Systems administration of mail

MTA

We run Postfix on mail.dfri.se.

Other systems that need to send email can do so by pointing out mail.dfri.se as their relayhost in /usr/local/etc/postfix/main.cf like this:

relayhost = [mail.dfri.se]

Note that mail.dfri.se needs to be configured to allow relaying for each host separately by adding its IP addresses to mynetworks in main.cf.

Mailing lists

We run mlmmj on mail.dfri.se. List info is kept in /var/mlmmj. Maintenance is run from cron with

5 */2 * * * /usr/local/bin/mlmmj-maintd -F -d /var/mlmmj/lists.dfri.se

Creating a new list

export LIST_NAME=YOUR_LIST_NAME      # change this!
export MODERATOR_EMAIL=noc@dfri.net  # or something else
export LD=/var/mlmmj/lists.dfri.se
mlmmj-make-ml.sh -s $LD -L ${LIST_NAME}
# domain is lists.dfri.se, list owner is probably noc@dfri.net
# ignore the instructions about a crontab entry -- we have `-d /var/mlmmj/lists.dfri.se`
# ignore the instructions about /etc/aliases
chown -R mlmmj:mlmmj $LD/${LIST_NAME}
vi /usr/local/etc/postfix/transport # add "${LIST_NAME}@lists.dfri.se mlmmj:"
postmap /usr/local/etc/postfix/transport
cd $LD/${LIST_NAME}/control && touch modnonsubposts notifysub subonlyget subonlypost tocc
echo $MODERATOR_EMAIL > $LD/${LIST_NAME}/control/moderators
echo \[${LIST_NAME}\] > $LD/${LIST_NAME}/control/prefix
echo "List-Id: ${LIST_NAME}.lists.dfri.se" > $LD/${LIST_NAME}/control/customheaders

To create a list where new subscribers go through moderation before being subscribed, touch submod in the control directory. If you're going to mass-subscribe people to the list, wait with touching submod until after this has been done.

For a complete list of knobs, see http://mlmmj.org/docs/tunables/.

Subscribe people to the list using mlmmj-sub with -L $LD/$LIST_NAME and -a EMAIL-ADDRESS.

Web interface

TODO: There are supposedly two web front ends to mlmmj. One in PHP and one other.

Autoresponding to some abuse complaints

[root@mail /etc]# cat /home/autoresponder/README 
In the file, .procmailrc

There is a honestly ripped and modified version off: 
https://www.torservers.net/wiki/abuse/dmca

This will respond automatically to emails sent from certain hosts.
[root@mail /etc]# cat /home/autoresponder/.procmailrc 
LOGFILE=$HOME/procmail.log
LOGABSTRACT = "all"
#VERBOSE     = yes

SHELL=/usr/local/bin/bash

:0 c
* ^To:.*abuse@dfri.(se|net|org)
* ^From:.*(mediasentry.com|copyright-compliance.com|copyright-notice.com|ip-echelon.com)
* !^X-Loop: abuse@dfri.net
{
REPLYTO = `formail -xFrom:`
SUBJECT = `formail -xSubject:`

:0 fhb
| (/usr/local/bin/formail -r                    \
-I"To: $REPLYTO"     \
-I"CC: DFRI Abuse Team <abuse@dfri.net>" \
-I"From: DFRI Abuse Team <abuse@dfri.net>" \
-I"Subject: Re: $SUBJECT"     \
-I"Return-Path: <abuse@dfri.net>"; \
/bin/cat /home/autoresponder/dmca-autoreply.txt) \
| /usr/sbin/sendmail -oi -t
}

The %-hack for the AT4AM list

Från http://pad.epfsug.eu/p/IAG-percent-hack---

Problem statement:

  • The mail server of the European Parliament does not allow incoming messages that come from another server, but have a @europarl.europa.eu address in the From: header
  • The result was that:
  • email from non-EP addresses would be delivered without a problem, even to people subscribed with an EP address
    • email from EP addresses would be delivered without a problem to people subscribed with a non-EP address, but not to people subscribed with an EP address

Solution:

  • The address rewriting functionality [1] in Exim is used to replace a From: address of the form username@europarl.europa.eu with the form username%europarl.europa.eu@epfsug.eu
  • This is done with a single configuration file: /etc/exim4/conf.d/rewrite/90_europarl, whose content is a single line regular expression:
  • ^([^@]+)@europarl.europa.eu $1%europarl.europa.eu@epfsug.eu fF
  • Additionally, it is necessary to tell Sympa to accept messages from addresses containing the % sign (it normally doesn't)
  • This is done by modifying the regular expression in line 55 of the file /usr/share/sympa/lib/tools.pm, like this:
  • from this: my %regexp = ('email' => '([\w-_.\/+\=\'\&]+|\".\")\@[\w-]+(.[\w-]+)+',
    • to this: my %regexp = ('email' => '([\w-_.\/+\=\'\&\%]+|\".\")\@[\w-]+(.[\w-]+)+',

References: [1] http://www.exim.org/exim-html-current/doc/html/spec_html/ch-address_rewriting.html

Vi har gjort samma sak med postfix (retrograde.dfri.se):

# cat sender_canonical
> /^(.*)@europarl[.]europa[.]eu$/ ${1}%europarl.europa.eu@at4am.eu
> /^(.*)@ep[.]europa[.]eu$/ ${1}%ep.europa.eu@at4am.eu
> /^(.*)@ext[.]europarl[.]europa[.]eu$/ ${1}%ext.europarl.europa.eu@at4am.eu
> # grep sender_canonical main.cf
> sender_canonical_maps = regexp:/usr/local/etc/postfix/sender_canonical