search

Angatar / mailman2

A useful compact mailman2 container based on debian buster-slim to easily create and manage your mailing lists
MIT License
8 stars 4 forks source link

Any docker-compose file for this tool? #5

Closed jlgarnier closed 2 years ago

jlgarnier commented 2 years ago

Hi all,

I'm looking for an example docker-compose file to deploy a test instance of this tool (I'm really not a Docker expert): would anyone mind sharing one?

Thanks in advance for any help!

Angatar commented 2 years ago

Hi, You can start with the following example as a basis for your compose.yaml file and adapt it according to the documentation and your requirements. Please note that even for a test you will need to add the proper DNS records for your domain to make it works.

services:
  mailman:
    image: d3fk/mailman2
    container_name: mailman
    hostname: ${EMAIL_HOST}
    restart: always
    ports:
      - "80:80"
      - "25:25"
      - "465:465"
    environment:
      EMAIL_HOST: ${EMAIL_HOST}
      URL_HOST: ${URL_HOST}
      LIST_ADMIN: ${LIST_ADMIN}
      MASTER_PASSWORD: ${MASTER_PASSWORD}
      URL_PATTERN: ${URL_PATTERN}
      URL_ROOT: ${URL_ROOT}
    extra_hosts:
      - ${EMAIL_HOST}:127.0.0.1

You can replace the env vars by your values in the compose.yaml or create in the same directory a .env file that will be easier to maintain e.g.: .env

URL_HOST=lists.example.com
EMAIL_HOST=mails.example.com
LIST_ADMIN=youremail@example.com
MASTER_PASSWORD=example
URL_PATTERN=http
URL_ROOT=lists/

You can complete the compose.yaml and .env with environment variables listed in the ENVIRONMENT section

Then simply run your compose file with docker-compose up -d and visit your $URL_HOST/$URL_ROOT/admin to start managing your mailing lists (indicate the mapped port after the URL_HOST if required).

Hope this helps.

Angatar commented 2 years ago

Dont forget to visit the logs of the mailman container you have created:

$ docker logs mailman

The logs will display the deployment steps of the container and provide you in the end with a valid DKIM public key value and the DKIM txt record that can be added to your DNS records to enable DKIM check for your mailman mailing list server.

The mailing lists cannot be really functional with a host set to localhost since they require a valid EMAIL_HOST name to be configured.

jlgarnier commented 2 years ago

Thank you so much for this quick answer! I'll quickly try to draft me compose file from your example and let you know how it goes!

Cordialement / Best Regards,

Jean-Luc GARNIER

Mob:

Le mar. 26 avr. 2022 à 11:48, d3fk @.***> a écrit :

Dont forget to visit the logs of the mailman container you have created:

$ docker logs mailman

The logs will display the deployment steps of the container and provide you in the end with a valid DKIM public key value and the DKIM txt record that can be added to your DNS records to enable DKIM check for your mailman mailing list server.

The mailing lists cannot be really functional with a host set to localhost since they require a valid EMAIL_HOST name to be configured.

— Reply to this email directly, view it on GitHub https://github.com/Angatar/mailman2/issues/5#issuecomment-1109587601, or unsubscribe https://github.com/notifications/unsubscribe-auth/AGMYX67X2NMNKKHDRLYUHDLVG63WJANCNFSM5UJATHBQ . You are receiving this because you authored the thread.Message ID: @.***>

jlgarnier commented 2 years ago

Hi,

The installation ran fine, although I made some syntax errors (i.e. environment variables should be given as URL_HOST=lists.example.com and not as URL_HOST: lists.example.com). You then deserve a warm thank you for the helping hand! I now have to fine tune the instance with LE certificate, DKIM set up and so on but this should go well now!

Thanks again and have a great week-end!

Cordialement / Best Regards,

Jean-Luc GARNIER

Mob:

Le mar. 26 avr. 2022 à 19:20, Jean-Luc GARNIER @.***> a écrit :

Thank you so much for this quick answer! I'll quickly try to draft me compose file from your example and let you know how it goes!

Cordialement / Best Regards,

Jean-Luc GARNIER

Mob:

Le mar. 26 avr. 2022 à 11:48, d3fk @.***> a écrit :

Dont forget to visit the logs of the mailman container you have created:

$ docker logs mailman

The logs will display the deployment steps of the container and provide you in the end with a valid DKIM public key value and the DKIM txt record that can be added to your DNS records to enable DKIM check for your mailman mailing list server.

The mailing lists cannot be really functional with a host set to localhost since they require a valid EMAIL_HOST name to be configured.

— Reply to this email directly, view it on GitHub https://github.com/Angatar/mailman2/issues/5#issuecomment-1109587601, or unsubscribe https://github.com/notifications/unsubscribe-auth/AGMYX67X2NMNKKHDRLYUHDLVG63WJANCNFSM5UJATHBQ . You are receiving this because you authored the thread.Message ID: @.***>

Angatar commented 2 years ago

Hi, Glad it helps and thank you for the feedback ! :grin:

NB:

jlgarnier commented 2 years ago

Hi,

One last question: I’ve managed to create a test list but didn’t receive the notification email, nor any notification when I subscribe as a new member (different email addresses given as list creator and member). As a Nextcloud instance is already running on the same machine, I’ve set up the following ports redirections:

  - "7025:25"

  - "7465:465"

  - "7587:587"

I wonder whether this redirection could prevent exim from reaching out to internet. The normal mail server is hosted by our host provider and mailman’s email host has been set to “mails.mydomain.com”. I didn’t setup the MX field yet: could this be the reason of this issue?

Thanks in advance for your advices!

Cordialement / Best regards,

Jean-Luc GARNIER

Mob: +33 6 81 25 07 12 Profil: http://jeanlucgarnier.tel/ http://jeanlucgarnier.tel/

De : d3fk @.> Envoyé : lundi 2 mai 2022 10:58 À : Angatar/mailman2 @.> Cc : Jean-Luc GARNIER @.>; Author @.> Objet : Re: [Angatar/mailman2] Any docker-compose file for this tool? (Issue #5)

Hi, Glad it helps and thank you for the feedback ! 😁

NB:

— Reply to this email directly, view it on GitHub https://github.com/Angatar/mailman2/issues/5#issuecomment-1114637691 , or unsubscribe https://github.com/notifications/unsubscribe-auth/AGMYX625ACCDDGDCF4BM7U3VH6KKNANCNFSM5UJATHBQ . You are receiving this because you authored the thread. https://github.com/notifications/beacon/AGMYX6Z7WMIIIGPTUCV5KMLVH6KKNA5CNFSM5UJATHB2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOIJYAK6Y.gif Message ID: @. @.> >

Angatar commented 2 years ago

Hi, The port redirection you mention is just port mapping, it is invisible for exim from the container, so they are not involved if your listed mapped ports are well open ports on your cloud IT. This observed behaviour with new subscription is due to the configuration of mailman set by default in this container that were thought to be more convenient ... as stated in the documentation (mailman configuration). You can activate the option entitled "Should administrator get notices of subscribes and unsubscribes?" from the mailing list interface(General options section) or change the default config file by using a volume.

NB: The MX DNS record is also important: it declares that your EMAIL_HOST is authorised to send email for your domain/subdomain name :wink:

jlgarnier commented 2 years ago

Hi and thanks again for your support!

I finally think that the issue with email is related to the MX record you mention. Here’s my understanding:

Mailing list subscription confirmation notice for mailing list Test

We have received a request from 82.66.51.64 for subscription of your

email address, " @.> @.", to the

@.> @. mailing list. To confirm that you want to be

added to this mailing list, simply reply to this message, keeping the

Subject: header intact. Or visit this web page:

 <https://lists.mydomain.com/lists/confirm/test/7723440fc5204e15eac19b750cb7c4fc5bdc3ee6> https://lists.mydomain.com/lists/confirm/test/7723440fc5204e15eac19b750cb7c4fc5bdc3ee6

Or include the following line -- and only the following line -- in a

message to @.> @.:

confirm 7723440fc5204e15eac19b750cb7c4fc5bdc3ee6

Note that simply sending a `reply' to this message should work from

most mail readers, since that usually leaves the Subject: line in the

right form (additional "Re:" text in the Subject: is okay).

If you do not wish to be subscribed to this list, please simply

disregard this message. If you think you are being maliciously

subscribed to the list, or have any other questions, send them to

@.> @.

What is your advice here?

Cordialement / Best regards,

Jean-Luc GARNIER

Mob: +33 6 81 25 07 12 Profil: http://jeanlucgarnier.tel/ http://jeanlucgarnier.tel/

De : d3fk @.> Envoyé : mardi 3 mai 2022 18:24 À : Angatar/mailman2 @.> Cc : Jean-Luc GARNIER @.>; Author @.> Objet : Re: [Angatar/mailman2] Any docker-compose file for this tool? (Issue #5)

Hi, The port redirection you mention is just port mapping, it is invisible for exim from the container, so they are not involved if your listed mapped ports are well open ports on your cloud IT. This observed behaviour with new subscription is due to the configuration of mailman set by default in this container that were thought to be more convenient ... as stated in the documentation (mailman configuration https://github.com/Angatar/mailman2#mailman-configuration ). You can activate the option entitled "Should administrator get notices of subscribes and unsubscribes?" from the mailing list interface(General options section) or change the default config file by using a volume.

NB: The MX DNS record is also important: it declares that your EMAIL_HOST is authorised to send email for your domain/subdomain name 😉

— Reply to this email directly, view it on GitHub https://github.com/Angatar/mailman2/issues/5#issuecomment-1116291345 , or unsubscribe https://github.com/notifications/unsubscribe-auth/AGMYX65YQ3Z2LOO6W4ONWDLVIFHJHANCNFSM5UJATHBQ . You are receiving this because you authored the thread. https://github.com/notifications/beacon/AGMYX6ZUOLIV6I3CBT6MJGLVIFHJHA5CNFSM5UJATHB2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOIKEUCEI.gif Message ID: @.***>

Angatar commented 2 years ago

I then suspected I had to add

  • A record: server1 IN A < server IP address>
  • A record: mails IN A (seems CNAME here is forbidden), may be useless
  • MX record: mails IN MX 50 server1.eurosmart.com.

In your case, the A record for your domain name simply enables you to access your mailman website with a domain name, so, not strictly compulsory but pretty useful.

As your URL_HOST and EMAIL_HOST are different, you'll indeed also need an A record for your EMAIL_HOST to declare the subdomain/domain that will be associated to your email server/load-balancer/reverse-proxy.

The MX record is indeed required, you can define different priorities if you have several MX.

A PTR record will also have an important impact on your email deliverability since a reverse DNS lookups is made by email servers to ensure your email server is well who it says to be.

If you have gmail addresses in your mailing lists, a DKIM record will also probably be part of the minimal records since it seems that gmail would not accept mails from servers without a valid DKIM to avoid spoofing (not experimented, only got feedback about it ... maybe other email providers are requiring/will require it)

The other suggested records by the DNS configuration section of the documentation (i.e SPF and DMARC) are currently only improving the deliverability of your emails but they are more and more often checked by emails servers and they currently impact the SPAM tagging of your messages.

Angatar commented 2 years ago

By the way, I don’t know where the issuing IP address mentioned

BTW it is probably the IP of the computer you used (or seen by the email server: might be a proxy depending on your configuration) to subscribe the new users to the list.

jlgarnier commented 1 year ago

Thanks again for the quick answer!

I’ve added all the records listed in my previous message in the DNS and Mailman is now able to send notifications for subscriptions. SPF is set too, but not DMARC. As we’re using a mixed infrastructure (domain name and DNS operated by OVH.fr, physical private server hosted by a local hosting provider, website hosted by a third hosting provider), I just couldn’t find how to set up the PTR record.

However, once subscribed, I’m still unable to dispatch messages to the list : a mail sent to @. @.> seems to be “silently swallowed”, doesn’t return any error message but is not dispatched to list members. Could this be due to the missing PTR record?

Cordialement / Best regards,

Jean-Luc GARNIER

Mob: +33 6 81 25 07 12 Profil: http://jeanlucgarnier.tel/ http://jeanlucgarnier.tel/

De : d3fk @.> Envoyé : lundi 9 mai 2022 11:39 À : Angatar/mailman2 @.> Cc : Jean-Luc GARNIER @.>; Author @.> Objet : Re: [Angatar/mailman2] Any docker-compose file for this tool? (Issue #5)

I then suspected I had to add

In your case, the A record for your domain name simply enables you to access your mailman website with a domain name, so, not strictly compulsory but pretty useful.

As your URL_HOST and EMAIL_HOST are different, you'll indeed also need an A record for your EMAIL_HOST to declare the subdomain/domain that will be associated to your email server/load-balancer/reverse-proxy.

The MX record is indeed required, you can define different priorities if you have several MX.

A PTR record will also have an important impact on your email deliverability since a reverse DNS lookups is made by email servers to ensure your email server is well who it says to be.

If you have gmail addresses in your mailing lists, a DKIM record will also probably be part of the minimal records since it seems that gmail would not accept mails from servers without a valid DKIM to avoid spoofing (not experimented, only got feedback about it ... maybe other email providers are requiring/will require it)

The other suggested records by the DNS configuration section https://github.com/Angatar/mailman2#dns-configuration of the documentation (i.e SPF and DMARC) are currently only improving the deliverability of your emails but they are more and more often checked by emails servers and they currently impact the SPAM tagging of your messages.

— Reply to this email directly, view it on GitHub https://github.com/Angatar/mailman2/issues/5#issuecomment-1120877685 , or unsubscribe https://github.com/notifications/unsubscribe-auth/AGMYX6327LQZB3QRNMILPD3VJDMLNANCNFSM5UJATHBQ . You are receiving this because you authored the thread. https://github.com/notifications/beacon/AGMYX6473ZK4NB446B43N23VJDMLNA5CNFSM5UJATHB2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOILHTY5I.gif Message ID: @. @.> >

Angatar commented 1 year ago

and Mailman is now able to send notifications for subscriptions.

Email notifications ? If email notifications for subscriptions are well sent by Mailman and delivered to a recipient, this recipient address receiving the notifications should also receive the messages sent to the list if this email address is well part of the members addresses of this list.

I just couldn’t find how to set up the PTR record.

If part of your list members do not receive the message you might indeed encounter a problem of email deliverability due to a miss configured PTR record/reverse DNS: some email servers are less regarding to the PTR record but they are mostly small or local email servers, for the most used email servers it is now part of the rules to systematically check the PTR record before permitting the messages delivery.

The PTR record can be configured and controlled by the IP block owners (usually the server hosting company so probably you local hosting provider for your email service). In case you own the local DNS server on our own, you'll need to create a reverse DNS zone.

In the event where your d3fk/mailman2 never sent an email till now you can check that you can send an email directly from the MTA (Exim) of your running d3fk/mailman2 container to one of your valid email address with something like the following command:

$  docker exec -ti mailman exim -v workingmail@workingdomain.tel

wait a few seconds for the empty prompt then enter the following lines

From: user@lists.mydomain.tel
Subject: Test mail
Simple test message

Finally send your test email by pressing ctrl+d ; you should see the details about the SMTP connection that might help you for debugging purpose.

Hope this helps.