I made some mistake I think.
I installed mailman on Ubuntu 12.04 by Aptitude and copied an older version over it because I wanted to keep mailing lists from another server.
After this mailman didn't start anymore but in aptitude I couldn't uninstall it neither.
Now I hope that I can uninstall it by deleting the two mailman folders and the config in /etc/mailman -
is this the right way?
I am at a point that I prefer to create new the only needed mailing list (about 30 addresses only and the archive is not important) rather than spending hours with error seeking without result.
If only I get it fresh installed...
Help appreciated :)
to suscribe to the mailing list i send the mail to list-request(a)lkx.com
Then i get the mail with confirmation string , then i just reply to
received mail with confirmation string in the subject line..
As a replay i get the mail like this  , But other mailing list in the
same mailman gives the "Welcome to mailing list message"
any idea what i suppose to do to fix the problem.
The results of your email command are provided below. Attached is your
On 5/22/12, list-request(a)lkx.com<h/1oyhbgn9reewd/?&v=b&cs=wh&to=commits-request(a)wso2.org>
> Mailing list subscription confirmation notice for mailing list Commits
> We have received a request from
> of your email address,
to the list(a)lkx.com <h/1oyhbgn9reewd/?&v=b&cs=wh&to=commits(a)wso2.org>
> mailing list. To confirm that you want to be added to this mailing
> list, simply reply to this message, keeping the Subject: header
> Or include the following line -- and only the following line -- in a
> message to
> confirm 96d4463b2042555066a1d6632b6848adad7b9278
> Note that simply sending a `reply' to this message should work from
> most mail readers, since that usually leaves the Subject: line in the
> right form (additional "Re:" text in the Subject: is okay).
> If you do not wish to be subscribed to this list, please simply
> disregard this message. If you think you are being maliciously
> subscribed to the list, or have any other questions, send them to
I'm looking for a way to prevent the Mailman Admin login from getting bruted. I was thinking that I can set fail2ban to watch the logfiles and trigger an event after a certain number of failed logins from the same IP address, within a specified time period.
I've had a look through the Mailman log files and can't see that Mailman writes anywhere for failed login attempts (to the Admin page).
It seems that the best that can be done at the moment is to guess it from the POST entries in the Apache logs.
Even there, a failed login just reloads the page and generates an Apache '200' (Okay) entry for the request.
All I can think of at the moment is to hack the Mailman code so a failed login attempt sends the user to a new page rather than just reload the page.
We could then tell fail2ban to watch the Apache access logs for records of those requests and trigger events off those.
But that seems a bit untidy, and very 'unMailman' like.
Does anyone have a suggestion for logging the time and IP address of failed login attempts?
IMPORTANT: This message, and any attachments to it, contains information
that is confidential and may also be the subject of legal professional or
other privilege. If you are not the intended recipient of this message, you
must not review, copy, disseminate or disclose its contents to any other
party or take action in reliance of any material contained within it. If you
have received this message in error, please notify the sender immediately by
return email informing them of the mistake and delete all copies of the
message from your computer system.
I've got a 2.1.14 Mailman that I'm setting up for a computer-unsavvy group
of people, and would like to remove a good deal of options available in the
list admin page, setting a default value. From what I understand, this and
similair pages are automatically generated by modules in /Mailman/Cgi, but
so far I haven't found where this is generated. I don't mind getting dirty
in python, but I would like some understanding of it before I jump in.
thx for advice,
I recently sent an invite to an unknown third party. The invite came
from my mailman list, we gave full particulars of who and where we are.
We specifically advise that they are not at this stage subscribed to
anything and will have to follow the detailed instructions (ie confirm)
if they want to join the list. The third party is in the same trade as
us, and deals with the same specialities, a third party customer had
given me their address in good faith.
This week my ISP contacts me with an upstream request from the national
backbone provider to in effect desist from sending spam.
Looking at the email returned, it was to an @yahoo address, spamcop
seems to have detected spam on the basis of it being a mailman message,
I am not certain that it was not initiated by the recipient but the
official complaint originated from yahoo it seems (who should surely
Subject: [18.104.22.168] Yahoo Abuse Report - FW:confirm
As I said in my reply, this is hardly spam, I did not send it out to
half a million addresses purchased on a cd. This makes a mockery of
genuine spam prevention efforts when one email from a genuine address
can be allowed to cause this. It
I don't want to make a mountain out of a molehill, but what can I do
about this. Is this a common occurence? Are invites from mailman now
considered fair game for spam detection software and humans alike?
So my mailing lists are getting hit by spam that goes to the lists
since it claims to be from some poor subscriber whose email got
hijacked. But to be more general, what are some of the current
best practices to filter out spam in a postfix mailman environment
Following comments on this list over the last few days I thought I would try out Mailman/Htdig integration on my setup. I tried this on a sandbox VM I have here and everything seemed to go well, I did have to change some of the values for the URLs etc as I don't use the /mailman path in the URLs. Everything worked in test so I pushed the changes out to the production system.
I did the following to enable:
Set the Htdig integration to enabled in mm_cfg.py
Run the arch command on the lists to generate the relevant pages with the search links at the top.
Run the nightly_htdig script to generate the search indexes.
Everything works fine, but if someone posts to a list it appears that the archive page gets re-generated without the search box at the top. I feel I have missed something blindingly obvious and I am going to kick myself when I find out what it is but at the moment I am still searching!
Here is the relevant part of mm_cfg.py:
USE_HTDIG = 1
HTDIG_FILES_URL = '/htdigimages/'
HTDIG_HTSEARCH_PATH = '/usr/lib/cgi-bin/htsearch'
HTDIG_RUNDIG_PATH = '/usr/bin/rundig'
Any suggestions greatfully received.