mailman with suexec (here in a froxlor environment)

The Software GNU mailman is a great mailinglist-tool, which can be installed on a small server, ensuring independence from big companies like google & co.

In my setup, I’m using apache2 together with suexec and postfix. Unfortunately, mailman doesn’t work easy with suexec. I’m also using froxlor, which makes it easy to setup new domains, emails etc. for customers or family. Mailman isn’t integrated in froxlor (there is an outdated custom module, though), so I had to setup something on my own.

Please remember to update the following placeholders in the scripts below:

  • your.ip.add.ress
  • list.yourdomain.tld
  • admin@account

Here’s what I have done:

# Download and extract mailman
mkdir -p ~/work/mailman
cd ~/work/mailman
wget http://ftp.gnu.org/gnu/mailman/mailman-2.1.17.tgz
tar xvfz mailman-2.1.17.tgz
# Add user and group
sudo addgroup mailman
sudo adduser mailman --ingroup mailman
# Secure stuff: no directory, no Login
sudo sed -i 's/mailman:x:\([0-9]*\):\([0-9]*\):Mailman,,,:\/home\/mailman:\/bin\/bash/mailman:x:\1:\2:Mailman,,,:\/nonexistent:\/bin\/false/' /etc/passwd
# We need to identify which is our docroot, we're creating the install dir there.
# This is most certainly "/var/www"
docrootpart=$(sudo /usr/lib/apache2/suexec -V 2>&1 | grep AP_DOC_ROOT | sed 's/.*"\(.*\)"/\1/')
myprefix=${docrootpart}/mailman
sudo mkdir -p $myprefix
cd $myprefix
sudo chgrp mailman .
sudo chmod a+rx,g+ws .
cd ~/work/mailman/mailman-2.1.17
# configure, make and install
./configure --prefix=$myprefix --with-username=mailman --with-groupname=mailman --with-cgi-gid=mailman --with-mail-gid=mailman
make
sudo make install
cd $myprefix
sudo bash -c 'bin/check_perms -f'
# Using information from http://wiki.list.org/pages/viewpage.action?pageId=4030646
sudo chown -R mailman:mailman $myprefix/cgi-bin*
sudo chmod g-w $myprefix/cgi-bin
sudo chmod g-s $myprefix/cgi-bin/*

After this, you now must create the mailman.conf-file at /etc/apache2/conf.d/mailman.conf:

Remember to check your docroot, you might have to change the /var/www below at all occurences. If you’re using SSL, change the 80 to 443 and add all the SSLEngine On etc. lines from your local apache configuration, which pretty much includes everything starting with SSL.

<VirtualHost your.ip.add.ress:80>
        ServerName      list.yourdomain.tld
        ServerAlias     list.yourdomain.tld
        SuexecUserGroup mailman mailman
        DocumentRoot    "/var/www/mailman"
        Alias /pipermail/ /var/www/mailman/archives/public/
        Alias /icons/ /var/www/mailman/icons/
        ScriptAlias /admin /var/www/mailman/cgi-bin/admin
        ScriptAlias /admindb /var/www/mailman/cgi-bin/admindb
        ScriptAlias /confirm /var/www/mailman/cgi-bin/confirm
        ScriptAlias /create /var/www/mailman/cgi-bin/create
        ScriptAlias /edithtml /var/www/mailman/cgi-bin/edithtml
        ScriptAlias /listinfo /var/www/mailman/cgi-bin/listinfo
        ScriptAlias /options /var/www/mailman/cgi-bin/options
        ScriptAlias /private /var/www/mailman/cgi-bin/private
        ScriptAlias /rmlist /var/www/mailman/cgi-bin/rmlist
        ScriptAlias /roster /var/www/mailman/cgi-bin/roster
        ScriptAlias /subscribe /var/www/mailman/cgi-bin/subscribe
        ScriptAlias /mailman/ /var/www/mailman/cgi-bin/
        ScriptAlias / /var/www/mailman/cgi-bin/listinfo
<Directory "/var/www/mailman/archives/public/">
        AddDefaultCharset off
</Directory>
</VirtualHost>

Now restart the apache webserver:

sudo service apache2 restart

Mailman is now available under http://list.yourdomain.tld/mailman/create (shouldn’t throw any errors anymore). Do NOT create a mailing list just yet. If you’re still getting errors like 500 (Internal Server Error), check your log files, especially your suexec.log, probably located at /var/log/apache2/suexec.log

# Change postfix configuration
# http://www.list.org/mailman-install/node12.html
sudo bash -c 'echo "recipient_delimiter = +" >>/etc/postfix/main.cf'
sudo bash -c 'echo "unknown_local_recipient_reject_code = 550" >>/etc/postfix/main.cf'
# Change mailman configuration
# http://www.list.org/mailman-install/postfix-integration.html
cd $myprefix/Mailman
sudo bash -c 'echo "MTA = '\''Postfix'\''" >>mm_cfg.py'
cd $myprefix
# Generate aliases
sudo bin/genaliases
sudo chown mailman:mailman data/aliases*
sudo chmod g+w data/aliases*
sudo sed -i 's/alias_maps\ =\ \$alias_database/alias_maps\ =\ \$alias_database,hash:\/var\/www\/mailman\/data\/aliases/' /etc/postfix/main.cf

Mailman is now configured, let’s create our first mailling list, this must be the „mailman“-list, this is only an internal mailing list.

## Configure mailman internal
# maillinglist "mailman"
cd $myprefix
sudo bin/newlist mailman
# Configure siteliste (use default)
sudo bin/config_list -i data/sitelist.cfg mailman
# Enable cron - make sure to change the MAILTO-Information to your email!
# http://www.list.org/mailman-install/node41.html
cd $myprefix/cron
sudo bash -c 'echo "MAILTO=admin@account" >crontab.ok'
sudo bash -c 'cat crontab.in >>crontab.ok'
sudo crontab -u mailman crontab.ok
# Add virtual host (here: list.yourdomain.tld)
cd $myprefix/Mailman
sudo bash -c 'echo "add_virtualhost('\''list.yourdomain.tld'\'')" >>mm_cfg.py'
# Now as we're super-secure, we're adding the https-Information
# Make sure that this is supported by your webserver and fully configured, otherwise skip the next two lines!
sudo bash -c 'echo "DEFAULT_URL_PATTERN = '\''https://%s/mailman/'\''" >>mm_cfg.py'
sudo bash -c 'echo "PUBLIC_ARCHIVE_URL = '\''https://%(hostname)s/pipermail/%(listname)s'\''" >>mm_cfg.py'
# Default-Host
sudo bash -c 'echo "DEFAULT_EMAIL_HOST = '\''list.yourdomain.tld'\''" >>mm_cfg.py'
sudo bash -c 'echo "DEFAULT_URL_HOST = '\''list.yourdomain.tld'\''" >>mm_cfg.py'
# for ubuntu/debian, we're adding the startup-script and enable mailman to run after reboot
# http://www.list.org/mailman-install/node42.html
sudo cp $myprefix/scripts/mailman /etc/init.d/mailman
sudo update-rc.d mailman defaults
sudo /etc/init.d/mailman start
# Set asswords
sudo $myprefix/bin/mmsitepass

You’re all set, mailman is fully operational and running. Here’s the example on how to add a list „yourlist“ in mailman. This will create the list and uses to configuration options: Replies always go to the list, and the information written in the mailinglist is NOT open for the internet to see, making this a private list.

  1. Go to https://list.yourdomain.tld/mailman/create
  2. After creating the list, go to the admin-page of the list:
  3. https://list.yourdomain.tld/mailman/admin/yourlist
  4. Login with the mailed password
  5. reply_goes_to_list –> this list
  6. archive_private –> private

5 Gedanken zu „mailman with suexec (here in a froxlor environment)

  1. Thanks a lot for this tuorial.

    Here some Hints for other People:
    First I had some Problems installing mailman because of Python DNSpython and another Isue. So I first unistall python with apt-get purge python then I installed apt-get install python-dev and also apt-get install python-pip and then pip install dnspython. Then configuration, make and make install of mailman 2.1.18 worked fine.

    Now I have the Error 500 on accessing: http://list.yourdomain.tld/mailman/create

    here is the Log:
    cat /var/log/apache2/suexec.log
    [2014-05-15 16:09:38]: uid: (1000/mailman) gid: (1000/mailman) cmd: create
    [2014-05-15 16:09:38]: directory is writable by others: (/var/www/mailman/cgi-bin)

    If I check with # ls -l /var/www/mailman/cgi-bin total 264
    -rwxr-xr-x 1 mailman mailman 24280 Mai 15 13:41 admin
    -rwxr-xr-x 1 mailman mailman 24280 Mai 15 13:41 admindb
    -rwxr-xr-x 1 mailman mailman 24280 Mai 15 13:41 confirm
    -rwxr-xr-x 1 mailman mailman 24280 Mai 15 13:41 create
    -rwxr-xr-x 1 mailman mailman 24280 Mai 15 13:41 edithtml
    -rwxr-xr-x 1 mailman mailman 24280 Mai 15 13:41 listinfo
    -rwxr-xr-x 1 mailman mailman 24280 Mai 15 13:41 options
    -rwxr-xr-x 1 mailman mailman 24280 Mai 15 13:41 private
    -rwxr-xr-x 1 mailman mailman 24280 Mai 15 13:41 rmlist
    -rwxr-xr-x 1 mailman mailman 24280 Mai 15 13:41 roster
    -rwxr-xr-x 1 mailman mailman 24280 Mai 15 13:41 subscribe

    Do you have any Idea?

    1. Give the output to ls -l /var/www/mailman

      It’s the parent directory itself that is writeable by others. This should help:

      chmod go-w /var/www/mailman

  2. I am no more using Apache I am using Nginx now does any one know in which way I have to edit the Vhost, and which things I have to change, to continue using the Installation above? At the moment I am getting an „502 Bad Gateway“ Error on accessing the mailman page.

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert.