On 02/29/2016 02:19 AM, Mark Sapiro wrote: > On 02/28/2016 10:51 PM, Ruben Safir wrote: >> On 02/29/2016 01:34 AM, Mark Sapiro wrote: >>> I think we can fix your issue fairly simply. >>> >>> Please, as I asked in my reply at >>> <https://mail.python.org/pipermail/mailman-users/2016-February/080524.html>, >>> post the output from 'postconf -n' and the contents of mm_cfg.py. >> >> >> Sorry, I got mixed up. Its just probably the frustration. Everyone >> uses mailman, I don't know why I'm so stupid >> >> > >> smtpd_recipient_restrictions = check_client_access >> hash:/etc/postfix/helo_client_exceptions check_sender_access >> hash:/etc/postfix/sender_checks, reject_invalid_hostname, >> reject_non_fqdn_hostname, reject_non_fqdn_sender, >> reject_non_fqdn_recipient, reject_unknown_sender_domain, >> reject_unknown_recipient_domain, permit_mynetworks, >> reject_unauth_destination, permit_mynetworks, reject_unauth_destination, >> reject_invalid_hostname, reject_non_fqdn_hostname, >> reject_non_fqdn_sender, reject_non_fqdn_recipient, >> reject_unknown_sender_domain, reject_unknown_recipient_domain, >> reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net >> reject_rbl_client cbl.abuseat.org, permit > > > This is almost certainly your problem. All those checks take time, > especially if DNS is slow. If you send a message from a client and > Postfix takes 5 seconds to accept it, it's no big deal. If Mailman sends > to 10 or 20 recipients, and it takes Postfix a minute to respond, it > still may be no big deal unless another two posts arrive in that minute > , and so on until you have a big backlog. > > I suggest that if you really want all those checks, that you set up a > separate port for Mailman to send to without all those rbl lookups and > recipient domain lookups. See below. > > >> vim /usr/lib/mailman/Mailman/mm_cfg.py >> >> ############################################### >> # Here's where we get the distributed defaults. >> >> from Defaults import * >> >> ################################################## >> # Put YOUR site-specific settings below this line. >> DEFAULT_URL_PATTERN = 'http://%s/mailman/' >> DEFAULT_NNTP_HOST = 'www.mrbrklyn.com' >> DEFAULT_EMAIL_HOST = 'nylxs.com' >> DEFAULT_URL_HOST = 'www.nylxs.com' >> MTA = 'Postfix' >> POSTFIX_ALIAS_CMD = '/usr/sbin/postalias' >> POSTFIX_MAP_CMD = '/usr/sbin/postmap' >> DELIVERY_MODULE = 'SMTPDirect' >> SMTPHOST = 'mrbrklyn.com' >> SMTPPORT = '25' > > > Here's where I'm suggesting changes. Pick a port, say 8000, although it > could be anything that doesn't conflict. > > Then change the above to > > SMTPHOST = '127.0.0.1' > SMTPPORT = 8000 > > (don't quote the port - it's a number, not a string) > > Also, while you're at it I suggest adding > > VERP_PASSWORD_REMINDERS = Yes > VERP_PERSONALIZED_DELIVERIES = Yes > VERP_DELIVERY_INTERVAL = 1 > > for more reliable bounce processing. > > But, see below for changes to Postfix master.cf that you must make first. > >> add_virtualhost(DEFAULT_URL_HOST, DEFAULT_EMAIL_HOST) >> add_virtualhost('lists.mrbrklyn.com', 'mrbrklyn.com') >> IMAGE_LOGOS = '/mailmanicons/' >> >> >> >> There is another one in apache: >> I don't know if it is being used. >> vim /usr/local/apache/conf/mailman/Mailman/mm_cfg.py > > No, that shouldn't be used. > > > In Postfix master.cf add the following stanza > > 127.0.0.1:8000 inet n - - - - smtpd > -o smtpd_authorized_xforward_hosts=127.0.0.0/8 > -o mynetworks=127.0.0.0/8 > -o smtpd_recipient_restrictions=permit_mynetworks,reject > -o smtpd_client_restrictions= > -o smtpd_helo_restrictions= > -o smtpd_sender_restrictions= > -o smtpd_data_restrictions= > > Make this addition to Postfix master.cf and reload Postfix. Only after > you've done that and Postfix is listening on the loopback interface port > 8000, make the changes to mm_cfg.py and restart Mailman. >
OK . That port is restricted to a 12.0.0.0/8 relay? The last thing I need is for someone to be monitoring this list and pounding port 8000 for a spam relay. -- So many immigrant groups have swept through our town that Brooklyn, like Atlantis, reaches mythological proportions in the mind of the world - RI Safir 1998 http://www.mrbrklyn.com DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002 http://www.nylxs.com - Leadership Development in Free Software http://www2.mrbrklyn.com/resources - Unpublished Archive http://www.coinhangout.com - coins! http://www.brooklyn-living.com Being so tracked is for FARM ANIMALS and and extermination camps, but incompatible with living as a free human being. -RI Safir 2013 ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
