Differenze tra le versioni 10 e 12 (in 2 versioni)

Mailman Configuration

Mailman

Download the mailman-2.1.39 tarball, uncompress it, then compile it and install it:

./configure --prefix=/usr/local/mailman --with-python=/usr/bin/python2.7  --with-mail-gid=nogroup
make
make install

Fix permissions with:

usr/local/mailman/bin/check_perms -f

/usr/local/mailman/bin/mailmanctl restart

Apache

Configure apache, use HTTPS through letsencrypt.

Postfix

pipe to opendkim and spamassassin.

Use apache letsencrypt certificates also for postfix.

DKIM

We use OpenDKIM

Generate a 2048 bits key

opendkim-genkey -b 2048 -d ml.ninux.org -D /etc/mail/dkim-keys/ml.ninux.org -s mail -v

/etc/opendkim.conf

Syslog                  yes
UMask                   002
Domain                  ml.ninux.org
KeyFile                 /etc/mail/dkim-keys/ml.ninux.org/mail.private
Selector                mail
Socket                  inet:8892@localhost
OversignHeaders         From

The DNS entry to be added to bind is in /etc/mail/dkim-keys/ml.ninux.org/mail.txt

DNS entries in bind for SPF, DMARC and DKIM

$ORIGIN ninux.org.
_dmarc                  TXT     "v=DMARC1\; p=none\; sp=none\; adkim=r\; aspf=r\; rua=mailto:nino@ninux.org\; ruf=mailto:nino@ninux.org\; fo=1\;"
mail._domainkey         TXT     "v=DKIM1\; h=sha256\; k=rsa\; " "p=MIIBI...NeyP" "a...B"
ml                      A       176.111.173.140
                        MX      10 ml
                        TXT     "v=spf1 ip4:176.111.173.140 -all"
                        SPF     "v=spf1 ip4:176.111.173.140 -all"

$ORIGIN ml.ninux.org.
_dmarc                  TXT     "v=DMARC1\; p=none\; sp=none\; adkim=r\; aspf=r\; rua=mailto:nino@ninux.org\; ruf=mailto:nino@ninux.org\; fo=1\;"
mail._domainkey         TXT     "v=DKIM1\; h=sha256\; k=rsa\; " "p=MIIBI...NeyP" "a...B"

Verify with dig, e.g.

$ dig +short @1.1.1.1 mail._domainkey.ml.ninux.org TXT
"v=DKIM1; h=sha256; k=rsa; " "p=MIIBI...NeyP" "a...B"

$ dig +short @1.1.1.1 mail._domainkey.ninux.org TXT
"v=DKIM1; h=sha256; k=rsa; " "p=MIIBI...NeyP" "a...B"

-  ⇤ ← Versione 10 del 2025-02-12 22:20:01 → 
  Dimensione: 2238
  Autore: ClauzClauz
  Commento:
+   ← Versione 12 del 2025-02-12 22:23:20 → ⇥
  Dimensione: 2178
  Autore: ClauzClauz
  Commento:
-Le cancellazioni sono segnalate in questo modo.
+Le aggiunte sono segnalate in questo modo.
 Linea 23:
+Configure apache, use HTTPS through letsencrypt.
-Linea 25:
+Linea 26:
-pipe to opendkim
letsencrypt
+pipe to opendkim and spamassassin.
 Linea 28:
-== Postfix to mailman py ==

== Postfix antispam ==
+Use apache letsencrypt certificates also for postfix.
-Linea 51:
+Linea 49:
+The DNS entry to be added to bind is in /etc/mail/dkim-keys/ml.ninux.org/mail.txt
-Linea 53:
+Linea 52:
-Please note that key sections are here shortened with "...", but you should use the integral version of your keys. These might need to be split due to length constraints.
-Linea 80:
+Linea 77:
-== Spamassassin ==