1 # Copyright (C) 2008-2009 by the Free Software Foundation, Inc.
3 # This file is part of GNU Mailman.
5 # GNU Mailman is free software: you can redistribute it and/or modify it under
6 # the terms of the GNU General Public License as published by the Free
7 # Software Foundation, either version 3 of the License, or (at your option)
10 # GNU Mailman is distributed in the hope that it will be useful, but WITHOUT
11 # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12 # FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
15 # You should have received a copy of the GNU General Public License along with
16 # GNU Mailman. If not, see <http://www.gnu.org/licenses/>.
18 # This is the GNU Mailman configuration schema. It defines the default
19 # configuration options for the core system and plugins. It uses ini-style
20 # formats under the lazr.config regime to define all system configuration
21 # options. See <https://launchpad.net/lazr.config> for details.
24 # This address is the "site owner" address. Certain messages which must be
25 # delivered to a human, but which can't be delivered to a list owner (e.g. a
26 # bounce from a list owner), will be sent to this address. It should point to
28 site_owner: changeme@example.com
30 # This address is used as the from address whenever a message comes from some
31 # entity to which there is no natural reply recipient. Set this to a real
32 # human or to /dev/null. It will be appended with the host name of the list
33 # involved. This address must not bounce and it must not point to a Mailman
35 noreply_address: noreply
37 # Where all the runtime data will be kept. This directory must exist.
40 # The default language for this server.
43 # Membership tests for posting purposes are usually performed by looking at a
44 # set of headers, passing the test if any of their values match a member of
45 # the list. Headers are checked in the order given in this variable. The
46 # value From_ means to use the envelope sender. Field names are case
47 # insensitive. This is a space separate list of headers.
48 sender_headers: from from_ reply-to sender
50 # Mail command processor will ignore mail command lines after designated max.
51 email_commands_max_lines: 10
53 # Default length of time a pending request is live before it is evicted from
54 # the pending database.
55 pending_request_life: 3d
57 # A callable to run with no arguments early in the initialization process.
58 # This runs before database initialization.
61 # A callable to run with no arguments late in the initialization process.
62 # This runs after adapters are initialized.
67 # When Mailman generates them, this is the default length of member passwords.
68 member_password_length: 8
70 # Specify the type of passwords to use, when Mailman generates the passwords
71 # itself, as would be the case for membership requests where the user did not
72 # fill in a password, or during list creation, when auto-generation of admin
73 # passwords was selected.
75 # Set this value to 'yes' for classic Mailman user-friendly(er) passwords.
76 # These generate semi-pronounceable passwords which are easier to remember.
77 # Set this value to 'no' to use more cryptographically secure, but harder to
78 # remember, passwords -- if your operating system and Python version support
79 # the necessary feature (specifically that /dev/urandom be available).
80 user_friendly_passwords: yes
84 # Define which process queue runners, and how many of them, to start.
86 # The full import path to the class for this queue runner.
87 class: mailman.queue.runner.Runner
89 # The directory path that this queue runner scans.
90 path: $VAR_DIR/qfiles/$name
92 # The number of parallel queue runners. This must be a power of 2.
95 # Whether to start this queue runner or not.
98 # The maximum number of restarts for this queue runner. When the runner exits
99 # because of an error or other unexpected problem, it is automatically
100 # restarted, until the maximum number of restarts has been reached.
103 # The sleep interval for the queue runner. It wakes up once every interval to
104 # process the files in its slice of the queue directory.
108 # The class implementing the IDatabase interface.
109 class: mailman.database.StockDatabase
111 # Use this to set the Storm database engine URL. You generally have one
112 # primary database connection for all of Mailman. List data and most rosters
113 # will store their data in this database, although external rosters may access
114 # other databases in their own way. This string supports standard
115 # 'configuration' substitutions.
116 url: sqlite:///$DATA_DIR/mailman.db
120 # This defines various log settings. The options available are:
122 # - level -- Overrides the default level; this may be any of the
123 # standard Python logging levels, case insensitive.
124 # - format -- Overrides the default format string
125 # - datefmt -- Overrides the default date format string
126 # - path -- Overrides the default logger path. This may be a relative
127 # path name, in which case it is relative to Mailman's LOG_DIR,
128 # or it may be an absolute path name. You cannot change the
129 # handler class that will be used.
130 # - propagate -- Boolean specifying whether to propagate log message from this
131 # logger to the root "mailman" logger. You cannot override
132 # settings for the root logger.
134 # In this section, you can define defaults for all loggers, which will be
135 # prefixed by 'mailman.'. Use subsections to override settings for specific
136 # loggers. The names of the available loggers are:
138 # - archiver -- All archiver output
139 # - bounce -- All bounce processing logs go here
140 # - config -- Configuration issues
141 # - debug -- Only used for development
142 # - error -- All exceptions go to this log
143 # - fromusenet -- Information related to the Usenet to Mailman gateway
144 # - http -- Internal wsgi-based web interface
145 # - locks -- Lock state changes
146 # - mischief -- Various types of hostile activity
147 # - post -- Information about messages posted to mailing lists
148 # - qrunner -- qrunner start/stops
149 # - smtp -- Successful SMTP activity
150 # - smtp-failure -- Unsuccessful SMTP activity
151 # - subscribe -- Information about leaves/joins
152 # - vette -- Information related to admindb activity
153 format: %(asctime)s (%(process)d) %(message)s
154 datefmt: %b %d %H:%M:%S %Y
187 # The smtp logger defines additional options for handling the logging of each
188 # attempted delivery. These format strings specify what information is logged
189 # for every message, every successful delivery, every refused delivery and
190 # every recipient failure. To disable a status message, set the value to 'no'
191 # (without the quotes).
193 # These template strings accept the following set of substitution
194 # placeholders, if available.
196 # msgid -- the Message-ID of the message in question
197 # listname -- the fully-qualified list name
198 # sender -- the sender if available
199 # recip -- the recipient address if available, or the number of
200 # recipients being delivered to
201 # size -- the approximate size of the message in bytes
202 # seconds -- the number of seconds the operation took
203 # refused -- the number of refused recipients
204 # smtpcode -- the SMTP success or failure code
205 # smtpmsg -- the SMTP success or failure message
207 every: $msgid smtp to $listname for $recip recips, completed in $time seconds
208 success: $msgid post to $listname from $sender, $size bytes
209 refused: $msgid post to $listname from $sender, $size bytes, $refused failures
210 failure: $msgid delivery to $recip failed with code $smtpcode, $smtpmsg
219 # The hostname at which admin web service resources are exposed.
222 # The port at which the admin web service resources are exposed.
225 # Whether or not requests to the web service are secured through SSL.
228 # Default view permission for the admin web service.
229 view_permission: None
231 # Whether or not to show tracebacks in an HTTP response for a request that
232 # raised an exception.
237 # Template for language definitions. The section name must be [language.xx]
238 # where xx is the 2-character ISO code for the language.
240 # The English name for the language.
241 description: English (USA)
242 # And the default character set for the language.
244 # Whether the language is enabled or not.
248 [spam.headers.template]
249 # This section defines basic header matching actions. Each spam.header
250 # section names a header to match (case-insensitively), a pattern to match
251 # against the header's value, and the chain to jump to when the match
254 # The header value should not include the trailing colon.
256 # The pattern is always matched with re.IGNORECASE.
258 # The chain to jump to if the pattern matches. Maybe be any existing chain
259 # such as 'discard', 'reject', 'hold', or 'accept'.
264 # The class defining the interface to the incoming mail transport agent.
265 incoming: mailman.mta.postfix.LMTP
267 # The class defining the interface to the outgoing mail transport agent.
268 outgoing: mailman.mta.deliver.deliver
270 # How to connect to the outgoing MTA.
274 # Where the LMTP server listens for connections.
278 # Ceiling on the number of recipients that can be specified in a single SMTP
279 # transaction. Set to 0 to submit the entire recipient list in one
283 # Ceiling on the number of SMTP sessions to perform on a single socket
284 # connection. Some MTAs have limits. Set this to 0 to do as many as we like
285 # (i.e. your MTA has no limits). Set this to some number great than 0 and
286 # Mailman will close the SMTP connection and re-open it after this number of
287 # consecutive sessions.
288 max_sessions_per_connection: 0
290 # Maximum number of simultaneous subthreads that will be used for SMTP
291 # delivery. After the recipients list is chunked according to max_recipients,
292 # each chunk is handed off to the SMTP server by a separate such thread. If
293 # your Python interpreter was not built for threads, this feature is disabled.
294 # You can explicitly disable it in all cases by setting max_delivery_threads
296 max_delivery_threads: 0
298 # How long should messages which have delivery failures continue to be
299 # retried? After this period of time, a message that has failed recipients
300 # will be dequeued and those recipients will never receive the message.
301 delivery_retry_period: 5d
303 # These variables control the format and frequency of VERP-like delivery for
304 # better bounce detection. VERP is Variable Envelope Return Path, defined
307 # http://cr.yp.to/proto/verp.txt
309 # This involves encoding the address of the recipient as Mailman knows it into
310 # the envelope sender address (i.e. RFC 5321 MAIL FROM). Thus, no matter what
311 # kind of forwarding the recipient has in place, should it eventually bounce,
312 # we will receive an unambiguous notice of the bouncing address.
314 # However, we're technically only "VERP-like" because we're doing the envelope
315 # sender encoding in Mailman, not in the MTA. We do require cooperation from
316 # the MTA, so you must be sure your MTA can be configured for extended address
319 # The first variable describes how to encode VERP envelopes. It must contain
320 # these three string interpolations, which get filled in by Mailman:
322 # $bounces -- the list's -bounces robot address will be set here
323 # $local -- the recipient address's local mailbox part will be set here
324 # $domain -- the recipient address's domain name will be set here
326 # This example uses the default below.
328 # FQDN list address is: mylist@dom.ain
329 # Recipient is: aperson@a.nother.dom
331 # The envelope sender will be mylist-bounces+aperson=a.nother.dom@dom.ain
333 # Note that your MTA /must/ be configured to deliver such an addressed message
336 verp_format: ${bounces}+${local}=${domain}
338 # For nicer confirmation emails, use a VERP-like format which encodes the
339 # confirmation cookie in the reply address. This lets us put a more user
340 # friendly Subject: on the message, but requires cooperation from the MTA.
341 # Format is like verp_format, but with the following substitutions:
343 # $address -- the list-confirm address
344 # $cookie -- the confirmation cookie
345 verp_confirm_format: $address+$cookie
347 # This is analogous to verp_regexp, but for splitting apart the
348 # verp_confirm_format. MUAs have been observed that mung
350 # From: local_part@host
354 # To: "local_part" <local_part@host>
356 # when replying, so we skip everything up to '<' if any.
357 verp_confirm_regexp: ^(.*<)?(?P<addr>[^+]+?)\+(?P<cookie>[^@]+)@.*$
359 # Set this to 'yes' to enable VERP-like (more user friendly) confirmations.
360 verp_confirmations: no
362 # Another good opportunity is when regular delivery is personalized. Here
363 # again, we're already incurring the performance hit for addressing each
364 # individual recipient. Set this to 'yes' to enable VERPs on all personalized
365 # regular deliveries (personalized digests aren't supported yet).
366 verp_personalized_deliveries: no
368 # And finally, we can VERP normal, non-personalized deliveries. However,
369 # because it can be a significant performance hit, we allow you to decide how
370 # often to VERP regular deliveries. This is the interval, in number of
371 # messages, to do a VERP recipient address. The same variable controls both
372 # regular and digest deliveries. Set to 0 to disable occasional VERPs, set to
373 # 1 to VERP every delivery, or to some number > 1 for only occasional VERPs.
374 verp_delivery_interval: 0
376 # VERP format and regexp for probe messages.
377 verp_probe_format: %(bounces)s+%(token)s
378 verp_probe_regexp: ^(?P<bounces>[^+]+?)\+(?P<token>[^@]+)@.*$
379 # Set this 'yes' to activate VERP probe for disabling by bounce.
382 # This is the maximum number of automatic responses sent to an address because
383 # of -request messages or posting hold messages. This limit prevents response
384 # loops between Mailman and misconfigured remote email robots. Mailman
385 # already inhibits automatic replies to any message labeled with a header
386 # "Precendence: bulk|list|junk". This is a fallback safety valve so it should
387 # be set fairly high. Set to 0 for no limit (probably useful only for
389 max_autoresponses_per_day: 10
391 # Some list posts and mail to the -owner address may contain DomainKey or
392 # DomainKeys Identified Mail (DKIM) signature headers <http://www.dkim.org/>.
393 # Various list transformations to the message such as adding a list header or
394 # footer or scrubbing attachments or even reply-to munging can break these
395 # signatures. It is generally felt that these signatures have value, even if
396 # broken and even if the outgoing message is resigned. However, some sites
397 # may wish to remove these headers by setting this to 'yes'.
398 remove_dkim_headers: no
400 # This variable describe the program to use for regenerating the transport map
401 # db file, from the associated plain text files. The file being updated will
402 # be appended to this string (with a separating space), so it must be
403 # appropriate for os.system().
404 postfix_map_cmd: /usr/sbin/postmap
408 # How often should the bounce qrunner process queued detected bounces?
409 register_bounces_every: 15m
413 # To add new archivers, define a new section based on this one, overriding the
416 # The class implementing the IArchiver interface.
417 class: mailman.archiving.prototype.Prototype
419 # Set this to 'yes' to enable the archiver.
422 # The base url for the archiver. This is used to to calculate links to
423 # individual messages in the archive.
424 base_url: http://archive.example.com/
426 # If the archiver works by getting a copy of the message, this is the address
427 # to send the copy to.
428 recipient: archive@archive.example.com
430 # If the archiver works by calling a command on the local machine, this is the
436 # This is the stock MHonArc archiver.
437 class: mailman.archiving.mhonarc.MHonArc
439 base_url: http://$hostname/archives/$fqdn_listname
442 [archiver.mail_archive]
443 # This is the stock mail-archive.com archiver.
444 class: mailman.archiving.mailarchive.MailArchive
447 # This is the stock Pipermail archiver.
448 class: mailman.archiving.pipermail.Pipermail
450 # This sets the default `clobber date' policy for the archiver. When a
451 # message is to be archived either by Pipermail or an external archiver,
452 # Mailman can modify the Date: header to be the date the message was received
453 # instead of the Date: in the original message. This is useful if you
454 # typically receive messages with outrageous dates. Set this to 0 to retain
455 # the date of the original message, or to 1 to always clobber the date. Set
456 # it to 2 to perform `smart overrides' on the date; when the date is outside
457 # allowable_sane_date_skew (either too early or too late), then the received
458 # date is substituted instead.
459 clobber_date_policy: 2
460 allowable_sane_date_skew: 15d
462 # Pipermail archives contain the raw email addresses of the posting authors.
463 # Some view this as a goldmine for spam harvesters. Set this to 'yes' to
464 # moderately obscure email addresses, but note that this breaks mailto: URLs
465 # in the archives too.
466 obscure_email_addresses: yes
468 # When the archive is public, should Pipermail also make the raw Unix mbox
469 # file publically available?
474 # This is a prototypical sample archiver.
475 class: mailman.archiving.prototype.Prototype
479 # The style's priority, with 0 being the lowest priority.
482 # The class implementing the IStyle interface, which applies the style.
483 class: mailman.styles.default.DefaultStyle
487 # A filter that converts from multipart messages to "flat" messages
488 # (i.e. containing a single payload). This is required for Pipermail, and you
489 # may want to set it to 0 for external archivers. You can also replace it
490 # with your own module as long as it contains a process() function that takes
491 # a MailList object and a Message object. It should raise
492 # Errors.DiscardMessage if it wants to throw the message away. Otherwise it
493 # should modify the Message object as necessary.
494 archive_scrubber: mailman.archiving.pipermail.Pipermail
496 # This variable defines what happens to text/html subparts. They can be
497 # stripped completely, escaped, or filtered through an external program. The
499 # 0 - Strip out text/html parts completely, leaving a notice of the removal in
500 # the message. If the outer part is text/html, the entire message is
502 # 1 - Remove any embedded text/html parts, leaving them as HTML-escaped
503 # attachments which can be separately viewed. Outer text/html parts are
504 # simply HTML-escaped.
505 # 2 - Leave it inline, but HTML-escape it
506 # 3 - Remove text/html as attachments but don't HTML-escape them. Note: this
507 # is very dangerous because it essentially means anybody can send an HTML
508 # email to your site containing evil JavaScript or web bugs, or other
509 # nasty things, and folks viewing your archives will be susceptible. You
510 # should only consider this option if you do heavy moderation of your list
513 # Note: given the current archiving code, it is not possible to leave
514 # text/html parts inline and un-escaped. I wouldn't think it'd be a good idea
517 # The value can also be a string, in which case it is the name of a command to
518 # filter the HTML page through. The resulting output is left in an attachment
519 # or as the entirety of the message when the outer part is text/html. The
520 # format of the string must include a $filename substitution variable which
521 # will contain the name of the temporary file that the program should operate
522 # on. It should write the processed message to stdout. Set this to
523 # HTML_TO_PLAIN_TEXT_COMMAND to specify an HTML to plain text conversion
525 archive_html_sanitizer: 1
527 # Control parameter whether the scrubber should use the message attachment's
528 # filename as is indicated by the filename parameter or use 'attachement-xxx'
529 # instead. The default is set 'no' because the applications on PC and Mac
530 # begin to use longer non-ascii filenames.
531 use_attachment_filename: no
533 # Use of attachment filename extension per se is may be dangerous because
534 # viruses fakes it. You can set this 'yes' if you filter the attachment by
535 # filename extension.
536 use_attachment_filename_extension: no
540 # Headers which should be kept in both RFC 1153 (plain) and MIME digests. RFC
541 # 1153 also specifies these headers in this exact order, so order matters.
542 # These are space separated and case insensitive.
543 mime_digest_keep_headers:
544 Date From To Cc Subject Message-ID Keywords
545 In-Reply-To References Content-Type MIME-Version
546 Content-Transfer-Encoding Precedence Reply-To
549 plain_digest_keep_headers:
557 # Set these variables if you need to authenticate to your NNTP server for
558 # Usenet posting or reading. If no authentication is necessary, specify None
559 # for both variables.
563 # Set this if you have an NNTP server you prefer gatewayed lists to use.
566 # This controls how headers must be cleansed in order to be accepted by your
567 # NNTP server. Some servers like INN reject messages containing prohibited
568 # headers, or duplicate headers. The NNTP server may reject the message for
569 # other reasons, but there's little that can be programmatically done about
572 # These headers (case ignored) are removed from the original message. This is
573 # a whitespace separate list of headers.
575 nntp-posting-host nntp-posting-date x-trace
576 x-complaints-to xref date-received posted
577 posting-version relay-version received
579 # These headers are left alone, unless there are duplicates in the original
580 # message. Any second and subsequent headers are rewritten to the second
581 # named header (case preserved). This is a list of header pairs, one pair per
583 rewrite_duplicate_headers:
586 Content-Transfer-Encoding X-Original-Content-Transfer-Encoding
587 MIME-Version X-MIME-Version