman===== =====Copy Apache Images to Mailman=====
 <code root> <code root>
Line 252: Line 341:
 $sudo /​etc/​init.d/​mailman restart $sudo /​etc/​init.d/​mailman restart
 </​code>​ </​code>​
 +
 +**Even though the following sections might refer to only the discuss and steercom lists, the announce, sysadmin, test, testing, and users lists also were created. ​ This probably needs to be reworked as a generic procedure for any new lists added in the future.**
  
 ====Create Lists==== ====Create Lists====
Line 304: Line 395:
  
 There'​s a cron job that gzip's the monthly archives for all the lists. There'​s a cron job that gzip's the monthly archives for all the lists.
 +
 +On dark only, change the first alias in /​etc/​mail/​aliases for the list from @mail.sluug.org to @sluug.org (because @mail.sluug.org currently goes to michelob and @sluug.org goes to bud).  On michelob only, uncomment the alias that redirects to @sluug.org and comment out the block of Majordomo aliases for the list.  Run newaliases on both systems.
  
 ====Create List Descriptions==== ====Create List Descriptions====
Line 324: Line 417:
 In both administrative interfaces, where it says "Where are replies to list messages directed? Poster is strongly recommended for most mailing lists.",​ check "This list". In both administrative interfaces, where it says "Where are replies to list messages directed? Poster is strongly recommended for most mailing lists.",​ check "This list".
  
-====Archive Locations====+====Archives==== 
 + 
 +We changed the template for archive index entries, to show the date and time of each post. This was done by editing ''/​usr/​local/​mailman/​templates/​en/​archidxentry.html''​. We also had to modify ''/​usr/​local/​mailman/​Mailman/​Archiver/​HyperArch.py''​ to send the date string to the template: 
 + 
 +<code diff> 
 +--- /​usr/​local/​mailman-2.1.9/​templates/​en/​archidxentry.html.ORIGINAL ​   2007-06-13 14:​20:​00.000000000 -0500 
 ++++ /​usr/​local/​mailman-2.1.9/​templates/​en/​archidxentry.html ​    ​2007-07-23 00:​05:​04.000000000 -0500 
 +@@ -1,4 +1,4 @@ 
 + <​LI><​A HREF="​%(filename)s">​%(subject)s 
 + </​A><​A NAME="​%(sequence)i">&​nbsp;</​A>​ 
 +-<​I>​%(author)s 
 ++<​I>​%(author)s <span style="​font-size:​50%%;">​(%(datestr)s)</​span>​ 
 + </​I>​ 
 +--- /​usr/​local/​mailman-2.1.9/​Mailman/​Archiver/​HyperArch.py.ORIGINAL ​    ​2007-06-13 14:​19:​59.000000000 -0500 
 ++++ /​usr/​local/​mailman-2.1.9/​Mailman/​Archiver/​HyperArch.py ​     2007-06-14 14:​22:​30.000000000 -0500 
 +@@ -1213,7 +1213,8 @@ 
 +             '​filename':​ urllib.quote(article.filename),​ 
 +             '​subject': ​ subject, 
 +             '​sequence':​ article.sequence,​ 
 +-            '​author': ​  ​author 
 ++            '​author': ​  ​author,​ 
 ++            '​datestr': ​ article.datestr 
 +         } 
 +         print quick_maketext( 
 +             '​archidxentry.html',​ d, 
 +</​code>​ 
 + 
 +We ran into some problems using a % character in the templates (to specify a 50% font size). The % character is used to delimit variable substitution,​ so to make it work (instead of printing just the variable names) we had to double the % sign to have it print a literal % character. 
 Discuss archives are at [[http://​bud.sluug.org/​pipermail/​discuss/​]]. List info is at [[http://​bud.sluug.org/​mailman/​listinfo/​discuss]]. Discuss archives are at [[http://​bud.sluug.org/​pipermail/​discuss/​]]. List info is at [[http://​bud.sluug.org/​mailman/​listinfo/​discuss]].
  
Line 331: Line 452:
 I haven'​t moved sysadmin over, because it looks like it has a different password protection scheme than the other lists. I haven'​t moved sysadmin over, because it looks like it has a different password protection scheme than the other lists.
  
 +===== List Configuration =====
  
 +Each of our lists will be a little different. Configuration of most settings is done via the admin web interface.
  
 +==== ANNOUNCE ====
 +Under **Privacy Options / Sender Filters**, we changed the following, in order to keep the list admins from getting all the spams that are sent to the list by non-members:​
  
-----+  * hold_these_nonmembers:​ add a few trusted source email addresses 
 +  * generic_nonmember_action:​ Discard 
 +  * forward_auto_discards:​ No
  
-=====Links:=====+==== DISCUSS ==== 
 +Not sure what we changed. 
 + 
 +===== Links to Our Lists =====
  
 Create new mailing lists at [[http://​bud.sluug.org/​mailman/​create]] Create new mailing lists at [[http://​bud.sluug.org/​mailman/​create]]
Line 348: Line 478:
 Configure the bud_test list at [[http://​bud.sluug.org/​mailman/​admin/​bud_test/​]] Configure the bud_test list at [[http://​bud.sluug.org/​mailman/​admin/​bud_test/​]]
  
-=====Mailman TODO:=====+=====Creating lists for virtual domains=====
  
-  ​We should probably SSL-require the administrative pages for mailman.+Make sure your domain'​s MX records point to bud.sluug.org
  
-  ​We need to test mailman with some of the majordomo archives from +Make sure your domain is included in virtual_alias_maps in /​etc/​postfix/​main.cf
-michelob.+
  
 +* In /​etc/​postfix/​virtual,​ add a new entry for your list. The LHS should be the address to which users send their posts, and the RHS should be the name of the list you are creating (no domain part, just the list name).
 +
 +* Run 
 +
 +<code root>
 +# postmap /​etc/​postfix/​virtual
 +</​code>​
 +
 +* In /​usr/​local/​mailman/​Mailman/​mm_cfg.py,​ add your domain to POSTFIX_STYLE_VIRTUAL_DOMAINS. If there needs to be more than one domain set in POSTFIX_STYLE_VIRTUAL_DOMAINS,​ this variable probably needs to be set in python list syntax. ​
 +
 +* Restart mailman
 +
 +<code root>
 +# /​etc/​init.d/​mailman restart
 +</​code>​
 +
 +* Create a new vhost in /​etc/​apache2/​sites-available for your virtual domain if it doesn'​t already exist. Using /​etc/​apache2/​sites-available/​www.sluug.org as an example, copy the mailman <​directory>​ containers into your vhost, making sure to update passwords, descriptions,​ and archive paths as necessary.
 +
 +* Restart apache
 +
 +<code root>
 +# apache2ctl graceful
 +</​code>​
 +
 +* Create your list
 +
 +<code root>
 +#/​usr/​local/​mailman/​bin/​newlist list@domain
 +</​code>​
 +
 +You will be prompted for the email address of a list admin and for an administrative password for the list. Check that email account for a welcome mail. Go to the admin URL in that mail and select "​Privacy Options"​->"​Recipient Filters"​. Add your list's email address to the box labeled "Alias names (regexps) which qualify as explicit to or cc destination names for this list." If you don't, all posts to your new list will be held for admin approval with a message about implicit destinations.
 +
 +* Send some test mails to verify that the list is working as expected.
 +
 +Currently we are hosting announce@stlwebdev.org and discuss@stlwebdev.org.
 +
 +
 +=====Mailman TODO:=====
 +
 +  * We should probably SSL-require the administrative pages for mailman.
 +  * We need to test mailman with some of the majordomo archives from michelob.
   * We need to set up mailman to handle lists for all of sluug.org   * We need to set up mailman to handle lists for all of sluug.org
 +  * /​usr/​local/​mailman/​bin/​add_members should be run on a list of current subscribers to ANNOUNCE, DISCUSS, SYSADMIN, and STEERCOM. I'm not quite sure how passwords, if any, will be handled.
 +  * We need to copy the archives from michelob to bud and index them via htdig. I'm not sure how htdig and/or apache will handle the compressed files as currently configured.
  
-  * /​usr/​local/​mailman/​bin/​add_members should be run on a list of current +=== Spam Subscriptions ===
-subscribers to ANNOUNCE, DISCUSS, SYSADMIN, and STEERCOM. I'm not quite +
-sure how passwords, if any, will be handled.+
  
-  * We need to copy the archives from michelob ​to bud and index them via +In 2018, it was discovered that one or more criminals were using a 
-htdigI'm not sure how htdig and/or apache will handle ​the compressed files as currently configured.+bot network ​to make repeated subscription requests to multiple lists, 
 +with the intent of SLUUG sending thousands of subscription confirmation 
 +e-mails ​to one address, that would eventually change to the next target. 
 +Looking in the logs, this had been happening for years, with SLUUG sending 
 +over 80k spam confirmations. 
 +This also taxed the SLUUG mail server when hundreds of e-mails were 
 +rejected ​and sitting in the mail queue for retry.
  
 +In response, a local mod was made to ''​subscribe.py''​
 +<code python>
 +sluug_sub_mod1_value = cgidata.getvalue('​sluug_sub_mod1',​ ''​)
 +    if not sluug_sub_mod1_value:​
 +        syslog('​mischief',​ '​Subscribe w/o local mod form field as: %s: %s', email, remote)
 +        results.append(_('​Subscription failed due to internal error!'​))
 +    elif sluug_sub_mod1_value != '​sluug_sub_mod1-20180517':​
 +        syslog('​mischief',​ '​Subscribe w/ wrong local mod form field value %s as: %s: %s', sluug_sub_mod1_value,​ email, remote)
 +        results.append(_('​Subscription failed due to internal error!'​))
 +</​code>​
  
-GENERAL MAIL TODO:+Also modified the generic ''​listinfo.html''​ template and the customized 
 +version for the announce list (no other customized versions needed changes) 
 +to add: 
 +<code html> 
 +<input type="​hidden"​ name="​sluug_sub_mod1"​ value="​sluug_sub_mod1-20180517">​ 
 +</​code>​
  
-  * We need to get virtual users set up in some way. Craig and I discussed +The permanent fix to stop all spam subscriptions is to upgrade ​to a current 
-this, and two options are postfix maps and mysql database. We didn't +release of mailman that includes ​''​SUBSCRIBE_FORM_SECRET''​ and probably other 
-make any decisions. Two particular challenges will be copying existing  +new features ​to combat the bots.
-passwords for POP3/IMAP access and mail filtering (procmail/​maildrop/​whatever). Once we get users set up, we'll need to migrate their mail spools.+
  
-  * We need to get spamassassin working. We particularly need to take a +=== GENERAL MAIL TODO: ===
-look at the performance impact of scanning list mail. This should +
-probably be done incoming list mail only.+
  
-  * We need to get some form of webmail up and running. I'm partial to +  ​* We need to get virtual users set up in some way. Craig and I discussed this, and two options are postfix maps and a mysql database. We didn't make any decisions. Two particular challenges will be copying existing passwords for POP3/IMAP access and mail filtering (procmail/​maildrop/​whatever). Once we get users set up, we'll need to migrate their mail spools. 
-Horde becauses it has a powerful interface and a ton of cool modules. I +  * We need to get spamassassin working. We particularly need to take a look at the performance impact of scanning list mail. This should probably be done incoming list mail only. 
-haven'​t used the password module, but it might be particularly useful +  ​* We need to get some form of webmail up and running. I'm partial to Horde becauses it has a powerful interface and a ton of cool modules. I haven'​t used the password module, but it might be particularly useful for us. See http://​www.horde.org/​accounts/​screenshots/​accounts.png. If we use horde, we'll be using mysql, so that might be the way to go for virtual users.
-for us. See http://​www.horde.org/​accounts/​screenshots/​accounts.png. If +
-we use horde, we'll be using mysql, so that might be the way to go for +
-virtual users.+
  
 That should do it for now - enjoy the rest of the weekend. That should do it for now - enjoy the rest of the weekend.
Line 389: Line 574:
  
 ---- ----
- 
- 
 ====== Notes ====== ====== Notes ======
  
 +===== Logs =====
 Logs are in ''/​usr/​local/​mailman/​logs/''​. The log files are used as follows: Logs are in ''/​usr/​local/​mailman/​logs/''​. The log files are used as follows:
  
Line 399: Line 583:
   * vette - results of admin actions to deferred posts   * vette - results of admin actions to deferred posts
   * bounce - tracks bounces, so failing members can automatically be purged   * bounce - tracks bounces, so failing members can automatically be purged
 +  * mischief - Detected attempts to use mailman that failed, including subscriptions by bots that were blocked.
 +  * error - Problems.
 +  * smtp - All mail activities?
 +  * smtp-failure - All mail problems?
  
 TODO: We should move these to /var/log and put them under log rotation. TODO: We should move these to /var/log and put them under log rotation.
 +See ''​contrib/​*redhat_fhs.patch''​ for a source modification to change
 +log and data file locations.
 +
 +Important information about problems might also be in the Apache server logs.  Currently in ''/​var/​log/​apache2/''​.
 +===== Problems seen =====
 +
 +Following a system reload and restore of mailman directories from backups, searching failed with ''​search failed -12-''​. ​ This turned out to be a missing symbolic link from ''/​usr/​local/​bin/​htsearch''​ to ''/​usr/​lib/​cgi-bin/​htsearch''​. ​ It is not clear if this symbolic link is created automatically htdig, or if it was originally created manually, and left out of the procedure.
  
 ====== TODO ====== ====== TODO ======
build/lists.1185166108.txt.gz · Last modified: 2007/07/22 23:48 by 24.207.253.154