[Mailman-Developers] Creation/deletion of lists through-the-web

Thomas Wouters thomas@xs4all.net
Wed, 9 May 2001 13:53:47 +0200

On Wed, May 09, 2001 at 01:45:36AM -0400, Barry A. Warsaw wrote:

> The create page requires you to enter the name of your list, the email
> address of the initial list owner, the initial list password (with
> confirmation), and the list creator's password.  There is then a
> "Create" button to submit the form.

What about a 'send list creation message' ? And a 'auto-generate password'
button ? In my eyes, typically, the person creating the list won't be the
list owner him/herself, so those things make sense to me. And what
about the domain the list should be created on ? 

> Deleting a list is done from the list's admin page.  There is now
> another link under "Other Administrative Activities" that says "Delete
> this list (requires confirmation)".  Click on that and you're brought
> to a page for confirmation of the list deletion operation.  You have a
> radio button to choose whether the archives should be deleted or not
> (the default is not), and you're prompted for the list admin
> password[2].  There's a link to cancel the deletion and return to the
> list's admin page, and a button to actually do the list deletion.

Why not have the 'delete a list' option be on the list creation page
as well (make it the 'site administration page' or something.) Again,
this won't make sense everywhere, but I'd *love* to be able to give
our Sales dept. the list creator password to have them create and
destroy lists, without giving them the site password.

> Here's how I solved it for Postfix; this is outlined in a new

You'll want to add checks for the permissios of this file to
bin/check_perms, just to be sure. If not run as root, it can't fix it
automatically, but it can whine incessantly.

> There's one last bit of glue, and here's where you come in (I'm
> speaking to the one of you who is still reading this. :).

Hi, Barry ! =)

> There's a new variable in Defaults.py.in called MTA which must point
> to a module in the Mailman/MTA directory.  This implements the
> MTA-specific operations needed when creating or deleting a list. 
> The API is that this module should provide two functions: create()
> and remove() both of which take a MailList object.  They should do
> whatever is necessary to inform the MTA that it's alias database has
> changed.  For Postfix it's really not a lot of code[3].

> For Exim, I predict "MTA = None" in mm_cfg.py will Do The Right Thing,
> since nothing special has to be done.  I've no idea at this time what
> Sendmail, Qmail, or any other MTA will require, and I'm hoping those
> of you who use those mailers will be able to donate a module.

Sendmail can work in the same way as Postfix, I believe. I'm not sure
if you can tell it to use more than one aliases.db file, but if it
can, the only difference is the permissions with which the commands
are executed. As far as I know, Sendmail also uses dbhash (hash or
btree, depending on how you make them) so no problem there.

There's another dimension to it, though. At XS4ALL we use a central
database (currently MySQL, soon to be PostgresSQL) for all email
aliases, and the list creation mechanism should insert the appropriate
aliases into that as well as into the local database -- and they have
to differ slightly. (local alias is, say, 'list@listXX.xs4all.nl',
where XX is a growing number, but the global alias should be either
list@xs4all.nl or list@domain.com, pointing to list@listXX.xs4all.nl).
I could do this fairly easily by adapting the Sendmail (or Postfix)
MTA module and placing it in the MTA directory under a different name.

> [3] There's one caveat: because I don't want to have to include a
> setuid-root script, the Postfix.py module doesn't call `postfix
> reload'.  This command has to be done as root.  The tradeoff is that
> Postfix will take about a minute to recognize its alias database has
> changed.  To me that's an acceptable limitation.

A minute ? Heh. I doubt that's ever going to be a problem, most humans
take a minute to read the resulting webpage, let alone that they
compose and send a message inside that minute.

Thomas Wouters <thomas@xs4all.net>

Hi! I'm a .signature virus! copy me into your .signature file to help me spread!