[Pkg-mailman-hackers] Bug#520040: mailman: postfix-to-mailman.py: use relay_recipient_maps to avoid backscatter mail

Tanguy Ortolo tanguy+debian at ortolo.eu
Tue Mar 17 00:01:04 UTC 2009 

Package: mailman
Version: 1:2.1.11-11
Severity: wishlist
Tags: patch

Hello,

I think the most beautiful way to use Mailman with Postfix is to dedicate it a
domain, and to use the specific transport to relay mail to it. But… as Postfix
does not know the valid addresses, messages to invalid recipients are treated
with bounces, that result in backscatter mail.

I found a way to avoid such bounces, and rather make Postfix refuse the invalid
messages during the client SMTP connexion. Indeed, for alias-based
configurations, Mailman is able to generate an Postfix-style alias table. With
the dedicated transport, we do not need this table, but… it can be used as a
relay recipient map, to make Postfix know wich addresses are valid for the
relayed domain!

So, here is a small patch for postfix-to-mailman.py, that modifies the
integration instructions. Hope it may be useful.

Regards,

-- 
Tanguy Ortolo

-- System Information:
Debian Release: 5.0
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'testing'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-1-686 (SMP w/1 CPU core)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
-------------- next part --------------
--- postfix-to-mailman.py.old	2009-03-17 00:35:33.000000000 +0100
+++ postfix-to-mailman.py	2009-03-17 00:47:57.000000000 +0100
@@ -45,6 +45,7 @@
 #
 # /etc/postfix/main.cf:
 #    relay_domains = ... lists.example.com
+#    relay_recipient_maps = ... hash:/var/lib/mailman/data/virtual-mailman
 #    transport_maps = hash:/etc/postfix/transport
 #    mailman_destination_recipient_limit = 1
 #
@@ -57,7 +58,8 @@
 #   lists.example.com   mailman:
 #
 # /etc/mailman/mm_cfg.py
-#    MTA = None # No MTA alias processing required
+#    MTA = Postfix # So that mailman generates the recipients table
+#    POSTFIX_STYLE_VIRTUAL_DOMAINS = ['lists.example.com']
 #    # alias for postmaster, abuse and mailer-daemon
 #    DEB_LISTMASTER = 'postmaster at example.com'
 #
@@ -67,10 +69,13 @@
 # here. Typically a virtual domain lists.domain.com is used for
 # Mailman, and domain.com for regular email.
 #
-# With the sheer amount of spam using faked addresses it seems more
-# appropriate to me to just reject non-existing addresses.  The old
-# behavior sending a helpful bounce message is still configurable
-# by defining DEB_HELP_TEXT in mm_cfg.
+# The recipient map allows Postfix to know which addresses exists.
+# Thus, if someone tries to send a (spam?) message to an undefined
+# address in the domain connected to Mailman, Postfix will just refuse
+# it instead of sending a (backscatter?) bounce.
+#
+# When you are done, restart Postfix, and run /usr/lib/mailman/bin/genaliases
+# to generate the initial recipient map for the existing mailing-lists.
 
 # Exit codes accepted by postfix
 #  from postfix-2.0.16/src/global/sys_exits.h

More information about the Pkg-mailman-hackers mailing list