Core's REST API is versioned and any change that break backwards-compatibility
cause the version to bump so that clients can take care of that.
However, one question that I have been thinking about recently is how to handle
additions to REST API that don't necessarily break the backwards compatibility.
For example, Core added `max_message_size` attribute to MailingList's REST
endpoint, but it hasn't made into any released version yet. Also, Postorius
added max_message_size in `Message Acceptance` settings. The problem here is
that the entire PUT/PATCH request is going to fail if the currently running
version of Core doesn't have `max_message_size` attribute exposed (Unknown
There is no easy way to check for whether the Core has this attribute as API is
versioned at 3.1 for both cases.
So, how do we actually handle this and maybe future cases like this?
I am pleased to announce that Postorius 1.1.2 is released and is up on PyPI.
This release fixes a security bug that sets the password of a user in Core to
their display name. It is recommended that you upgrade to this version.
Postorius (Django) and Mailman Core both have different notion of "user" and
"password". When a user account in created in Postorius, it creates a user in
Core using the REST API. This bug, causes the password of user created in Core
to be set to their display name instead.
However, as of now, there are no use cases of the user password in Core and it
is present only for historical reasons. So, while this bug is a serious one, it
wouldn't result in any real-world exploit. Along with the bug-fix, this release
includes a new command that resets *all* user passwords in Core to a random
value. Again, there are no use cases of these passwords so resetting *all* of
them isn't going to cause any inconvenience to users.
This command should be run after the upgrade:
$ cd mailman-suite/mailman-suite_project/
$ python manage.py reset_passwords
Python 2.7 is the only supported Python version for this release. All versions
of Django <=1.11 is supported.
For more information about GNU Mailman and Postorius, please see our website:
The source code is available on Gitlab:
On Wed, Dec 13 2017, Gene Shuman wrote:
> Compensating for line lengths this way, just to satisfy a stylistic
> requirement, I personally believe would reduce the quality of the
I personally believe that the limitation of the line length would
*increase* the quality of the code.
(Please, no lines with 500 characters in a text file.)
On 12/15/2017 08:03 PM, Tobias Conradi wrote:
> 1) Is there a date for when Mailman Suite will switch to Python 3 only,
> so user are not required to install two Python versions?
AFAIK there are merge requests for all the parts, the only hold-up is
testing to make sure they actualy work. You can search for "Python 3" in
the gitlab issue trackers for more information.
> 2) Is there a date for a switch to Django 2?
Since Django 2 only supports Python3 support for it will most probably
be added by merging the Python3 branches. I haven't gone over all the
details, but I don't think there are any changes that still require
Replying back to the list :-)
> #virtualenv = /srv/django/mailman/env
> since you managed to install postorius and get it running, you either
> installed it systemwide which would work with it commented out, or you
> actually created a virtualenv in which case you should know where the
> location of that is. (virtualenv is preferred, you only use the system
> packages, if they are installes using your package manager and the
> application is too. Otherwise you will run into incompatibilties sooner
> or later.
> totally do not know about virtualenv, just follow the guide to install
> when runserver, it can visit by 192.168.1.96, when "ctrl+c",
> 192.168.1.96 not work.
virtualenv is a python concept, you should be able to find information
online about that.
It's about how and where you install python dependencies.
> > #socket = /run/uwsgi/mailman.sock
> This is the socket that is created for the webserver to connect to. I'm
> actually not sure what happens if you don't include that... I doubt
> uwsgi would actually start.
> installed uwsgi and it seems running, I run $ uwsgi, there is no error.
> but can't find /run/uwsgi/ directory, usually mailman.sock can be at
> which directory?
By convention sockets are placed in /run/ you can put them wherever you
> I tried with docker, here is its guide with 6 steps:
> $ mkdir -p /opt/mailman/core
> $ mkdir -p /opt/mailman/web
> $ git clone https://github.com/maxking/docker-mailman
> $ cd docker-mailman
> # Change some configuration variables as mentioned above.
> $ docker-compose up -d
> But about configuration in step 5, I can't
> find /opt/mailman/core/mailman-extra.cfg
> and /opt/mailman/web/settings_local.py, and can't find it in any
> directory from /home/lists/docker-mailman/.
> so do not know what to with it. is it to create these two files?
Yes, you have to manually create them. The idea is that there are
default settings and you would override them in additional files.
The default settings are found here
There are some settings that you have to overwrite, as mentioned in the
readme of https://github.com/maxking/docker-mailman
You do so, by specifing them in the respective files that you create in
/opt/mailman/ on your host machine.
You can search for the settings in the original files in the github repo
and then use the same syntax in your new files.
> OK, maybe it is realistic for me to wait for debian backport.
That will definelty mean less work for you, and you will have it running
directly on the machine managed by your package manager.
This will probably be easier with upgrades as well.
Hi, when I init uwsgi, I find a problem "importerror no module named django".
I install postorius following installation in http://postorius.readthedocs.io/en/latest/setup.html, and visit http://192.168.1.96:8001 it workes well after run: $ sudo python manage.py runserver 0.0.0.0:8001.
Do not know what is about development in the page: http://postorius.readthedocs.io/en/latest/development.html, so I pass it.
Then go to deployment in http://postorius.readthedocs.io/en/latest/deployment.html.
I creat file /home/lists/uwsgi.ini and put in it:
chdir = /home/lists/postorius/sample_project
#virtualenv = /srv/django/mailman/env
#socket = /run/uwsgi/mailman.sock
wsgi-file = wsgi.py
master = true
process = 4
threads = 2
vacuum = true
plugin = python2
uid = http
gid = http
$ uwsgi --ini /home/lists/uwsgi.ini
it gives the error "importerror, no module named django".
I think it is the problem of the below 2 line:
#virtualenv = /srv/django/mailman/env
#socket = /run/uwsgi/mailman.sock
but docs do not mention how to set about this 2 line, so I just comment out the 2 line.
I also tried with mailman-suite, also have the same problem.
can you help with me?
will you think to write a installing instruction with command to follow for people totally don't know django in future?
CI on Gitlab seems to be stuck. Somehow "docker-runner: using
maxking/mailman-ci-runner image." is not available.
Mark Sapiro <mark(a)msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan