Francis Jayakanth via Mailman-Users writes: > Hi, I'm administering and moderating a list with Mailman version > 2.1.20.
This is extremely old. If it works, that's fine, but you're missing 19 releases worth of security fixes, including some quite nasty and easily exploitable ones (like cross-site scripting). > I need to make the following changes with immediate effect: > > 1. Switch to the Postfix email router from Sendmail, > 2. Use Office 365 with authentication as the relay host > > I have stopped the Sendmail service and configured Postfix for > email transactions. What does "configure for email transactions" mean? We really can't help unless you're quite precise about these things. Where does the O365 relay host sit? Between Mailman and Postfix, or between Postfix and the Internet? > Things are not working as they used to while using Sendmail. I have > specifically noticed that the following Mailman functions are not > working after the change over: > > 1. Online membership registrations are not receiving email > communication about the membership being held for approval. > 2. The moderator does not receive communication about new online > registrations. So, new online registrations are not > happening. > 3. Adding new subscriptions through the command line works, but > neither the subscriber nor the moderator receives any > communication. Ex. ./add_members -r new -w y -a y listname Is O365 involved in transmitting these notifications? If so, is the sending agent (Mailman or Postfix) configured to use the authentication credentials? What do the logs say? Both Mailman and the MTAs should be keeping logs of all outgoing messages. > 4. No confirmation email is received after posting a message by > a subscribed member. Does the post go out to the subscribers? Are you sure this notification is enabled? (In my experience members hate it with a passion). Again, this should be logged by Mailman and both MTAs. > 5. The <from> email address of the approved messages is changing > to the authentication email id, but the name remains that of > the member making the post. Is it possible that this issue is affecting receipt of notifications because recipients have not whitelisted the authenticated address, and they're being discarded or quarantined as spam? Is the authenticated address in the same domain as Mailman, and if not, do you have a DMARC policy of p=reject or p=quarantine? That sounds like something that O365 is doing. Mailman should not touch the From email address unless you have configured one of the following: - from is list (normally used to work around DMARC issues) - anonymous list - full personalization Stock Mailman will not use connection creditials to modify the message; it only becomes aware of them at the point it actually connects to the MTA. Steve ------------------------------------------------------ Mailman-Users mailing list -- mailman-users@python.org To unsubscribe send an email to mailman-users-le...@python.org https://mail.python.org/mailman3/lists/mailman-users.python.org/ Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/ https://mail.python.org/archives/list/mailman-users@python.org/
