1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
|
###\\\\ Service description ////###
## Primary mail domain name
domain <%= vhost %>
## Email addresses of listmasters
## Email addresses of the listmasters (users authorized to perform global
## server commands). Some error reports may also be sent to these addresses.
## Listmasters can be defined for each virtual host, however, the default
## listmasters will have privileges to manage all virtual hosts.
listmaster listmaster@<%= vhost %>
## Default language
## This is the default language used by Sympa. One of supported languages
## should be chosen.
lang en-US
## Supported languages
## All supported languages for the user interface. Languages proper locale
## information not installed are ignored.
supported_lang en_US
## Title of service
## The name of your mailing list service. It will appear in the header of web
## interface and subjects of several service messages.
title Mageia Mailing lists service
## Display name of Sympa
## This parameter is used for display name in the "From:" header field for the
## messages sent by Sympa itself.
gecos SYMPA
## Support of legacy character set
## If set to "on", enables support of legacy character set according to
## charset.conf(5) configuration file.
## In some language environments, legacy encoding (character set) can be
## preferred for e-mail messages: for example iso-2022-jp in Japanese
## language.
legacy_character_support_feature off
###\\\\ Database related ////###
## Type of the database
## Possible types are "MySQL", "PostgreSQL", "Oracle", "Sybase" and "SQLite".
db_type PostgreSQL
## Hostname of the database server
## With PostgreSQL, you can also use the path to Unix Socket Directory, e.g.
## "/var/run/postgresql" for connection with Unix domain socket.
db_host pg.<%= domain %>
## Port of the database server
db_port 5432/tcp
## Name of the database
## With SQLite, this must be the full path to database file. With Oracle
## Database, this must be Oracle SID.
db_name sympa
## User for the database connection
db_user sympa
## Password for the database connection
## What ever you use a password or not, you must protect the SQL server (is it
## not a public internet service ?)
db_passwd <%= scope.lookupvar("sympa::server::pgsql_password") %>
## Environment variables setting for database
## With Oracle Database, this is useful for defining ORACLE_HOME and NLS_LANG.
# db_env NLS_LANG=American_America.AL32UTF8;ORACLE_HOME=/u01/app/oracle/product/11.2.0/server
## Database private extension to subscriber table
## Adds more fields to "subscriber_table" table. Sympa recognizes fields
## defined with this parameter. You will then be able to use them from within
## templates and scenarios:
## * for scenarios: [subscriber->field]
## * for templates: [% subscriber.field %]
## These fields will also appear in the list members review page and will be
## editable by the list owner. This parameter is a comma-separated list.
## You need to extend the database format with these fields
# db_additional_subscriber_fields billing_delay,subscription_expiration
## Database private extension to user table
## Adds more fields to "user_table" table. Sympa recognizes fields defined
## with this parameter. You will then be able to use them from within
## templates: [% subscriber.field %]
## This parameter is a comma-separated list.
## You need to extend the database format with these fields
# db_additional_user_fields age,address
###\\\\ System log ////###
## System log facility for Sympa
## Do not forget to configure syslog server.
syslog mail
## Communication mode with syslog server
log_socket_type unix
## Log verbosity
## Sets the verbosity of logs.
## 0: Only main operations are logged
## 3: Almost everything is logged.
log_level 0
###\\\\ Receiving ////###
## Default maximum number of list members
## Default limit for the number of subscribers per list (0 means no limit).
default_max_list_members 0
## Maximum size of messages
## Incoming messages smaller than this size is allowed distribution by Sympa.
max_size 5242880
## Reject mail sent from automated services to list
## Rejects messages that seem to be from automated services, based on a few
## header fields ("Content-Identifier:", "Auto-Submitted:").
## Sympa also can be configured to reject messages based on the "From:" header
## field value (see "loop_prevention_regex").
reject_mail_from_automates_feature off
## Priority for command messages
## Priority applied to messages sent to Sympa command address.
sympa_priority 1
## Priority for messages bound for list owners
## Priority for processing of messages bound for "LIST-request" address, i.e.
## owners of the list
request_priority 0
## Priority for non-VERP bounces
## Priority for processing of messages bound for "LIST-owner" address, i.e.
## non-delivery reports (bounces).
owner_priority 9
## Default priority for list messages
## Priority for processing of messages posted to list addresses.
default_list_priority 5
###\\\\ Sending related ////###
## Header fields to be removed from incoming messages
## Use it, for example, to ensure some privacy for your users in case that
## "anonymous_sender" mode is inappropriate.
## The removal of these header fields is applied before Sympa adds its own
## header fields ("rfc2369_header_fields" and "custom_header").
# was remove_headers ARRAY(0x4116e50)
remove_headers X-Sympa-To,X-Family-To,Return-Receipt-To,Precedence,X-Sequence,Disposition-Notification-To
## RFC 2369 header fields
## Specify which RFC 2369 mailing list header fields to be added.
## "List-Id:" header field defined in RFC 2919 is always added. Sympa also
## adds "Archived-At:" header field defined in RFC 5064.
# was rfc2369_header_fields ARRAY(0x4116c88)
rfc2369_header_fields help,subscribe,unsubscribe,post,owner,archive
## Default priority for a packet
## The default priority set to a packet to be sent by the bulk.
sympa_packet_priority 5
## Fork threshold of bulk daemon
## The minimum number of packets before bulk daemon forks the new worker to
## increase sending rate.
bulk_fork_threshold 1
## Maximum number of bulk workers
bulk_max_count 3
## Idle timeout of bulk workers
## The number of seconds a bulk worker will remain running without processing
## a message before it spontaneously exists.
bulk_lazytime 600
## Sleep time of bulk workers
## The number of seconds a bulk worker sleeps between starting a new loop if
## it didn't find a message to send.
## Keep it small if you want your server to be reactive.
bulk_sleep 1
## Interval between checks of packet numbers
## Number of seconds a master bulk daemon waits between two packets number
## checks.
## Keep it small if you expect brutal increases in the message sending load.
bulk_wait_to_fork 10
## Path to sendmail
## Absolute path to sendmail command line utility (e.g.: a binary named
## "sendmail" is distributed with Postfix).
## Sympa expects this binary to be sendmail compatible (exim, Postfix, qmail
## and so on provide it). Sympa also bundles "sympa_smtpc" program which may
## be a replacement to sendmail binary.
sendmail /usr/sbin/sendmail
## Log invocation of sendmail
## This can be overwritten by "-m" option for sympa.pl.
log_smtp off
## Maximum number of sendmail processes
## Maximum number of simultaneous child processes spawned by Sympa. This is
## the main load control parameter.
## Proposed value is quite low, but you can rise it up to 100, 200 or even 300
## with powerful systems.
maxsmtp 40
## Maximum number of recipients per call to sendmail
## This grouping factor makes it possible for the sendmail processes to
## optimize the number of SMTP sessions for message distribution. If needed,
## you can limit the number of recipients for a particular domain. Check the
## "nrcpt_by_domain.conf" configuration file.
nrcpt 25
## Maximum number of different mail domains per call to sendmail
avg 10
###\\\\ Privileges ////###
## Who is able to create lists
## Defines who can create lists (or request list creation) by creating new
## lists or by renaming or copying existing lists.
create_list forbidden
## Use blacklist
## List of operations separated by comma for which blacklist filter is
## applied. Setting this parameter to "none" will hide the blacklist feature.
use_blacklist send,create_list
## List of required domains for list owner addresses
## Restrict list ownership to addresses in the specified domains. This can be
## used to reserve list ownership to a group of trusted users from a set of
## domains associated with an organization, while allowing editors and
## subscribers from the Internet at large.
# owner_domain domain1.tld domain2.tld
## Minimum number of list owners that must match owner_domain restriction
## Minimum number of list owners that must satisfy the owner_domain
## restriction. The default of zero (0) means *all* list owners must match.
## Setting to 1 requires only one list owner to match owner_domain; all other
## owners can be from any domain. This setting can be used to ensure that
## there is always at least one known contact point for a mailing list.
owner_domain_min 0
###\\\\ Archives ////###
## Store distributed messages into archive
## If enabled, distributed messages via lists will be archived. Otherwise
## archiving is disabled.
## Note that even if setting this parameter disabled, past archives will not
## be removed and will be accessible according to access settings by each
## list.
process_archive on
## Path to MHonArc mail-to-HTML converter
## This is required for HTML mail archiving.
mhonarc /usr/bin/mhonarc
# There is a need to protect Sympa website against spambot
spam_protection javascript
# The same as spam_protection, but restricted to the web archive.
web_archive_spam_protection cookie
###\\\\ Bounce management and tracking ////###
## Default bounce warn rate
## The list owner receives a warning whenever a message is distributed and the
## number (percentage) of bounces exceeds this value.
bounce_warn_rate 30
## Default bounce halt rate
## NOT USED YET. If bounce rate reaches the halt_rate, messages for the list
## will be halted, i.e. they are retained for subsequent moderation.
bounce_halt_rate 50
## Remove bouncing new subscribers
## If set to unique, the welcome message is sent using a unique return path in
## order to remove the subscriber immediately in the case of a bounce.
welcome_return_path owner
## Remove subscribers bouncing remind message
## Same as welcome_return_path, but applied to remind messages.
remind_return_path owner
## Task for expiration of old bounces
## This task resets bouncing information for addresses not bouncing in the
## last 10 days after the latest message distribution.
expire_bounce_task daily
###\\\\ Automatic lists ////###
## Definition of automatic list families
## Defines the families the automatic lists are based on. It is a character
## string structured as follows:
## * each family is separated from the other by a semi-column (;)
## * inside a family definition, each field is separated from the other by a
## column (:)
## * each field has the structure: "<field name>=<filed value>"
## Basically, each time Sympa uses the automatic lists families, the values
## defined in this parameter will be available in the family object.
## * for scenarios: [family->name]
## * for templates: [% family.name %]
# automatic_list_families name=family_one:prefix=f1:display=My automatic lists:prefix_separator=+:classes separator=-:family_owners_list=alist@domain.tld;name=family_two:prefix=f2:display=My other automatic lists:prefix_separator=+:classes separator=-:family_owners_list=anotherlist@domain.tld;
## Parsed files for families
## comma-separated list of files that will be parsed by Sympa when
## instantiating a family (no space allowed in file names)
parsed_family_files message.footer,message.header,message.footer.mime,message.header.mime,info
###\\\\ Tag based spam filtering ////###
## Header field to tag spams
## If a spam filter (like spamassassin or j-chkmail) add a header field to tag
## spams, name of this header field (example X-Spam-Status)
antispam_tag_header_name X-Spam-Status
## Regular expression to check header field to tag spams
## Regular expression applied on this header to verify message is a spam
## (example Yes)
antispam_tag_header_spam_regexp ^\s*Yes
## Regular expression to determine spam or ham.
## Regular expression applied on this header field to verify message is NOT a
## spam (example No)
antispam_tag_header_ham_regexp ^\s*No
## Name of header field to inform
## Messages are supposed to be filtered by an spam filter that add one more
## headers to messages. This parameter is used to select a special scenario in
## order to decide the message spam status: ham, spam or unsure. This
## parameter replace antispam_tag_header_name, antispam_tag_header_spam_regexp
## and antispam_tag_header_ham_regexp.
spam_status x-spam-status
###\\\\ Directories ////###
## List home
## Base directory of list configurations.
home /var/lib/sympa/expl
## Directory for configuration files
## Base directory of global configuration (except "sympa.conf").
etc /etc/sympa
## Base directory of spools
## Base directory of all spools which are created at runtime. This directory
## must be writable by Sympa user.
spool /var/spool/sympa
## Directory for message incoming spool
## This spool is used both by "queue" program and "sympa_msg.pl" daemon."
queue /var/spool/sympa/msg
## Directory for moderation spool
queuemod /var/spool/sympa/moderation
## Directory for digest spool
queuedigest /var/spool/sympa/digest
## Directory for held message spool
## This parameter is named such by historical reason.
queueauth /var/spool/sympa/auth
## Directory for archive spool
## This parameter is named such by historical reason.
queueoutgoing /var/spool/sympa/outgoing
## Directory for held request spool
## This parameter is named such by historical reason.
queuesubscribe /var/spool/sympa/subscribe
## Directory for topic spool
queuetopic /var/spool/sympa/topic
## Directory for bounce incoming spool
## This spool is used both by "bouncequeue" program and "bounced.pl" daemon.
queuebounce /var/spool/sympa/bounce
## Directory for task spool
queuetask /var/spool/sympa/task
## Directory for automatic list creation spool
## This spool is used both by "familyqueue" program and "sympa_automatic.pl"
## daemon.
queueautomatic /var/spool/sympa/automatic
## Directory for message outgoing spool
## This parameter is named such by historical reason.
queuebulk /var/spool/sympa/bulk
## Directory to cache formatted messages
## Base directory path of directories where HTML view of messages are cached.
viewmail_dir /var/spool/sympa/viewmail
## Directory for storing bounces
## The directory where bounced.pl daemon will store the last bouncing message
## for each user. A message is stored in the file: <bounce_path>/<list
## name>@<mail domain name>/<email address>, or, if tracking is enabled:
## <bounce_path>/<list name>@<mail domain name>/<email address>_<envelope ID>.
## Users can access to these messages using web interface in the bounce
## management page.
## Don't confuse with "queuebounce" parameter which defines the spool where
## incoming error reports are stored and picked by bounced.pl daemon.
bounce_path /var/lib/sympa/bounce
## Directory for storing archives
## Where to store HTML archives. This parameter is used by the "archived.pl"
## daemon. It is a good idea to install the archive outside the web document
## hierarchy to ensure accesses passing WWSympa's access control will be
## prevented.
arc_path /var/lib/sympa/arc
###\\\\ Miscelaneous ////###
## Local part of Sympa email address
## Local part (the part preceding the "@" sign) of the address by which mail
## interface of Sympa accepts mail commands.
## If you change the default value, you must modify the mail aliases too.
email sympa
## Custom robot parameter
## Used to define a custom parameter for your server. Do not forget the
## semicolon between the parameter name and the parameter value.
## You will be able to access the custom parameter value in web templates by
## variable "conf.custom_robot_parameter.<param_name>"
# custom_robot_parameter param_name ; param_value
## Use of binary cache of list configuration
## binary_file: Sympa processes will maintain a binary version of the list
## configuration, "config.bin" file on local disk. If you manage a big amount
## of lists (1000+), it should make the web interface startup faster.
## You can recreate cache by running "sympa.pl --reload_list_config".
cache_list_config none
## Max age of logs in database
## Number of months that elapse before a log is expired
logs_expiration_period 3
## Umask
## Default mask for file creation (see umask(2)). Note that it will be
## interpreted as an octal value.
umask 027
## Secret string for generating unique keys
## This allows generated authentication keys to differ from a site to another.
## It is also used for encryption of user passwords stored in the database.
## The presence of this string is one reason why access to "sympa.conf" needs
## to be restricted to the "sympa" user.
## Note that changing this parameter will break all HTTP cookies stored in
## users' browsers, as well as all user passwords and lists X509 private keys.
## To prevent a catastrophe, Sympa refuses to start if this "cookie" parameter
## was changed.
# cookie 123456789
###\\\\ Web interface parameters ////###
## URL prefix of web interface
## This is used to construct URLs of web interface.
wwsympa_url https://<%= vhost %>/l
## URL prefix of WWSympa behind proxy
#http_host http://domain.tld
## URL for static contents
## HTTP server have to map it with "static_content_path" directory.
static_content_url /static-sympa
css_url /static-sympa/css
pictures_url /static-sympa/pictures
## Directory for static contents
static_content_path /var/lib/sympa/static_content
css_path /var/lib/sympa/static_content/css
pictures_path /var/lib/sympa/static_content/pictures
## System log facility for web interface
## System log facility for WWSympa, archived.pl and bounced.pl. Default is to
## use value of "syslog" parameter.
log_facility LOCAL1
###\\\\ Web interface parameters: Appearances ////###
## Type of main web page
## "lists" for the page of list of lists. "home" for home page.
default_home lists
## Default index organization of web archive
## thrd: Threaded index.
## mail: Chronological index.
archive_default_index thrd
## Size of review page
## Default number of lines of the array displaying users in the review page
review_page_size 25
## Size of viewlogs page
## Default number of lines of the array displaying the log entries in the logs
## page.
viewlogs_page_size 25
###\\\\ Web interface parameters: Miscelaneous ////###
## HTTP cookies validity domain
## If beginning with a dot ("."), the cookie is available within the specified
## Internet domain. Otherwise, for the specified host. The only reason for
## replacing the default value would be where WWSympa's authentication process
## is shared with an application running on another host.
cookie_domain <%= vhost %>
## HTTP cookies lifetime
## This is the default value when not set explicitly by users. "0" means the
## cookie may be retained during browser session.
cookie_expire 0
## Average interval to refresh HTTP session ID.
cookie_refresh 60
## Use HTML editor
## If set to "on", users will be able to post messages in HTML using a
## javascript WYSIWYG editor.
use_html_editor 0
## URL of HTML editor
## URL path to the javascript file making the WYSIWYG HTML editor available.
## Relative path under <static_content_url> or absolute path.
## Example is for TinyMCE 4 installed under <static_content_path>/js/tinymce/.
# html_editor_url js/tinymce/tinymce.min.js
## HTML editor initialization
## Javascript excerpt that enables and configures the WYSIWYG HTML editor.
# html_editor_init tinymce.init({selector:"#body",language:lang.split(/[^a-zA-Z]+/).join("_")});
## Count limit of wrong password submission
## If this limit is reached, the account is locked until the user renews their
## password. The default value is chosen in order to block bots trying to log
## in using brute force strategy. This value should never be reached by real
## users that will probably uses the renew password service before they
## performs so many tries.
max_wrong_password 19
## Password case
## "insensitive" or "sensitive".
## If set to "insensitive", WWSympa's password check will be insensitive. This
## only concerns passwords stored in the Sympa database, not the ones in LDAP.
## Should not be changed! May invalid all user password.
password_case insensitive
###\\\\ S/MIME and TLS ////###
## Password used to crypt lists private keys
## If not defined, Sympa assumes that list private keys are not encrypted.
# key_passwd your_password
## Directory containing user certificates
ssl_cert_dir /var/lib/sympa/X509-user-certs
###\\\\ Data sources setup ////###
## Default of SQL fetch timeout
## Default timeout while performing a fetch with include_sql_query.
default_sql_fetch_timeout 300
###\\\\ DKIM ////###
## Enable DKIM
## If set to "on", Sympa may verify DKIM signatures of incoming messages and/
## or insert DKIM signature to outgoing messages.
dkim_feature off
## Which service messages to be signed
## Inserts a DKIM signature to service messages in context of robot, list or
## both
dkim_add_signature_to robot,list
## The "d=" tag as defined in rfc 4871
## The DKIM "d=" tag, is the domain of the signing entity. Default is virtual
## host domain name
dkim_signer_domain <%= vhost %>
## Rewrite header for DKIM signed messages and DMARC rejecting domains
dmarc_protection_mode dkim_signature,dmarc_reject
###\\\\ Antivirus plug-in ////###
## Path to the antivirus scanner engine
## Supported antivirus: Clam AntiVirus/clamscan & clamdscan, McAfee/uvscan,
## Fsecure/fsav, Sophos, AVP and Trend Micro/VirusWall
# antivirus_path /usr/local/bin/clamscan
## Antivirus plugin command line arguments
# antivirus_args --no-summary --database /usr/local/share/clamav
###\\\\ Password validation ////###
## Password validation
## The password validation techniques to be used against user passwords that
## are added to mailing lists. Options come from Data::Password
## (http://search.cpan.org/~razinf/Data-Password-1.07/Password.pm#VARIABLES)
# password_validation MINLEN=8,GROUPS=3,DICTIONARY=4,DICTIONARIES=/pentest/dictionaries
###\\\\ Authentication with LDAP ////###
## Use canonical email address for LDAP authentication
## When using LDAP authentication, if the identifier provided by the user was
## a valid email, if this parameter is set to false, then the provided email
## will be used to authenticate the user. Otherwise, use of the first email
## returned by the LDAP server will be used.
ldap_force_canonical_email 1
###\\\\ Obsoleted parameters ////###
## Default timeout between two scheduled synchronizations of list members with
## data sources.
default_ttl 3600
## Default timeout between two action-triggered synchronizations of list
## members with data sources.
default_distribution_ttl 300
edit_list owner
## Enable FastCGI
## Is FastCGI module for HTTP server installed. This module provide much
## faster web interface.
use_fast_cgi 1
# Upgrade from 6.2.40 to 6.2.42
# 22 May 2019 at 21:22:06
shared_feature on
|