From owner-freebsd-ports@freebsd.org Fri Apr 22 11:50:01 2016 Return-Path: Delivered-To: freebsd-ports@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5D5D4B18718 for ; Fri, 22 Apr 2016 11:50:01 +0000 (UTC) (envelope-from jim@ohlste.in) Received: from mail-qg0-x243.google.com (mail-qg0-x243.google.com [IPv6:2607:f8b0:400d:c04::243]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 17A361827 for ; Fri, 22 Apr 2016 11:50:01 +0000 (UTC) (envelope-from jim@ohlste.in) Received: by mail-qg0-x243.google.com with SMTP id f74so8392273qge.3 for ; Fri, 22 Apr 2016 04:50:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ohlste-in.20150623.gappssmtp.com; s=20150623; h=subject:to:references:cc:from:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding; bh=mliSA7I7UuC8/4hI7V6AEPcd5MqIowbjPBoafDmqGCQ=; b=pOnSMtFkLqYvwhJFRsmS/6kLgr6u1qdMz55yANxr6nEegB80FDs8RyVEk0vRE2B7f9 DPy1I5jEgSgww/KFa7Liu7ibuyyB0vB4esuwmLd8Db3RrPDYOELcjKLEXXCwSlmEWvLR vOv5sYyMuaIpYHo2SaeqVBmFP0LyCbKOCLILYq8Vdc+xaGm27TPMj2XGzLq2DEJh+mPA UuZ35L7G0crvZY4UfWFMWuHPHn3vX4Sy514IQvnj6QVtmuIXm5qyZqSE/3noFr8ri+lw 6+bMC4bvgtUaNwn7G2cXy5Ux7wjxD8eWvcdr7NpR6+WU+bf4I5lEqSB8GSSP9Vskoj+y 0JDA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:to:references:cc:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=mliSA7I7UuC8/4hI7V6AEPcd5MqIowbjPBoafDmqGCQ=; b=m445WOS9V1vYs0q6oukxC794D95dQVzkT4W+1yTgVgnNiZu1+vV73P4Wd4OUIuhoZS mVJkmRcNBmadW2KSd8IezeFrUWC9nfjJgHGD6eA4cxrZxJJ06U52nmK5zXJZQYO4UK7w 8T4zyXbAfyzN0WxNOPL9j4dsAjsSJ5rkJlaIxbSbad3xlB0r8OakCwiD6qOo1vOyNFhs F6ifLxqC5uVNoqKz71soTw1dBnveGhl6cDiAxJfNKJ/F89rslJ40RRm/rusMKSLLovLP RnWfsIj/SJD3AkeVJoI5l32eAqCgHRPZoVGbOcU+m7qfXi35HUos80imjoAGi+WOVCfw cMiQ== X-Gm-Message-State: AOPr4FUV4vn6tA9r48/e8GuWiOW8+atJ48quFbDAlNQBNElFT3jIqzYBjoUB46jdSzlJtA== X-Received: by 10.140.106.11 with SMTP id d11mr20900947qgf.80.1461325800122; Fri, 22 Apr 2016 04:50:00 -0700 (PDT) Received: from [192.168.1.18] (pool-96-249-243-37.nrflva.fios.verizon.net. [96.249.243.37]) by smtp.googlemail.com with ESMTPSA id b40sm1617259qga.47.2016.04.22.04.49.58 (version=TLSv1/SSLv3 cipher=OTHER); Fri, 22 Apr 2016 04:49:58 -0700 (PDT) Subject: Re: Mailman in a jail To: Kristof Provost References: <5718F000.7010405@ohlste.in> <20160422100536.GA3891@vega.codepro.be> <27619B4D-B051-43C8-825A-84171ECFE1D6@ohlste.in> Cc: FreeBSD Ports ML , matthew@FreeBSD.org, 000.fbsd@quip.cz, crest@rlwinm.de, freebsd@skysmurf.nl, rde@tavi.co.uk, david@catwhisker.org From: Jim Ohlstein Message-ID: <571A0FE5.9060906@ohlste.in> Date: Fri, 22 Apr 2016 07:49:57 -0400 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:38.0) Gecko/20100101 Thunderbird/38.7.2 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Apr 2016 11:50:01 -0000 Hello On 4/22/16 7:20 AM, Kristof Provost wrote: > >> On 22 Apr 2016, at 13:11, Jim Ohlstein > > wrote: >>> The main gotcha with Mailman is that it defaults to supporting Sendmail. >>> It actually needs to be rebuilt to work with postfix. That's the first >>> thing to look at. Did you install from ports or with pkg? >> >> I built it with poudriere using the Postfix option. >> > Okay, that’s good. I did exactly the same ;) > > It’s not quite clear to me if your problem is getting Postfix to deliver > to mailman, or mailman to postfix. > > In my setup the list is on a separate (virtual) domain, and uses an > aliases file > (alias_maps = hash:/etc/aliases, hash:/usr/local/mailman/data/aliases). > That file is maintained by mailman and will have things like 'test: > "|/usr/local/mailman/mail/mailman post test”’ in it. > > Return delivery (i.e. mailman sending mail) is done using the DirectSMTP > module. My ‘SMTPHOST’ is set to the hostname of the jail (so to an IP > address the postfix is listening on). If you’ve still got that set to > the default of ‘localhost’ that might also explain your problems. > It might also be worth playing with telnet inside the jail and > confirming that you can talk to your postfix that way. > That was the problem. I more or less figured it out late last night when I looked at the mail logs of the front end server. My setup is like this: web <--> fontend SSL termination/load balancer/cache <--> multiple backends (not web accessible) Mailman is installed in in a jail in a backend server. That jail has a FQDN and it matches that of Mailman (lists.mydomain.com). So in ~mailman/Mailman/mm_cfg.py I had: SMTPHOST = 'lists.mydomain.com' as instructed by the port upon installation. That wound up having Mailman looking for the _real_ IP of that FQDN for the outgoing mail server, which led it back to the frontend server to which that IP is actually bound. That Postfix installation refused to relay because the IP range of that backend server was not allowed in "mynetworks" in its main.cf. Allowing that IP range on Postfix on the frontend server got outgoing mail working late last night. It was a fairly inelegant solution but it worked. Editing ~mailman/Mailman/mm_cfg.py as follows got it working in the jail: - SMTPHOST = 'lists.mydomain.com' + SMTPHOST = 'jail.ip.address' What confused me were the port's instructions and the fact that the Mailman actually resolved the FQDN and looked for that IP externally. Thanks to everyone who helped. I'm a bit embarrassed at the simplicity of the solution. -- Jim Ohlstein "Never argue with a fool, onlookers may not be able to tell the difference." - Mark Twain