Re: [Mailman-Developers] Mailman 3 on lists.mailman3.org
On 03/07/2016 06:59 AM, Barry Warsaw wrote: > > I pinged Donald off line; this should be set up now. Yes. It looks good. I should make significant progress on the setup this week. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, Californiabetter use your sense - B. Dylan signature.asc Description: OpenPGP digital signature ___ Mailman-Developers mailing list Mailman-Developers@python.org https://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Developers] Mailman 3 on lists.mailman3.org
On Mar 06, 2016, at 09:31 PM, Mark Sapiro wrote: >I neglected to even think about the full circle DNS which is for >outgoing mail. The issue here is that the server's IP address has no >rDNS PTR record at all. The authority for this is rackspace, so they >would need to install a PTR from 201.228.239.104.in-addr.arpa. (i.e.rDNS >for 104.239.228.201) to mail.mailman3.org. Probably >infrastruct...@python.org can help with this. I pinged Donald off line; this should be set up now. Cheers, -Barry pgpyQP22IYNBQ.pgp Description: OpenPGP digital signature ___ Mailman-Developers mailing list Mailman-Developers@python.org https://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Developers] Mailman 3 on lists.mailman3.org
On 03/06/2016 05:35 PM, Stephen J. Turnbull wrote: > > But note that as a practical matter some receiving sites demand (or > use to demand) that a sender's PTR roundtrip (ie, A -> PTR -> same A). > > Is that not a problem any more? Thanks for bringing this up. It is definitely still a problem and it is a problem here too, but these are two separate issues. The issue I raised and which is now fixed is regarding mail to x...@mailman3.org. That's where the MX for mailman3.org should point to a name with an A and not a CNAME record. I neglected to even think about the full circle DNS which is for outgoing mail. The issue here is that the server's IP address has no rDNS PTR record at all. The authority for this is rackspace, so they would need to install a PTR from 201.228.239.104.in-addr.arpa. (i.e.rDNS for 104.239.228.201) to mail.mailman3.org. Probably infrastruct...@python.org can help with this. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, Californiabetter use your sense - B. Dylan signature.asc Description: OpenPGP digital signature ___ Mailman-Developers mailing list Mailman-Developers@python.org https://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Developers] Mailman 3 on lists.mailman3.org
Mark Sapiro writes: > On 03/06/2016 09:37 AM, Barry Warsaw wrote: > > On Mar 05, 2016, at 04:14 PM, Mark Sapiro wrote: > > > >> The issue is that there is an MX record for mailman3.org pointing to > >> mail.mailman3.org, but mail.mailman3.org doesn't have an A record; it > >> has a CNAME pointing to mailman.iad1.psf.io which is the canonical name > >> of the server. > ... > > Fixed by setting mail. to an A record. Give it time to > > propagate, and it has a 3h TTL. > > > Looks good. Thanks Barry. But note that as a practical matter some receiving sites demand (or use to demand) that a sender's PTR roundtrip (ie, A -> PTR -> same A). Is that not a problem any more? Steve ___ Mailman-Developers mailing list Mailman-Developers@python.org https://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Developers] Mailman 3 on lists.mailman3.org
On 03/06/2016 09:37 AM, Barry Warsaw wrote: > On Mar 05, 2016, at 04:14 PM, Mark Sapiro wrote: > >> The issue is that there is an MX record for mailman3.org pointing to >> mail.mailman3.org, but mail.mailman3.org doesn't have an A record; it >> has a CNAME pointing to mailman.iad1.psf.io which is the canonical name >> of the server. ... > Fixed by setting mail. to an A record. Give it time to propagate, and it has > a 3h TTL. Looks good. Thanks Barry. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, Californiabetter use your sense - B. Dylan signature.asc Description: OpenPGP digital signature ___ Mailman-Developers mailing list Mailman-Developers@python.org https://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Developers] Mailman 3 on lists.mailman3.org
On Mar 05, 2016, at 04:14 PM, Mark Sapiro wrote: >The issue is that there is an MX record for mailman3.org pointing to >mail.mailman3.org, but mail.mailman3.org doesn't have an A record; it >has a CNAME pointing to mailman.iad1.psf.io which is the canonical name >of the server. > >RFC 2181, sec 10.3 says the target of and MX must have address records, >not CNAME. I.e. mail.mailman3.org should not have a CNAME, but rather an >A record pointing to 104.239.228.201 or I suppose instead, the MX for >mailman3.org could point directly at mailman.iad1.psf.io. Fixed by setting mail. to an A record. Give it time to propagate, and it has a 3h TTL. Cheers, -Barry pgpcp99EabCRa.pgp Description: OpenPGP digital signature ___ Mailman-Developers mailing list Mailman-Developers@python.org https://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Developers] Mailman 3 on lists.mailman3.org
Hi Mark, On 03/05/2016 04:14 PM, Mark Sapiro wrote: > I'm starting to look at getting a production mailman-us...@mailman3.org > list set up and running. > > I haven't gotten too far into it, but I see one issue and have a question. > > The issue is that there is an MX record for mailman3.org pointing to > mail.mailman3.org, but mail.mailman3.org doesn't have an A record; it > has a CNAME pointing to mailman.iad1.psf.io which is the canonical name > of the server. > > RFC 2181, sec 10.3 says the target of and MX must have address records, > not CNAME. I.e. mail.mailman3.org should not have a CNAME, but rather an > A record pointing to 104.239.228.201 or I suppose instead, the MX for > mailman3.org could point directly at mailman.iad1.psf.io. > > Anyway, this is not an immediate concern, but will need to be addressed. > > For my question, there is a MM 3 installation on the server now done, I > think, by Abhilash (@maxking). It seems only partly done. I.e. there's a > whole bunch of stuff in /opt/mailman that looks fairly complete, there's > some stuff for it in the nginx and postfix configs, there are systemd > scripts for starting and stopping mailman, but there's no mailman user > or group on the server. This latter may be the result of the PSFs salt > management. Yes, I did setup a Mailman 3 instance on that server, but haven't actually looked at it recently. I was just playing around and probably did not create the Mailman user or Group, but I should have. I hooked everything up though and it was working. There must be configuration files for gunicorn too, to deploy Postorius and Hyperkitty. > Anyway, the question is is this usable? should it be upgraded? what else > needs to be done (not in detail, just whatever pieces are known to be > missing)? I guess it should be upgraded to the latest mailman version. I installed everything from the latest master branch (that time) instead from the released version. Although, a fresh install using bundler won't hurt. We can then upgrade our own servers before rolling out the releases ;-) > > > ___ > Mailman-Developers mailing list > Mailman-Developers@python.org > https://mail.python.org/mailman/listinfo/mailman-developers > Mailman FAQ: http://wiki.list.org/x/AgA3 > Searchable Archives: > http://www.mail-archive.com/mailman-developers%40python.org/ > Unsubscribe: > https://mail.python.org/mailman/options/mailman-developers/raj.abhilash1%40gmail.com > > Security Policy: http://wiki.list.org/x/QIA9 > -- thanks, Abhilash Raj ___ Mailman-Developers mailing list Mailman-Developers@python.org https://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
