[BALUG-Admin] mailman-loop ...
Fri Sep 22 11:46:34 PDT 2017
Quoting Michael Paoli (Michael.Paoli@cal.berkeley.edu):
> Mailman bounce processing. So ... Mailman has per-list bounce
> processing - and aliases that go to pipes for those, e.g:
> balug-test-bounces: "|/var/lib/mailman/mail/mailman bounces balug-test"
> and I'm presuming those just automagically "do the right thing"...
> soon ... as it's probably not yet right. :-/
> Also, Debian+exmi4 - by default doesn't allow aliases to go to pipes
> or files.
To pipes, yes. I don't know what you mean by not to files, in that
destination mbox files are files, and /etc/aliases entries to those
definitely work. The disabling of processing of pipes in /etc/aliases
is/was a security improvement, as there have been just far too many
security meltdowns causes by exploits of shell processing in exactly
In recent mail, I'd assumed that, nonetheless, Exim4 _does_ correctly
process the pipes used in /var/lib/mailman/data/aliases that the
/var/lib/mailman/bin/newlist command adds per-list stanzas to -- but
I'm just now remembering that /var/lib/mailman/data/aliases is now
vestigial if you add the recommended Mailman plumbing to Exim4
transports and routers. (Disclaimer: This reflects not careful study
but rather yet another super-quick look around.)
My surmise today is that the Exim4 additions to routers and transports
bypasses the traditional aliases mechanism entirely and makes Exim4
parse the MAILMAN_HOME/lists/$local_part/config.pck (Python 'pickled'
format) files for per-list data, instead, probably using the
$MAILMAN_HOME/mail/mailman tools, if my overly-quick parsing of Exim4's
conffiles is correct.
In which case, sorry about the digression onto a vestigial file. That's
the problem with having run this stuff since dinosaur days: You keep
wanting to maintain stuff that's actually not used any more, but in many
cases is confusingly still around anyway.
(FWIW, I'd also noticed that /var/lib/mailman/data/owner-bounces.mbox is
non-existent on my system, but had overhastily written that fact off as
merely indicating that it was getting cleaned out or something.)
> So, ... like I say, will need to review/fix ... and soon.
> Thanks for mentioning it, etc. - covered some of my questions,
> and I wasn't aware of the /var/lib/mailman/data/aliases file.
Probably vestigial, on second thought. My current guess.
Given your empirical observation that inbound mail to mailman-loop was
bouncing, that raises the subsidiary question of how it _ought_ to be
directed. Sending it to root/postmaster via /etc/aliases of course
ensures that it goes somewhere, but is it where it _should_ go? I'm
really not sure. Maybe you should ask the Mailman and/or Exim experts.
> VERP :-) ... yeah, I'd forgotten what it was called, but recalled
> reading about it in Mailman configuration stuff. And yes,
> advantages/disadvantages ... but can be quite good for better
> processing of bounces and backscatter. So, yeah, may be better
> on balance, to enable it, than not ... or maybe at least
> occasionally/periodically enable it. Ah, but should probably
> first get mailman-loop working as it ought.
VERP will let you find the problem child. Enable it for that, and you
can disable it after you track that subscriber down.
More information about the BALUG-Admin