You don’t have permission to access /pipermail/bsdcan-announce/ on this server – mailman

I ran into this problem today and spent about 2 hours trying to figure out what went wrong. I composed an email to the Mailman mailing list and never sent it, because I solved the problem.

Here is that email:

Subject: Cannot view archives via website


I think this is solved, but I’m posting anyway.

I *think* the issue is one of permission: Apache, running as user www, cannot access the private directories. The symlink is correct. I also think I have a correct solution, but I’m writing to get a second opinion on this.

Versions in use:

  1. apache22-2.2.29_2
  2. mailman-
  3. python27-2.7.9

This issue has arisen on a long established Mailman installation. My guess is recent upgrade (perhaps Mailman & Apache) have given rise to the problem. The issue affects all lists on this server, which hosts multiple domains.

The issue can be viewed at & where you will see:


You don't have permission to access /pipermail/bsdcan-announce/ on this server.

The error messages are:

*** *** - - [06/Jan/2015:00:13:32 +0000] "GET /pipermail/bsdcan-announce/ HTTP/1.1" 403 228 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36"

*** ***
[Tue Jan 06 00:13:32 2015] [error] [client] Symbolic link not allowed or link target not accessible: /usr/local/mailman/archives/public/bsdcan-announce, referer:

Some permissions from /usr/local/mailman/archives/public:

# ls -ld . bsdcan-announce pgcon-announce
drwxrwsr-x  2 root  mailman  512 Jan  5 22:36 .
lrwxr-xr-x  1 root  mailman   51 Jan  5 22:28 bsdcan-announce -> /usr/local/mailman/archives/private/bsdcan-announce
lrwxr-xr-x  1 root  mailman   50 Nov 28  2006 pgcon-announce -> /usr/local/mailman/archives/private/pgcon-announce

Each Apache vhost contains this:

  <Directory "/usr/local/mailman/archives/public">
    AllowOverride None
    Options Indexes FollowSymlinks MultiViews
    Order allow,deny
    Allow from all

I have verified permissions:

# bin/check_perms 
No problems found

My solution: chown www /usr/local/mailman/archives/private

Good? Bad?

FYI, check_perms is OK with that.

Based on it seems to be the right thing to do.

Dan Langille

Website Pin Facebook Twitter Myspace Friendfeed Technorati Digg Google StumbleUpon Premium Responsive

Leave a Comment