‘OSS’ Archive

Mailing list (Postfix + FML) – Installation guide


Introduction – What is FML:

Fml, a Mailing list server (manager), is a filtering process. It does not need to
handle delivery process. MTA receives mail, kicks off fml and
injects the mail to fml. fml checks, adjusts the mail header and body,
and distribute the mailing list article to mailing list members by passing it to MTA for
delivery.

How it works:

<A host> <ML Server Host>
mail from a member
|
V kick off fml
MTA (e.g. sendmail) ——————>
                                    fml <ML server (ML driver)>
MTA (e.g. sendmail) <—————–
(distribution)
| | |
V V V
members of the Mailing List

Please refer to www.fml.org for more information.

I. Part I: Installation

1. Setup OS:

- Setup Red Hat Enterprise Linux Server release 5.3 OS with full packages. (We will disable/uninstall unnecessary service/packages later).

- Disable Firewall/SELinux

1. Configure MTA (Postfix)

- This is built-in package which has been installed by default. So, we don’t need to install, just configure some settings.

- To prevent any unexpected error we should disable and stop sendmail service.

- Stop and disable sendmail service

[root@rvc-mlsrv ~]# chkconfig sendmail off

[root@rvc-mlsrv ~]# service sendmail stop

- After disable sendmail service, next step is start and enable postfix.

- Enable and start postfix

[root@rvc-mlsrv ~]# chkconfig postfix on

[root@rvc-mlsrv ~]# service postfix start

- Configure postfix

[root@rvc-mlsrv ~]# cd /etc/postfix

[root@rvc-mlsrv ~]# vi main.cf

- Modify these values in main.cf:

myhostname = your_server_name

mydomain = rvc.ml

myorigin = $mydomain

inet_interfaces = all

mydestination = $myhostname, $mydomain, your_domain_name.sth

local_recipient_maps = mynetworks_style = subnet

mynetworks = xxx.xxx.xxx.xxx/xx

relay_domains = $mydestination, your_domain_name.sth

relayhost = rvc-hts.rvc.renesas.com

transport_maps = hash:/etc/postfix/transport

- Next step is setup a connector with mail server. To do this, edit this file

[root@rvc-mlsrv ~]# vi /etc/postfix/transport

- And input this row:

your_domain_name smtp:your_server_name:25

- Save this file and exit vim

- Run these commands for making a transport database file and reload postfix service:

[root@rvc-mlsrv ~]# postmap /etc/postfix/transport

[root@rvc-mlsrv ~]# reload postfix service

[root@rvc-mlsrv ~]# postfix reload

- Send test email to rvc domain

[root@rvc-mlsrv ~]# mail abc@your_domain_name.sth &lt; mailtext

1. Install fml

- Unpack the package:

[root@rvc-mlsrv ~]# tar xvzf fml-xxx-xxx-xxx.tar.gz

[root@rvc-mlsrv ~]# cd fml-xxx-xxx-xxx

- Create user and group

[root@rvc-mlsrv ~]# groupadd fml

[root@rvc-mlsrv ~]# useradd -g fml fml

- Create working folders and owner

[root@rvc-mlsrv ~]# mkdir /usr/local/fml /var/spool/ml

[root@rvc-mlsrv ~]# chown fml:fml /usr/local/fml /var/spool/ml

- Install fml

[root@rvc-mlsrv ~]# perl makefml install

- Queries from installer

Personal Use or ML-Admin-Group-Shared or fmlserv you use?

Personal, Group, Fmlserv (personal/group/fmlserv) [personal ]

DOMAIN NAME [fml.org]

FQDN [beth.fml.org]

EXEC FILES DIRECTORY [/usr/local/fml]

TOP LEVEL ML DIRECTORY [/var/spool/ml]

Language (Japanese or English) [Japanese]

TimeZone (TZ: e.g. +0900, -0300) [+0900]

- The value in [] is the default. If you just "ENTER"(Carriage Return), the value in the [] is used. These questions are as follows:

[text]Personal Use or ML-Admin-Group-Shared or fmlserv you use?

Personal, Group, Fmlserv (personal/group/fmlserv) [personal]

Please define the group (in /etc/group) ML Operators use

Group of Mailing List Operators (fml or GID ([\w\d]+)) [fml]

DOMAIN NAME [fml.org] your.domain.name

- Domain Name. The part after "@" of the Mailing List Address. If you use FQDN as e.g. the mailing list address, please input FQDN as "DOMAIN NAME". It is a fake :)  but works well.

FQDN [beth.fml.org] your.FQDN.name

- Fully Qualified Domain Name of the machine you install on

EXEC FILES DIRECTORY [/usr/local/fml]

- Where you install executable files of the fml system?

For example, the locations defined by values above are

/usr/local/fml/fml.pl (main executable file)

/usr/local/fml/doc/ (document directory)

TOP LEVEL ML DIRECTORY [/var/spool/ml]

LANGUAGE [Japanese] English

- When you make a new ml by “makefml newml”, this setting determines the language of documents for the mailing list.

- By default, If the target machine to install matches “*.jp”, “Japanese”. If not, “English”. If you would like to change, please select “Japanese” or “English”.

TimeZone (TZ: e.g. +0900, -0300) [+0900] +0700

1. Configure postfix to work with fml

[root@rvc-mlsrv ~]# vi /etc/postfix/main.cf

- Input or change the following parameters:

alias_maps = hash:/etc/aliases, hash:/var/spool/ml/etc/aliases

allow_mail_to_commands = alias, forward, include

smtpd_recipient_limit = 1000

1. Setup web interface:

- Enable and start apache/httpd

[root@rvc-mlsrv ~]# chkconfig httpd on

[root@rvc-mlsrv ~]# service httpd start

- Configure Apache/Httpd

[root@rvc-mlsrv ~]# vi /etc/httpd/conf/httpd.conf

- Input these parameters:

ScriptAlias /ml-admin/ "/usr/local/fml/www/share/cgibin/fml/admin/"

AddHandler cgi-script .cgi

- Restart Apache/Httpd

[root@rvc-mlsrv ~]# service httpd restart

- Test web setting

Open web browser and type in this address for testing:

http://xxx.xxx.xxx.xxx/ml-admin/menu.cgi

where xxx.xxx.xxx.xxx is the ip address of mailing list server.

1. Web access authorization

- This part will show how to authorized web-access user with Windows AD. Only authorized user in RVC domain can access admin page.

- For authorization, we will use ldap_module. You can check whether this module was load or not in httpd.conf file and find this row:

LoadModule authnz_ldap_module modules/mod_authnz_ldap.so

LoadModule ldap_module modules/mod_ldap.so

- Edit httpd.conf file

[root@rvc-mlsrv ~]# vi /etc/httpd/conf/httpd.conf

- Create an alias to the location that contains admin page, for example:

ScriptAlias /ml-client/rvc-test/ "/usr/local/fml/www/share/cgi-bin/fml/ml-admin/rvc-test/"

- In this example, the full path to “rvc-eda” admin page will be aliased to

/ml-client/rvc-test/

- After creating alias, next we will set permission on web folder

<Directory "/usr/local/fml/www/share/cgi-bin/fml/ml-admin/rvc-test/">

AuthType Basic

AuthBasicProvider ldap

AuthzLDAPAuthoritative on

AuthName "Only mailing list owner can access this page"

AuthLDAPUrl ldap://your_ldap_server_name:3268/DC=a,DC=b,DC=c?sAMAccountName?sub?(objectClass=*)

AuthLDAPBindDN "CN=Account name,OU=x,OU=y,DC=a,DC=b,DC=c"

AuthLDAPBindPassword xxxx

AuthLDAPGroupAttributeIsDN on

require ldap-user taivo

<Directory "/usr/local/fml/www/share/cgi-bin/fml/ml-admin/rvc-test/">

AuthType Basic

AuthBasicProvider ldap

AuthzLDAPAuthoritative on

AuthName "Only mailing list owner can access this page"

AuthLDAPUrl ldap://your_ldap_server_name:3268/DC=a,DC=b,DC=c?sAMAccountName?sub?(objectClass=*)

AuthLDAPBindDN "CN=Account name,OU=x,OU=y,DC=a,DC=b,DC=c"

AuthLDAPBindPassword xxxx

AuthLDAPGroupAttributeIsDN on

require ldap-user taivo

</Directory>

- For testing, please access to http://xxx.xxx.xxx.xxx/ml-client/rvc-eda/menu.cgi and login with your username and password. In this example, only taivo can access to this page.

II. Part II: Troubleshooting

- Error:

Relay access denied; from=&lt;&gt; to=&lt;root@localhost.localdomain&gt; proto=ESMTP helo=&lt;localhost.localdomain&gt;

- Solution:

Please double check that “local_recipient_maps =” was uncomment in main.cf file.

- Error:

host xxx [xxx.xxx.xxx.xxx] said: 530 5.7.1 Client was not authenticated (in reply to MAIL FROM command)

- Solution:

Please check exchange server setting.

Date: May 11, 2009
Comments: No Comments
Filed under OSS
Tags: , , , ,