Thank you, Stephen, for the reply and valuable tips. I will upgrade Mailman to the latest version asap. I have an urgent solution for the following issue.
Postfix is configured to use the O365 as a relay host in our Mailman use case in our Mailman use case. One of our lists has close to 6k members. There were two messages for approval. I approved one and received it for both my list subscriptions. After about an hour or so, I approved the second message. The second message was not delivered to any of the subscribers. The reason is that the O365 email id used for relay host authentication was blocked with the following statement in the O365 Admin console: "Potentially compromised account. Anomalous sending patterns were detected, resulting in the user being restricted sending mails" I'm told that there are per minute and per hour restrictions of 30 and 1800 emails respectively (inbound and outbound) on o365. How can the said restrictions be complied with in Mailman? Thanks in advance, Francis ________________________________ From: Stephen J. Turnbull <stephenjturnb...@gmail.com> Sent: 01 August 2022 19:42 To: Francis Jayakanth <fran...@iisc.ac.in> Cc: mailman-users@python.org <mailman-users@python.org> Subject: [Mailman-Users] Change in email routing External Email Francis Jayakanth via Mailman-Users writes: > Hi, I'm administering and moderating a list with Mailman version > 2.1.20. This is extremely old. If it works, that's fine, but you're missing 19 releases worth of security fixes, including some quite nasty and easily exploitable ones (like cross-site scripting). > I need to make the following changes with immediate effect: > > 1. Switch to the Postfix email router from Sendmail, > 2. Use Office 365 with authentication as the relay host > > I have stopped the Sendmail service and configured Postfix for > email transactions. What does "configure for email transactions" mean? We really can't help unless you're quite precise about these things. Where does the O365 relay host sit? Between Mailman and Postfix, or between Postfix and the Internet? > Things are not working as they used to while using Sendmail. I have > specifically noticed that the following Mailman functions are not > working after the change over: > > 1. Online membership registrations are not receiving email > communication about the membership being held for approval. > 2. The moderator does not receive communication about new online > registrations. So, new online registrations are not > happening. > 3. Adding new subscriptions through the command line works, but > neither the subscriber nor the moderator receives any > communication. Ex. ./add_members -r new -w y -a y listname Is O365 involved in transmitting these notifications? If so, is the sending agent (Mailman or Postfix) configured to use the authentication credentials? What do the logs say? Both Mailman and the MTAs should be keeping logs of all outgoing messages. > 4. No confirmation email is received after posting a message by > a subscribed member. Does the post go out to the subscribers? Are you sure this notification is enabled? (In my experience members hate it with a passion). Again, this should be logged by Mailman and both MTAs. > 5. The <from> email address of the approved messages is changing > to the authentication email id, but the name remains that of > the member making the post. Is it possible that this issue is affecting receipt of notifications because recipients have not whitelisted the authenticated address, and they're being discarded or quarantined as spam? Is the authenticated address in the same domain as Mailman, and if not, do you have a DMARC policy of p=reject or p=quarantine? That sounds like something that O365 is doing. Mailman should not touch the From email address unless you have configured one of the following: - from is list (normally used to work around DMARC issues) - anonymous list - full personalization Stock Mailman will not use connection creditials to modify the message; it only becomes aware of them at the point it actually connects to the MTA. Steve ------------------------------------------------------ Mailman-Users mailing list -- mailman-users@python.org To unsubscribe send an email to mailman-users-le...@python.org https://mail.python.org/mailman3/lists/mailman-users.python.org/ Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/ https://mail.python.org/archives/list/mailman-users@python.org/
