10 KiB
Integrate mlmmj mailing list manager in iRedMail (LDAP backends)
[TOC]
Summary
In iRedMail-0.9.8, we integrate mlmmj - a simple and slim mailing list manager. It uses very few resources, and requires no daemons, easy to install, configure and manage. if offers a great set of features, including:
- Archive
- Subject prefix
- Subscribers only posting
- Moderators only posting
- Moderation functionality
- Custom headers / footer
- Fully automated bounce handling
- Complete requeueing functionality
- Regular expression access control
- Delivery Status Notification (RFC1891) support
- Rich, customisable texts for automated operations
- and more
iRedMail team also developes a simple RESTful API server called mlmmjadmin
to help manage mailing lists, it also offers script tool to manage mailing
lists from command line.
We will show you how to integrate both mlmmj and mlmmjadmin in this tutorial.
Backup LDAP data first
Before you do any changes, please backup existing LDAP data first.
- For OpenLDAP, please run command
bash /var/vmail/backup/backup_openldap.sh
to backup. - For OpenBSD ldapd, please run command
bash /var/vmail/backup/backup_ldapd.sh
to backup.
Create required system account
mlmmj will be ran as user mlmmj
and group mlmmj
, all mailing list data will
be stored under its home directory /var/vmail/mlmmj
:
On Linux or OpenBSD:
groupadd mlmmj
useradd -m -d /var/vmail/mlmmj -s /sbin/nologin mlmmj
chown -R mlmmj:mlmmj /var/vmail/mlmmj
chmod -R 0700 /var/vmail/mlmmj
On FreeBSD:
pw groupadd mlmmj
pw useradd -m -g mlmmj -s /sbin/nologin -d /var/vmail/mlmmj mlmmj
chown -R mlmmj:mlmmj /var/vmail/mlmmj
chmod -R 0700 /var/vmail/mlmmj
Postfix integration
- Please add lines below in Postfix config file
/etc/postfix/master.cf
:
!!! attention
* Command `/usr/bin/mlmmj-amime-receive` doesn't exist yet, we will create it
later.
* On FreeBSD and OpenBSD, it should be `/usr/local/usr/bin/mlmmj-amime-receive` instead.
# ${nexthop} is '%d/%u' in transport ('mlmmj:%d/%u')
mlmmj unix - n n - - pipe
flags=ORhu user=mlmmj argv=/usr/bin/mlmmj-amime-receive -L /var/vmail/mlmmj/${nexthop}
- Open file
/etc/postfix/ldap/virtual_group_maps.cf
, replace thequery_filter
line by below one. It will query old mailing list and new mlmmj mailing list.
query_filter = (&(accountStatus=active)(!(domainStatus=disabled))(enabledService=mail)(enabledService=deliver)(|(&(objectClass=mailUser)(|(memberOfGroup=%s)(shadowAddress=%s)))(&(memberOfGroup=%s)(!(shadowAddress=%s))(|(objectClass=mailExternalUser)(&(objectClass=mailList)(!(enabledService=mlmmj)))(objectClass=mailAlias)))(&(objectClass=mailList)(enabledService=mlmmj)(|(mail=%s)(shadowAddress=%s)))))
- Open file
/etc/postfix/ldap/transport_maps_user.cf
, replace thequery_filter
line by below one. It will query both mail user and mlmmj mailing list.
query_filter = (&(|(objectClass=mailUser)(&(objectClass=mailList)(enabledService=mlmmj)))(|(mail=%s)(shadowAddress=%s))(accountStatus=active)(!(domainStatus=disabled))(enabledService=mail))
- Run commands below to create file
/usr/bin/mlmmj-amime-receive
(Linux) or/usr/local/bin/mlmmj-amime-receive
(Linux/FreeBSD):
On Linux:
cd /usr/bin/
wget https://bitbucket.org/zhb/iredmail/raw/default/iRedMail/samples/mlmmj/mlmmj-amime-receive
chown mlmmj:mlmmj mlmj-amime-receive
chmod 0550 mlmmj-amime-receive
perl -pi -e 's#PH_CMD_MLMMJ_RECEIVE#/usr/bin/mlmmj-receive#g' mlmmj-amime-receive
perl -pi -e 's#PH_CMD_ALTERMIME#/usr/bin/altermime#g' mlmmj-amime-receive
On FreeBSD or OpenBSD:
cd /usr/local/bin/
wget https://bitbucket.org/zhb/iredmail/raw/default/iRedMail/samples/mlmmj/mlmmj-amime-receive
chown mlmmj:mlmmj mlmj-amime-receive
chmod 0550 mlmmj-amime-receive
perl -pi -e 's#PH_CMD_MLMMJ_RECEIVE#/usr/local/bin/mlmmj-receive#g' mlmmj-amime-receive
perl -pi -e 's#PH_CMD_ALTERMIME#/usr/local/bin/altermime#g' mlmmj-amime-receive
Amavisd Integration
We need Amavisd to listen on one more port 10027
, it will be used to scan
spam/virus for emails posted to mailing list.
- Please open Amavisd config file, find parameter
$inet_socket_port
, add new port number10027
in the list, like below:- On RHEL/CentOS, it's
/etc/amavisd/amavisd.conf
. - On Debian/Ubuntu, it's
/etc/amavis/conf.d/50-user
. - On OpenBSD, it's
/etc/amavisd.conf
. - On FreeBSD, it's
/usr/local/etc/amavisd.conf
.
- On RHEL/CentOS, it's
$inet_socket_port = [10024, 10026, 10027, 9998];
-
Add lines below in Amavisd config file. It creates a new policy bank called
MLMMJ
for emails submitted by mlmmj from port 10027.Note: This policy bank doesn't perform spam/virus/banned/bad-header checks because emails sent to mailing list will be scanned either on port 10024 (incoming email from external senders) or 10026 (outgoing email sent by smtp authenticated users).
$interface_policy{'10027'} = 'MLMMJ';
$policy_bank{'MLMMJ'} = {
originating => 1, # declare that mail was submitted by our smtp client
allow_disclaimers => 0, # mailing list should use footer text instead.
enable_dkim_signing => 1, # sign DKIm signature
smtpd_discard_ehlo_keywords => ['8BITMIME'],
terminate_dsn_on_notify_success => 0, # don't remove NOTIFY=SUCCESS option
bypass_spam_checks_maps => [1], # don't check spam
bypass_virus_checks_maps => [1], # don't check virus
bypass_banned_checks_maps => [1], # don't check banned file names and types
bypass_header_checks_maps => [1], # don't check bad header
};
Now restart Amavisd and Postfix servivce, mlmmj mailing list manager is now
fully integrated. We will setup mlmmjadmin
to make managing mailing lists easier.
Setup mlmmjadmin: a RESTful API server used to manage mlmmj mailing lists
- Download the latest mlmmjadmin release: https://github.com/iredmail/mlmmjadmin/releases,
upload to iRedMail server. We assume it's uploaded to
/root/
directory.
!!! attention
NOTE: We use `mlmmjadmin-1.0` for example below.
- Extract downloaded mlmmjadmin package to
/opt/
directory, and create a symbol link:
tar xjf /root/mlmmjadmin-1.0.tar.bz2 -C /opt
ln -s /opt/mlmmjadmin-1.0 /opt/mlmmjadmin
- Generate config file by copying sample file,
settings.py.sample
:
cd /opt/mlmmjadmin
cp settings.py.sample settings.py
chown mlmmj:mlmmj settings.py
chmod 0400 settings.py
- Generate a random, long string as API auth token, it will be used by your API client. For example:
$ echo $RANDOM | md5sum
43a89b7aa34354089e629ed9f9be0b3b
- Add this string in
/opt/mlmmjadmin/settings.py
, parameterapi_auth_tokens
like below:
api_auth_tokens = ['43a89b7aa34354089e629ed9f9be0b3b']
You can add as many token as you want for different API clients. For example:
api_auth_tokens = ['43a89b7aa34354089e629ed9f9be0b3b', '703ed37b20243d7c51c56ce6cd90e94c']
- if you manage mail accounts WITH iRedAdmin-Pro, please set values of
parameters
backend_api
andbackend_cli
in/opt/mlmmjadmin/settings.py
like below:
backend_api = 'bk_none'
backend_cli = 'bk_iredmail_ldap'
- if you do NOT manage mail accounts with iRedAdmin-Pro, please set values
of parameters
backend_api
andbackend_cli
in/opt/mlmmjadmin/settings.py
like below:
backend_api = 'bk_iredmail_ldap'
backend_cli = 'bk_iredmail_ldap'
- Add extra required parameters in
/opt/mlmmjadmin/settings.py
, so that mlmmjadmin can manage mailing lists stored in LDAP server.
!!! attention
* You can find LDAP URI, basedn, bind_dn, bind_password in iRedAdmin
config file.
* LDAP bind dn must have read and write privilege to access LDAP server.
iredmail_ldap_uri = 'ldap://127.0.0.1'
iredmail_ldap_basedn = 'o=domains,dc=XXX,dc=XXX'
iredmail_ldap_bind_dn = 'cn=vmailadmin,dc=XXX,dc=XXX'
iredmail_ldap_bind_password = 'xxxxxxxx'
- Copy rc/systemd scripts for service control:
#
# For RHEL/CentOS
#
cp /opt/mlmmjadmin/rc_scripts/systemd/rhel.service /lib/systemd/system/mlmmjadmin.service
chmod 0644 /lib/systemd/system/mlmmjadmin.service
systemctl daemon-reload
systemctl enable mlmmjadmin
#
# For Debian 9 and Ubuntu 16.04 which uses systemd
#
cp /opt/mlmmjadmin/rc_scripts/systemd/debian.service /lib/systemd/system/mlmmjadmin.service
chmod 0644 /lib/systemd/system/mlmmjadmin.service
systemctl daemon-reload
systemctl enable mlmmjadmin
#
# For FreeBSD
#
cp /opt/mlmmjadmin/rc_scripts/mlmmjadmin.freebsd /usr/local/etc/rc.d/mlmmjadmin
chmod 0755 /usr/local/etc/rc.d/mlmmjadmin
echo 'mlmmjadmin_enable=YES' >> /etc/rc.conf.local
#
# For OpenBSD
#
cp /opt/mlmmjadmin/rc_scripts/mlmmjadmin.openbsd /etc/rc.d/mlmmjadmin
chmod 0755 /etc/rc.d/mlmmjadmin
rcctl enable mlmmjadmin
- Create directory used to store mlmmjadmin log file. mlmmjadmin is configured to log to syslog directly.
#
# For RHEL/CentOS
#
mkdir /var/log/mlmmjadmin
chown root:root /var/log/mlmmjadmin
chmod 0755 /var/log/mlmmjadmin
#
# For Debian/Ubuntu
#
mkdir /var/log/mlmmjadmin
chown syslog:adm /var/log/mlmmjadmin
chmod 0755 /var/log/mlmmjadmin
#
# For OpenBSD/FreeBSD
#
mkdir /var/log/mlmmjadmin
chown root:wheel /var/log/mlmmjadmin
chmod 0755 /var/log/mlmmjadmin
- Update syslog daemon config file to log mlmmjadmin to dedicated log file:
For Linux
cp /opt/mlmmjadmin/samples/rsyslog/mlmmjadmin.conf /etc/rsyslog.d/
service rsyslog restart
For OpenBSD, please append below lines in /etc/syslog.conf
:
!!mlmmjadmin
local5.* /var/log/mlmmjadmin/mlmmjadmin.log
For FreeBSD, please append below lines in /etc/syslog.conf
:
!mlmmjadmin
local5.* /var/log/mlmmjadmin/mlmmjadmin.log
- Now it's ok to start
mlmmjadmin
service:
#
# On Linux/FreeBSD:
#
service mlmmjadmin restart
#
# On OpenBSD
#
rcctl start mlmmjadmin
References
- iRedMail: http://www.iredmail.org
- Mlmmj: http://mlmmj.org/
- Tunable parameters: http://mlmmj.org/docs/tunables/
- Postfix integration: http://mlmmj.org/docs/readme-postfix/
- mlmmjadmin: RESTful API server used to manage mlmmj mailing lists. Developed and maintained by iRedMail team. https://github.com/iredmail/mlmmjadmin