Re: [Mailman-Users] Adding massive subscribers

2004-09-28 Thread ddewey 
Quoting Arlequ?n ([EMAIL PROTECTED]):

> Hello, there.
> 
> I am using a MailMan system instaled at by the hosting company which 
> offers us the possibily to have mail lists.
> 
> I have to deliver a little report in a month basis and have 1200+ 
> addresses to add.
> 
> I have a file (Unix CR+LF format) in my Linux box and before adding it 
> using the MailMan List Administrator web front-end I want to know in 
> wich format the file must be.
> 
> Comma-separated values, one address by line?
> CR-LF Unix or MS-Windows format...?

I just added 1,000 subscribers to my first mailman list over the weekend
using a Majordomo subscription list, which was a linux-formatted file with
one email address per line.  I used Firefox on Windows to do it after
scp'ing the file down from the linux box.

[EMAIL PROTECTED]
[EMAIL PROTECTED] 
etc.

Worked perfectly.  Just be sure you have the notification provisions the way
you want them, you may not want 1200 people getting a Welcome message for
instance.

dave
--
Mailman-Users mailing list
[EMAIL PROTECTED]
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/

Re: [Mailman-Users] Mailman Hosting

2016-12-21 Thread ddewey 
Quoting Adam McGreggor (adam-mail...@amyl.org.uk):

> On Wed, Dec 21, 2016 at 07:11:16PM +0300, Odhiambo Washington wrote:
> > one of their co-lo facilities in the US closed down and they had to move to
> > another co-lo. This obviously involved migration of servers/ change of IP
> > addresses and this has not gone well for one of my mailing lists which has
> 
> An influx of mail from a new host, rather than a increase over time probably
> didn't/doesn't help either.
> 
> (I've not seen any feature in Mailman that does
> limiting based on destination, and wouldn't expect that to be a feature of
> Mailman 2; I might even advocate it should not be a feature in MM3, either.)

You can do this in the MTA, postfix for example. Doesn't need to be in
mailman. I have ridculously low rate limits for a couple of providers
(hello Time-Warner).
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Searchable archive for mailman mailing-lists?

2017-01-19 Thread ddewey 
Quoting Mark Sapiro (m...@msapiro.net):

> On 01/16/2017 11:21 PM, Fernando Gont wrote:
> > 
> > I was meaning to provide some option for searching our mailman mailing
> > lists.
> 
> 
> For Mailman 2.1 see .
> 
> The HyperKitty archiver for Mailman 3 has search capability built in.

I've had good luck over the years with the MHonarc project:
https://www.mhonarc.org/

Converts emails to html and integrates Namazu for search. 
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Brute force attacks on mailman web ui

2018-04-19 Thread ddewey 
Quoting Rich Kulawiec (r...@gsp.org):

> On Mon, Apr 16, 2018 at 09:08:43AM +0200, mailman-admin wrote:
> > Brute Force attempts can only be mitigated by e.g. fail2ban.
> 
> Nope.  There are other ways.
> 
> Brute force attacks can be pre-emptively blocked by nearly everyone
> operating a Mailman instance.  (I say "nearly" for specific reasons
> that will become clear below.)

Great writeup. This is exactly how I've had my firewall configured for
some time, with the drop/edrop and country block lists. I monitor for
breakin attempts and add country blocks as needed... it's interesting
that this seems to be somewhat cyclical in my experience, in that one
month 80% of my brute force attacks are from Turkey, then the next
month it shifts to Brazil (as examples, but I have both of these
countries blocked now).
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

[Mailman-Users] Re: looking for just one command...

2020-06-01 Thread ddewey 


If you still have access to the source directory used to build the previous
install, the compile command is in the file config.log... in my case 
./configure --with-cgi-gid=apache

Quoting Jeffrey Westgate (jeffrey.westg...@arkansas.gov):

> I am running v2.1.20, looking to upgrade to 2.1.32 (or 33), but the upgrade 
> path seems to me to want the same options used in the previous install.  I 
> didn't do the previous install, so the one command I'm looking for is --
> 
> the one command that will tell me what options were used in the previous 
> install.
> 
> is there a command that will return the compile options of the previous 
> install?
> 
> is there a file that contains (maybe a list of) the compile options of the 
> previous install?
> 
> --
> Jeff
> --
> Mailman-Users mailing list -- mailman-users@python.org
> To unsubscribe send an email to mailman-users-le...@python.org
> https://mail.python.org/mailman3/lists/mailman-users.python.org/
> Mailman FAQ: http://wiki.list.org/x/AgA3
> Security Policy: http://wiki.list.org/x/QIA9
> Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
> https://mail.python.org/archives/list/mailman-users@python.org/
--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
https://mail.python.org/archives/list/mailman-users@python.org/

[Mailman-Users] web interface error after 2.1.36 update

2021-11-16 Thread ddewey 


Hello...  just ran into an issue after what I thought was a successful
routine update to mailman 2.1.36 (from .29? iirc) on Friday.
Everything seemed fine after the update (following the
config/make/make install) and I hadn't had occasion to log into the
admin interface until today when I hit this (apparent) bug. Mail is
being received and delivered just fine. The subscriber interface
appears working.

Simply trying to log into the Admindb user interface... entered my
password and receive 
"Bug in Mailman version 2.1.36
We're sorry, we hit a bug!"

Don't see any obvious permissions errors, nor does check_perms return
anything.

Below is the log output from Mailman error log. Nothing interesting in
the httpd log. Thanks for any pointers!

Nov 15 15:30:58 2021 admin(30830):
 
admin(30830): [- Mailman Version: 2.1.36 -] 
admin(30830): [- Traceback --] 
admin(30830): Traceback (most recent call last):
admin(30830):   File "/usr/local/mailman/scripts/driver", line 117, in
run_main
admin(30830): main()
admin(30830):   File "/usr/local/mailman/Mailman/Cgi/admindb.py", line
342, in main
admin(30830): print doc.Format()
admin(30830):   File "/usr/local/mailman/Mailman/htmlformat.py", line
352, in Format
admin(30830): output.append(Container.Format(self, indent))
admin(30830):   File "/usr/local/mailman/Mailman/htmlformat.py", line
267, in Format
admin(30830): output.append(HTMLFormatObject(item, indent))
admin(30830):   File "/usr/local/mailman/Mailman/htmlformat.py", line
53, in HTMLFormatObject
admin(30830): return item.Format(indent)
admin(30830):   File "/usr/local/mailman/Mailman/htmlformat.py", line
445, in Format
admin(30830): % csrf_token(self.mlist, self.contexts, self.user)
admin(30830):   File "/usr/local/mailman/Mailman/CSRFcheck.py", line
53, in csrf_token
admin(30830): mac = sha_new(secret + issued).hexdigest()
admin(30830): TypeError: unsupported operand type(s) for +: 'NoneType'
and 'str'
admin(30830): [- Python Information -] 
admin(30830): sys.version =   2.7.5 (default, Aug 13 2020,
02:51:10) 
[GCC 4.8.5 20150623 (Red Hat 4.8.5-39)] 
admin(30830): sys.executable  =   /usr/bin/python 
admin(30830): sys.prefix  =   /usr 
admin(30830): sys.exec_prefix =   /usr 
admin(30830): sys.path=   ['/usr/local/mailman/pythonlib',
'/usr/local/mailman', '/usr/local/mailman/scripts',
'/usr/lib64/python27.zip', '/usr/lib64/python2.7',
'/usr/lib64/python2.7/plat-linux2', '/usr/lib64/python2.7/lib-tk',
'/usr/lib64/python2.7/lib-old', '/usr/lib64/python2.7/lib-dynload',
'/usr/lib/python2.7/site-packages',
'/usr/lib/python2.7/dist-packages',
'/usr/lib64/python2.7/site-packages',
'/usr/lib64/python2.7/site-packages/gtk-2.0',
'/usr/lib64/python2.7/site-packages',
'/usr/lib/python2.7/site-packages', '/usr/lib/site-python'] 
admin(30830): sys.platform=   linux2 
admin(30830): [- Environment Variables -] 
admin(30830):   CONTENT_LENGTH: 41 
admin(30830):   CONTENT_TYPE: application/x-www-form-urlencoded 
admin(30830):   SERVER_NAME: list.listdomain.com 
admin(30830):   REMOTE_ADDR: 67.253.227.163 
admin(30830):   PYTHONPATH: /usr/local/mailman 
admin(30830):   REMOTE_PORT: 3777 
admin(30830):   REQUEST_SCHEME: http 
admin(30830):   SCRIPT_NAME: /mailman/admindb 
admin(30830):   REQUEST_METHOD: POST 
admin(30830):   HTTP_HOST: list.list_domain.com 
admin(30830):   PATH_INFO: /list_name
admin(30830):   SERVER_PORT: 80 
admin(30830):   SERVER_PROTOCOL: HTTP/1.1 
admin(30830):   QUERY_STRING:  
admin(30830):   REQUEST_URI: /mailman/admindb/list_name
admin(30830):   HTTP_COOKIE:  
admin(30830):   DOCUMENT_ROOT: /var/www/html/list.list_domain.com 
--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
https://mail.python.org/archives/list/mailman-users@python.org/

[Mailman-Users] Re: spamming

2023-10-23 Thread ddewey 


I started seeing these as well, in pretty large quantities just
recently. I wasn't seeing spam notices, but an increase in my deferred
mail queue (Postfix) from emails that couldn't be delivered. Looking
in my Mailman logs, I had hundreds of subscription/signup requests
without any subsequent confirmations, and they were coming in once a
minute or so from bots.

I had added 'SUBSCRIBE_FORM_SECRET' with a key some time ago, but that
seemed to have stopped working as effectively. Implementing the google
captcha solution to Mailman a week or so ago stopped it dead. For
now...



Quoting Jim Dory (ja...@dorydesign.com):

> I've got a new problem with my mailing list. I run a local
> announcements/trade list that should be of no interest to
> non-locals.
> 
> I started seeing warnings from Yahoo about users marking messages as
> spam.. (I'm subscribed to Yahoo's Antispam Feedback. I never got
> other feedback loops from others - like Microsoft - to work). The
> messages that were being marked as spam by users were the
> confirmation emails sent by mailman to confirm a signup. To avoid
> having Yahoo shut down the list as spam (for its subscribers), I set
> the subscription to be approved by admin, so I could review who was
> trying to sign up.
> 
> More and more now I'm seeing what appears to be spammers trying to subscribe, 
> but I can't be sure. I'm seeing emails like:
> 
>  hirofeet0...@yahoo.co.jp  (doesn't seem local)
> blvckp...@gmail.com(not many use user names such as that)
> fsafwcasgsa...@gwqc.com  (obviously not real - couldn't find domain with 
> minimal searching)
> 
> Plus some that could be local but how would I know.
> 
> I could take off the "approval by admin" for subscription and just deal with 
> anyone that is a problem afterward, but I do worry that they may be 
> harvesting emails from subscribers, which are available in the reply-to 
> headers.
> 
> Don't know if there's anything I can do. Anyone else dealing with this?
> 
> thanks. Jim
> 
> --
> Mailman-Users mailing list -- mailman-users@python.org
> To unsubscribe send an email to mailman-users-le...@python.org
> https://mail.python.org/mailman3/lists/mailman-users.python.org/
> Mailman FAQ: http://wiki.list.org/x/AgA3
> Security Policy: http://wiki.list.org/x/QIA9
> Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
>https://mail.python.org/archives/list/mailman-users@python.org/
> Member address: dde...@cyberthugs.com
--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
https://mail.python.org/archives/list/mailman-users@python.org/
Member address: arch...@jab.org

[Mailman-Users] Re: sudden (?) issue with subscription options CGI

2024-11-29 Thread ddewey 
Thanks for responding Mark. Interesting results below.

Quoting Mark Sapiro (m...@msapiro.net):

> On 11/28/24 11:13 AM, dde...@cyberthugs.com wrote:
> >
> >However, one of my members alerted me today that they were unable to
> >log into the Subscription Options page due to a 500 Server Error. The
> >page itself displays fine, but entering the username and pass results
> >in the server error. Only thing I see in the apache error logs is as
> >follows (listdomain and list name obfuscated):
> >
> >End of script output before headers: options, referer:
> >https://list.listdomain.com/mailman/options/listname


> Does this also happen with an invalid email address or an incorrect
> password?

For this list, yes. Any of the three actions on the Subscription
Options page results in the same error. Either a legitimate user/pass
pair, or an incorrect one; a legitimate member address or a
non-subscribed one.

> What about the Unsubscribe or Remind buttons?

Same. End of script output errors in Apache logs, 500 page displayed.

> Does this just happen for one list or for others, e.g. the `mailman` list?

Interestingly, the only other list this server supports works just
fine - the Subscription Options page actions all perform as they
should, with legit user/passwords, incorrect ones, unsub and reminder
all functioning as expected without error.

So this points to an issue with the one list I assume? It's much, much
larger than the one with the subscription options working. Where do I
go next?
--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
https://mail.python.org/archives/list/mailman-users@python.org/
Member address: arch...@mail-archive.com

[Mailman-Users] sudden (?) issue with subscription options CGI

2024-11-28 Thread ddewey 


Have an older RHEL 7 Mailman2 server that's worked flawlessly for
years, but whose time is short... new MM3 server slowly being built.

However, one of my members alerted me today that they were unable to
log into the Subscription Options page due to a 500 Server Error. The
page itself displays fine, but entering the username and pass results
in the server error. Only thing I see in the apache error logs is as
follows (listdomain and list name obfuscated):

End of script output before headers: options, referer:
https://list.listdomain.com/mailman/options/listname

As far as I know (dangerous), this was working fine post-last upgrade,
which was September '23, and everything else is working fine other
than the Options cgi.

Running mailman-2.1.39 installed from source. Minimal config options
on build - ./configure --with-cgi-gid=apache
Apache httpd-2.4.6-99.el7_9.1
Python 2.7.5

Any other hints to try to debug this? Didn't see anything at all in
any of the Mailman logs.

Thanks for any suggestions!
--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
https://mail.python.org/archives/list/mailman-users@python.org/
Member address: arch...@mail-archive.com

[Mailman-Users] Re: sudden (?) issue with subscription options CGI

2024-11-30 Thread ddewey 
Quoting Mark Sapiro (m...@msapiro.net):

> On 11/29/24 7:48 AM, dde...@cyberthugs.com wrote:
> >
> >So this points to an issue with the one list I assume? It's much, much
> >larger than the one with the subscription options working. Where do I
> >go next?


> I'm surprised nothing is logged in Mailman's error.log.

Nothing abnormal or related, just the expected 'no such list' listname
typos etc. So logging is working, just not logging anything
interesting for this issue.

> What happens if you run Mailman's
> 
> bin/config_list -o - LISTNAME
> 
> Does this throw an exception with a traceback? If not, how about
> 
> bin/config_list -i /dev/null LISTNAME

Both commands return as expected - the first the long list of config
values, and the second just returns after updating the timestamp on
the list files. I ran both commands against all current lists and a
couple of disused/test lists as well. All produced the same output.

Definitely a weird one. Really appreciate the help Mark.
--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
https://mail.python.org/archives/list/mailman-users@python.org/
Member address: arch...@mail-archive.com

[Mailman-Users] Re: sudden (?) issue with subscription options CGI

2024-11-30 Thread ddewey 
Quoting Mark Sapiro (m...@msapiro.net):

> On November 30, 2024 8:10:10 AM PST, dde...@cyberthugs.com wrote:
> >Quoting Mark Sapiro (m...@msapiro.net):
> >
> >> On 11/29/24 7:48 AM, dde...@cyberthugs.com wrote:
> >
> >Both commands return as expected - the first the long list of config
> >values, and the second just returns after updating the timestamp on
> >the list files. I ran both commands against all current lists and a
> >couple of disused/test lists as well. All produced the same output.

> Is there a custom options.html template in Mailman's lists/listname/en 
> (assuming English language) directory?

There is. It's essentially the standard template, with some font color
changes and some removed bits. I tried removing the template, and that
didn't seem to have any effect (is this cached somewhere)? I'm happy
to share that template if it will help.

However, I did go to another list's options page and tried again to
log in, send password reminders etc. It worked, other than trying to
send a password reminder to a non-existent email address ALSO resulted
in the server error / "End of script output before headers: options"
issue. I thought I had tested all of these cases before, and maybe
had, but at least this time I can replicate it with another list. This
second list does NOT have a custom options.html.

At this point, with a new MM3 server coming online sometime in the
next month or two, it might not be worth chasing this - it's certainly
perplexing though, and I would like to fix it if possible. I'll have to
manually help users through changes they'd like made until I
transition which isn't' the end of the world.
--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
https://mail.python.org/archives/list/mailman-users@python.org/
Member address: arch...@mail-archive.com