# Mailman configuration on Apache



## balanga (May 27, 2016)

I'm trying to set up Mailman to work with Apache following the notes here:-
http://www.freebsddiary.org/mailman.php
The notes are ten years old but that's all I could find.

As I understand it, once mail/mailman has been installed, all I need to do is add

```
ScriptAlias  /mailman   "/usr/local/mailman/cgi-bin"
```
to Apache's configuration and presumably

```
http://example.org/mailman/
```
should take me to the web interface for mailman.

I get a *Forbidden *msg so I guess the permissions are wrongly set.

What do I need to do?

Incidentally is there a preferred Mailing List Manager for FreeBSD?


----------



## tingo (May 27, 2016)

Which version of Apache are you using? Note that Apache 2.4 configuration has changed syntax a bit, you better read up on it.
Also, you post isn't very clear on what version of mailman, FreeBSD and son you are trying to set up.
Details matter - please be precise and reasonably complete.


----------



## balanga (May 27, 2016)

FreeBSD 10.1-RELEASE #0

Apache 2.4

Mailman via `pkg install`


----------



## balanga (May 29, 2016)

According to:

http://www.purplehat.org/?page_id=18


I need to add Apache to Mailman group  using

`pw usermod www -G mailman`

This doesn't get round the *Forbidden* error....

The httpd-error.log shows


```
[Sun May 29 23:58:41.409265 2016] [authz_core:error] [pid 55215] [client 82.37.21
5.218:31067] AH01630: client denied by server configuration: /usr/local/mailman/cgi-bin/
```


Under apache24 I have a mailman.conf consisting of


```
ScriptAlias     /mailman/       /usr/local/mailman/cgi-bin/

<Directory "/usr/local/mailman">
       AllowOverride All
       Options FollowSymlinks
       Require all granted
    </Directory>
```

Doesn't seem to get round the problem....


----------



## SirDice (May 30, 2016)

The error happens because DirectoryIndex isn't set and directory browsing is turned off by default.


----------



## balanga (Jun 1, 2016)

I tried this - but without success....


```
ScriptAlias     /mailman/       /usr/local/mailman/cgi-bin/

<Directory "/usr/local/mailman">
    DirectoryIndexRedirect on
       AllowOverride All
       Options FollowSymlinks
       Require all granted
    </Directory>
```


----------



## SirDice (Jun 1, 2016)

https://httpd.apache.org/docs/current/mod/mod_dir.html#directoryindex

By default Apache only looks for index.html and index.htm. If those files don't exist or cannot be read it resorts to directory browsing. Directory browsing is forbidden by default.


----------



## balanga (Jun 1, 2016)

I already checked the reference mentioned, that's why I included the DirectoryIndexRedirect directive but that doesn't work.  I don't see any other directive to allow directory browsing.


----------



## SirDice (Jun 2, 2016)

You don't want to enable directory browsing (that's why it's off by default too). You certainly don't want to enable directory browsing on a cgi-bin directory as it would introduce a major security risk. Imagine hackers being able to simply browse your cgi-bin and pick and choose the scripts to attack. They don't even have to guess the names anymore.


----------



## balanga (Jun 2, 2016)

OK, so you've explained what I don't want to do, but I still have no idea what I should do to enable mailman's cgi-bin directory to be usable



> By default Apache only looks for index.html and index.htm. If those files don't exist or cannot be read it resorts to directory browsing. Directory browsing is forbidden by default.



So how do I permit apache users to use /usr/local/mailman/cgi-bin?

I have read https://httpd.apache.org/docs/current/mod/mod_dir.html#directoryindex

but can't see how I'm supposed to handle access to this directory.


----------



## SirDice (Jun 2, 2016)

What's the script's name you're supposed to call?


----------



## balanga (Jun 6, 2016)

There is a directory full of commands.

```
admin
admindb
confirm
create
edithtml
listinfo
options
private
rmlist
roster
subscribe
```

I'm not yet familiar enough with Mailman to know how to proceed. I assumed that browsing to 
`http://example.org/mailman/` would take me to a setup page, but that is forbidden. It turns  out that I can actually go to `http://example.org/mailman/admin` so it is actually working.

Not quite as user-friendly as setting up Wordpress, I must admit.


----------

