Project Lancelot Deployment HOWTO

Version 0.1, 2011-08-22 Anselm Lingnau <anselm@…>


This document explains how to get Project Lancelot to run with various MTAs. It stipulates that you have Project Lancelot itself running to a point where pl-init(1) lets you create a new mailing list. The point of this document is to explain how to get your MTA to send incoming messages to Project Lancelot, and how to get Project Lancelot to pass stuff to your MTA to send along.

My life is too short to futz around with MTAs other than Postfix, although there is nothing within Project Lancelot (that I know of) that would preclude its being used with non-Postfix MTAs. If you do get Project Lancelot to run with another MTA, feel free to add your experiences and recommendations to this HOWTO.

Getting Mail from the MTA into Project Lancelot

Unless the directions below specify otherwise, we will assume that your user name is alfred and that you are installing a list whose address is list@….

Simple Setup for Sendmail-like MTAs

This simple procedure ought to work with all MTAs that support a Sendmail-like /etc/aliases file.

The one caveat is that much of the functionality of Project Lancelot hinges on the ability of the MTA to direct mail to addresses of the form list+WHATEVER@… to the list@… address. It is theoretically possible to add aliases to cover most of the cases that are necessary, but some things may simply not be workaroundable. Fortunately, Sendmail, Postfix and Exim all support this feature. With Postfix, make sure that your file contains the line

  recipient_delimiter = +

You can then add the line

  list: "|/usr/bin/pl-incoming --user alfred"

to the /etc/aliases file, and call the newaliases(8) command to make it official.

This will cause your MTA to pipe incoming mail to the list@… address to the pl-incoming(1) program (part of Project Lancelot), which will then process it further. Provided that the address extension feature mentioned earlier works on your system, this will also send stuff addressed to list+WHATEVER@… to pl-incoming(1).

The main problem you are going to have to deal with now is file permissions. The Project Lancelot files within $HOME/.pl belong to you while your MTA will probably try to access them with the privileges of a user called nobody (or mail or postfix or what have you), which will lead to problems if some user tries to subscribe to your list, because pl-incoming(1) will try to write into the list database file as whatever user your MTA uses for external programs. (Trying to archive mail messages is also likely to cause grief.)

The most convenient solution (if not the most secure one) short of setting $HOME/.pl/list@… and all its contents to »world-writable« is to add yourself to a group that the MTA's user is also a member of, and give the files in question to that group:

  # groupadd lists
  # usermod -a -G lists alfred
  # usermod -a -G lists nobody        # or whatever your MTA uses
  # chgrp -R lists $HOME/.pl/
  # chmod -R g+w $HOME/.pl/
  # chmod g+s $HOME/.pl/

(the chmod g+s will make sure that any new subdirectories inside .pl/list@… will also be part of the lists group).

With Postfix, you can make your life a lot easier by not putting the list alias into /etc/aliases, but into another (aliases-like) file that belongs to you (user alfred), because in this case, Postfix will invoke pl-incoming(1) as the user alfred. Put something like

  alias_maps = hash:/etc/aliases, hash:/usr/local/etc/postfix/alfred/aliases

into your and say

  # mkdir -p /usr/local/etc/postfix/alfred
  # chown alfred:alfred /usr/local/etc/postfix/alfred
  alfred$ vi /usr/local/etc/postfix/alfred/aliases   # add the list alias
  alfred$ postmap hash:/usr/local/etc/postfix/alfred/aliases

(If you're not the system administrator, don't be surprised if your system administrator is not wild about this idea, because having your own aliases file basically allows you to steal other local users' mail.)

Incidentally, if Postfix calls pl-incoming(1) as user alfred on your behalf, you can leave off the --user option in the alias:

  list: "|/usr/bin/pl-incoming"

This is because Project Lancelot will then find the correct .pl directory to use even without special prodding.

To summarise, this method is fairly straightforward as far as the MTA is concerned, but possibly requires distasteful machinations to get permissions just right. In effect, creating new mailing lists requires root permissions because you need to edit and update the system-wide aliases file (this doesn't apply to the alfred/aliases scenario, which in turn is iffy from the security POV -- you pays your money and you takes your chances).

Elaborate Scheme for Postfix

This is a more elaborate scheme for Postfix which, after the initial setup, allows you (or indeed any system user) to maintain a set of mailing lists – including adding and deleting lists – without root privileges, and without the opportunity of pinching other users' mail. It works best if you have an entire (sub)domain that you can devote to mailing lists, such as Hence, in this example, our list will be list@….

The secret is to define a Postfix transport, lancelot, and redirect mailing list mail to that transport instead of the normal Postfix delivery process. This is most conveniently done using the Postfix transport_maps mechanism, by creating a file called /etc/postfix/transport containing the line	lancelot:

together with a definition like

  transport_maps = hash:/etc/postfix/transport

in (Don't forget to postmap the transport file.) It is also a good idea to set

  lancelot_destination_concurrency_limit = 1
  lancelot_destination_recipient_limit = 1

to avoid problems which might occur with multiple deliveries to Project Lancelot happening at the same time, and messages addressed to more than one of your Project Lancelot lists at once.

This setup will direct all mail to addresses in the domain to the lancelot transport. (Note: You will also need to ensure that mail addressed to the domain will in fact end up on your mail server, by creating a suitable MX record in the DNS.)

The lancelot transport is defined in Postfix's file and should look approximately like

  lancelot  unix  -       n       n       -       -       pipe
    flags=DRhu user=alfred argv=/usr/bin/pl-incoming ${user}@${nexthop}

This essentially means that Postfix will pipe the message in question to pl-incoming(1) running as user alfred.

You may want to use a separate user for your mailing lists, like lancelot. If several people share in the administration of the lists, put them in the group lancelot, make the lancelot user's .pl directory group-writable and set its SGID bit to ensure that newly created files are assigned to the lancelot group:

  # usermod -G lancelot -a alfred  # add user alfred to group lancelot
  # chmod g+sw /home/lancelot/.pl

If you can't, or don't want to, set up a separate domain just for mailing lists, you can use a similar approach on a per-list basis, by adding a line like    lancelot:

to /etc/postfix/transport for each list. However, this is more tedious to maintain.

Last modified 6 years ago Last modified on Jul 27, 2012, 2:47:29 PM