summaryrefslogtreecommitdiffstats
path: root/nixos/modules/services/mail/mailman.md
diff options
context:
space:
mode:
Diffstat (limited to 'nixos/modules/services/mail/mailman.md')
-rw-r--r--nixos/modules/services/mail/mailman.md82
1 files changed, 82 insertions, 0 deletions
diff --git a/nixos/modules/services/mail/mailman.md b/nixos/modules/services/mail/mailman.md
new file mode 100644
index 000000000000..55b61f8a2582
--- /dev/null
+++ b/nixos/modules/services/mail/mailman.md
@@ -0,0 +1,82 @@
+# Mailman {#module-services-mailman}
+
+[Mailman](https://www.list.org) is free
+software for managing electronic mail discussion and e-newsletter
+lists. Mailman and its web interface can be configured using the
+corresponding NixOS module. Note that this service is best used with
+an existing, securely configured Postfix setup, as it does not automatically configure this.
+
+## Basic usage with Postfix {#module-services-mailman-basic-usage}
+
+For a basic configuration with Postfix as the MTA, the following settings are suggested:
+```
+{ config, ... }: {
+ services.postfix = {
+ enable = true;
+ relayDomains = ["hash:/var/lib/mailman/data/postfix_domains"];
+ sslCert = config.security.acme.certs."lists.example.org".directory + "/full.pem";
+ sslKey = config.security.acme.certs."lists.example.org".directory + "/key.pem";
+ config = {
+ transport_maps = ["hash:/var/lib/mailman/data/postfix_lmtp"];
+ local_recipient_maps = ["hash:/var/lib/mailman/data/postfix_lmtp"];
+ };
+ };
+ services.mailman = {
+ enable = true;
+ serve.enable = true;
+ hyperkitty.enable = true;
+ webHosts = ["lists.example.org"];
+ siteOwner = "mailman@example.org";
+ };
+ services.nginx.virtualHosts."lists.example.org".enableACME = true;
+ networking.firewall.allowedTCPPorts = [ 25 80 443 ];
+}
+```
+
+DNS records will also be required:
+
+ - `AAAA` and `A` records pointing to the host in question, in order for browsers to be able to discover the address of the web server;
+ - An `MX` record pointing to a domain name at which the host is reachable, in order for other mail servers to be able to deliver emails to the mailing lists it hosts.
+
+After this has been done and appropriate DNS records have been
+set up, the Postorius mailing list manager and the Hyperkitty
+archive browser will be available at
+https://lists.example.org/. Note that this setup is not
+sufficient to deliver emails to most email providers nor to
+avoid spam -- a number of additional measures for authenticating
+incoming and outgoing mails, such as SPF, DMARC and DKIM are
+necessary, but outside the scope of the Mailman module.
+
+## Using with other MTAs {#module-services-mailman-other-mtas}
+
+Mailman also supports other MTA, though with a little bit more configuration. For example, to use Mailman with Exim, you can use the following settings:
+```
+{ config, ... }: {
+ services = {
+ mailman = {
+ enable = true;
+ siteOwner = "mailman@example.org";
+ enablePostfix = false;
+ settings.mta = {
+ incoming = "mailman.mta.exim4.LMTP";
+ outgoing = "mailman.mta.deliver.deliver";
+ lmtp_host = "localhost";
+ lmtp_port = "8024";
+ smtp_host = "localhost";
+ smtp_port = "25";
+ configuration = "python:mailman.config.exim4";
+ };
+ };
+ exim = {
+ enable = true;
+ # You can configure Exim in a separate file to reduce configuration.nix clutter
+ config = builtins.readFile ./exim.conf;
+ };
+ };
+}
+```
+
+The exim config needs some special additions to work with Mailman. Currently
+NixOS can't manage Exim config with such granularity. Please refer to
+[Mailman documentation](https://mailman.readthedocs.io/en/latest/src/mailman/docs/mta.html)
+for more info on configuring Mailman for working with Exim.
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-31 08:13:14 +0000