This project describes the process of upgrading GNU Mailman on an Amazon EC2 instance. Currently the default package available in Amazon Linux is version 2.1.15. GNU Mailman has to be upgraded to version 2.1.18 in order to fix an issues caused by Yahoo's decision to bounce email not conforming to the DMARC standard.
- https://blog.tigertech.net/posts/mailman-updated-fixes-dmarc/
- http://www.crescendo.net/content/tech/2014/07/updating-mailman-on-centos-5-due-to-dmarc/
- https://launchpad.net/mailman/+milestone/2.1.15
- https://launchpad.net/mailman/+milestone/2.1.18
- http://www.ietf.org/mail-archive/web/ietf/current/msg87153.html
- http://wiki.list.org/DOC/What%20can%20I%20do%20about%20members%20being%20unsubscribed%20by%20bounces%20of%20Yahoo%20user's%20posts%20for%20DMARC%20policy%20reasons%3F
- http://www.spamresource.com/2014/04/up-in-arms-about-yahoos-dmarc-policy.html
- http://wiki.list.org/DEV/DMARC
- http://stallion-theme.co.uk/how-to-upgrade-mailman-mailing-list-tutorial/
- http://yum.baseurl.org/wiki/YumCommands
- http://www.gnu.org/software/tar/manual/tar.html
- http://wiki.list.org/DOC/Understanding%20group%20mismatch%20errors%20-%20how%20mailman%20implements%20security
- https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/sec-Removing.html
- http://www.gnu.org/software/mailman/mailman-admin/node11.html
- Connect to the EC2 instance
- Archive Mailman data files
- Download the new Mailman
- Remove the old Mailman
- Install the new Mailman
- Configure the new Mailman
- Start the new Mailman
- Test and confirm
ssh -i [keyfile].pem ec2-user@[somedomain.whatever]
sudo su
/usr/lib/mailman/bin/version
yum list available | grep mailman
yum list installed | grep mailman
cd ~
ls
wget --no-check-certificate https://pypi.python.org/packages/source/d/dnspython/dnspython-1.11.1.zip
ls -la
Unzip dnspython
unzip dnspython-1.11.1.zip
ls
cd dnspython-1.11.1
python setup.py install
cd ~
wget http://ftp.gnu.org/gnu/mailman/mailman-2.1.18.tgz
ls -alR /var/lib/mailman/
ls -alR /var/lib/mailman/ > ~/mailman.lib.[yyyy-mm-dd].txt
Archive the /var/lib/mailman directory. This is the data directory, where all of the mailing definitions and archive messages are kept. This is what you will need to restore, if something goes wrong. If the upgrade proceeds as planned, you won't have to touch these files.
tar cvf ~/var-lib-mailman.[yyyy-mm-dd].tar /var/lib/mailman
tar cvf ~/etc-postfix-virtual.[yyyy-mm-dd].tar /etc/postfix/virtual
tar cvf ~/etc-aliases.[yyyy-mm-dd].tar /etc/aliases
tar cvf ~/etc-mailman.[yyyy-mm-dd].tar /etc/mailman/
tar cvf ~/usr-lib-mailman.[yyyy-mm-dd].tar /usr/lib/mailman/
tar cvf ~/etc-httpd-conf.d-mailman.conf.[yyyy-mm-dd].tar /etc/httpd/conf.d/mailman.conf
cat /etc/passwd | grep mailman
cat /etc/passwd | grep apache
cat /etc/group | grep mailman
cat /etc/group | grep apache
/etc/init.d/postfix status
/etc/init.d/postfix stop
/etc/init.d/postfix status
/etc/init.d/mailman status
/etc/init.d/postfix stop
/etc/init.d/postfix status
yum remove mailman
warning: /usr/lib/mailman/cron/crontab.in saved as /usr/lib/mailman/cron/crontab.in.rpmsave
warning: /usr/lib/mailman/Mailman/mm_cfg.py saved as /usr/lib/mailman/Mailman/mm_cfg.py.rpmsave
warning: /etc/httpd/conf.d/mailman.conf saved as /etc/httpd/conf.d/mailman.conf.rpmsave
cat /usr/lib/mailman/cron/crontab.in.rpmsave
cat /usr/lib/mailman/Mailman/mm_cfg.py.rpmsave
cat /etc/httpd/conf.d/mailman.conf.rpmsave
cd ~
tar xzf mailman-2.1.18.tgz
cd /usr/lib/mailman/
ls -la .
chgrp mailman .
ls -la . |grep s
chmod a+rx,g+ws .
ls -la . |grep s
ls -la .
Configure the Mailman installation. Set the installation directory to /usr/lib/mailman. IMPORTANT: Set the Var directory to /var/lib/mailman. Set the group id of the mail wrapper to mailman. Set the group id of the web server wrapper to apache.
cd ~/mailman-2.1.18
./configure --prefix=/usr/lib/mailman/ --with-var-prefix=/var/lib/mailman --with-mail-gid=mailman --with-cgi-gid=apache
make
make install
/usr/lib/mailman/bin/version
cat /etc/mailman/aliases
ls -alR /var/lib/mailman/
Make sure that the owner of the aliases and aliases.db file is mailman, that the group owner for those files is mailman, or whatever user and group you used in the configure command, and that both files are group writable.
ls -la /etc/mailman/aliases*
chown mailman:mailman /etc/mailman/aliases*
ls -la /etc/mailman/aliases*
chmod g+w /etc/mailman/aliases*
ls -la /etc/mailman/aliases*
Run the check permissions script, and run it again with the -f flag until all of the problems are fixed
/usr/lib/mailman/bin/check_perms > ~/checked_perms.[yyyy-mm-dd].txt
/usr/lib/mailman/bin/check_perms
/usr/lib/mailman/bin/check_perms -f
/usr/lib/mailman/bin/check_perms -f
less /usr/lib/mailman/Mailman/Defaults.py
more /etc/mailman/sitelist.cfg
/usr/lib/mailman/bin/mmsitepass [ --- somepassword --- ]
cp /usr/lib/mailman/Mailman/mm_cfg.py /usr/lib/mailman/Mailman/mm_cfg.py.[yyyy-mm-dd]
cp /usr/lib/mailman/Mailman/mm_cfg.py.rpmsave /usr/lib/mailman/Mailman/mm_cfg.py
cat /usr/lib/mailman/Mailman/mm_cfg.py
DEFAULT_URL_HOST = fqdn
DEFAULT_EMAIL_HOST = '[somedomain.whatever]'
MTA = 'Postfix'
grep POSTFIX_ALIAS_CMD /usr/lib/mailman/Mailman/Defaults.py
grep POSTFIX_MAP_CMD /usr/lib/mailman/Mailman/Defaults.py
less /etc/httpd/conf.d/mailman.conf
cp /etc/httpd/conf.d/mailman.conf.rpmsave /etc/httpd/conf.d/mailman.conf
RedirectMatch ^/mailman[/]*$ /mailman/listinfo
ScriptAlias /mailman/ /usr/lib/mailman/cgi-bin/
<Directory /usr/lib/mailman/cgi-bin/>
AllowOverride None
Options ExecCGI
Order allow,deny
Allow from all
</Directory>
Alias /pipermail/ /var/lib/mailman/archives/public/
<Directory /var/lib/mailman/archives/public>
Options MultiViews FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
AddDefaultCharset Off
</Directory>
/etc/init.d/httpd status
/etc/init.d/httpd restart
cat /etc/init.d/mailman
cp /usr/lib/mailman/scripts/mailman /etc/init.d/mailman
nano /usr/lib/mailman/cron/crontab.in
#0,5,10,15,20,25,30,35,40,45,50,55 * * * * mailman /usr/lib/mailman/cron/gate_news
cp /usr/lib/mailman/cron/crontab.in /etc/cron.d/mailman
crontab -u mailman -l
ls -la /var/spool/cron/
chkconfig --add mailman
/etc/init.d/mailman start
- Open a web browser, and log into the admin page of a test list.
- Subscribe a Yahoo email address to the test list and send an email message to the test list from a Gmail account.
- Reply from the Yahoo account to the message sent from the Gmail account.
- Check the Gmail account for the reply from the Yahoo account.
- If the Gmail account does not get the message from the Yahoo account, the problem is confirmed.
- Check the mail log to see what happened when you sent the message from Yahoo and from Gmail.
cat /var/log/maillog
- Open a web browser, and log into the admin page of a test list.
- For the option of “from_is_list” select “Munge From.”
- Send a test message to the list from a Gmail account.
- Reply from the Yahoo account to the message sent from the Gmail account.
- Check the Gmail account for the reply from the Yahoo account.
- If the Gmail account gets the message from the Yahoo account, the problem is fixed.