Administration de la messagerie

De wikilivois
Révision datée du 25 février 2016 à 00:41 par Christophe (discussion | contributions) (→‎Les commandes postfix)
(diff) ← Version précédente | Voir la version actuelle (diff) | Version suivante → (diff)
Aller à la navigationAller à la recherche

Gestion des logs

Awstats

Package Gentoo : awstats geoip Geo-IP

http://awstats.sourceforge.net/

Voir Administration_des_Services_Web#Awstats.

Mailgraph

http://people.ee.ethz.ch/~dws/software/mailgraph/

Mailgraph is a very simple mail statistics RRDtool frontend for Postfix and Sendmail that produces daily, weekly, monthly and yearly graphs of received/sent and bounced/rejected mail.

Pflogsumm

pflogsumm envoie un mail d'information à partir des logs mail. Ici le mail est envoyé quotidiennement.

Package Gentoo: pflogsumm

<licode file=/etc/cron.daily/pflogsumm.cron> YEAR=`date -d yesterday +%Y`; MONTH=`date -d yesterday +%m`; DAY=`date -d yesterday +%d`; grep -v "relay=127.0.0.1" /var/log/gw/$YEAR/$MONTH/$DAY/mail.log \

  | /usr/bin/pflogsumm.pl | mail -s "`uname -n` daily mail stats" cron

</licode>

Spamity

http://www.collaboration-world.com/spamity

Gentoo Package: DateManip, CGI-Session, Mail-IMAPClient

#cd spamity
#mysql -p
mysql>CREATE DATABASE spamity;
#mysql spamity -p < ./table.mysql
#mysql spamity -p < ./sessions.mysql

Copier le répertoire Spamity et Spamity.pm dans un des répertoires de perl, indiqué par la commande suivante:

# perl -e 'print join("\n",@INC)'

Copier le démon spamityd dans /sbin/

Le fichier de configuration se complète de soi-même. En plus des paramètres de base de données, voici quelques paramètres supplémentaires à préciser. <licode file=/etc/spamity.conf>

  1. Daemon parameters
  2. You have to specify the following parameters only if you want to
  3. run the daemon on this machine.
  1. The maillog_path parameter can be overwritten at the command-line

maillog_path = /var/log/gw/mail.log

  1. The daemon can log messages to a file (optional).

logfile = /var/log/spamityd

sleep = 1 # depends on how fast your log file grows pidfile = /var/run/spamityd.pid

  1. The unknown_recipient parameter is the username to which are
  2. associated the blocked message for which the recipient is unknown

unknown_recipient = postmaster

quarantine_path = /var/amavis/quarantine

  1. The number of seconds before trying to reconnect to the database
  2. in case of failure. Set it to 0 to desactivate reconnection.

db_reconnect_interval = 60

  1. Web-interface parameters
  2. You have to specify the following parameters only if you want to
  3. use the web interface on this machine.

cgibin_path = /spamity # URL of the cgi-bin directory htdocs_path = /spamity/htdocs # URL of the htdocs directory

default_language = fr_CA

  1. Administrator flag name used in sessions files

admin_id = _admin # must not be a valid account name

  1. Administrator accounts

admin = postmaster # comma-separated list of accounts names

  1. Absolute path of the templates directory

templates_path = /usr/share/spamity/cgi-bin/templates

  1. Default number of results shown per page
  2. Must be 25, 50, or 100

results_page = 25

  1. Antispam-free SMTP server name that allows reinjection
  2. Comment this parameter if you don't want to allow reinjection.

reinjection_smtp_server = localhost:10025

  1. Virus reinjection

allow_virus_reinjection = false

  1. On the stats page for the last week, show an additional graph for
  2. the average number of rejected messages by day of week (dow).
  3. This graph is disable by default since it's SQL intensive.

show_graph_dow = false

  1. Authentication backend
  2. Specify the backend used for users authentication.
  3. Possible values (case sensitive) are:
  4. 'imap'  : Authenticate through an IMAP server.
  5. 'ldap'  : Authenticate through LDAP. The server(s) defined in the
  6. lookup section are used.
  7. authentication_backend = ldap

authentication_backend = imap

  1. Specify the IMAP server if you use the 'imap' backend.

imap_server = localhost

  1. Session handler
  2. Specify where the sessions are stored.
  3. If you want to store the sessions in a database, the table 'sessions'
  4. must currently be defined in the same database as the tables used by
  5. Spamity. Therefore, it must match the value of 'database_backend'.
  6. Possible values (case sensitive) are:
  7. 'file'  : Sessions are stored in files under 'session_path'.
  8. 'pgsql'  : Sessions are stored in a PostgreSQL database.
  9. 'mysql'  : Sessions are stored in a MySQL database.
  10. session_handler = file

session_handler = mysql

  1. If you use the file session handler, define the path where the
  2. sessions files are saved
  3. This directory must exist and owned by the httpd user

session_path = /tmp/cgisessid </licode>

Configuration Apache

Il faut aussi configurer apache: <licode file="httpd.conf ou configuration vhost">

 Alias /spamity/htdocs /usr/share/spamity/htdocs/
 ScriptAlias /spamity/ /usr/share/spamity/cgi-bin/

<Directory /usr/share/spamity/> Order allow,deny Allow from all Options -FollowSymLinks +ExecCGI

       <IfModule mod_mime.c>
               AddHandler cgi-script .cgi
       </IfModule>

</Directory> </licode>

Configuration gentoo

Les fichiers suivants pemettent de gérer spamityd comme un démon classique:

<licode file=/etc/conf.d/spamityd>

  1. DON'T CHANGE THIS

CONF="/etc/spamity.conf"

  1. You probably don't want to change this, but in case you do

HOSTNAME="gw" LOGFILE="/var/log/gw/mail.log" PIDFILE="spamityd.pid"

DEBUG=0

  1. This pulls in the options above

SPAMITYD_OPTS="--host $HOSTNAME -f $LOGFILE -t" </licode>

<licode file=/etc/init.d/spamityd>

  1. !/sbin/runscript

depend() {

       need amavisd

}

checkconfig() {

       if [ ! -e $CONF ] ; then
               eerror "You need a configuration file to run spamityd"
               return 1
       fi

}

start() {

       checkconfig || return 1
       ebegin "Starting spamityd"
       if [ "$DEBUG" = "1" ];then
         start-stop-daemon --start --quiet --exec /sbin/spamityd -- ${SPAMITYD_OPTS} --debug
         echo
         echo "DEBUG mode: type /etc/init.d/spamityd zap to stop."
       else
         start-stop-daemon --start --exec /sbin/spamityd -- ${SPAMITYD_OPTS} >/dev/null 2>1&
         array=`ps -e -o pid,comm | grep spamityd | head -n 1 | cut -d " " -f 1`
         echo ${array[0]} > ${PIDFILE}
       fi
       eend $?

}

stop() {

       ebegin "Stopping spamityd"
       start-stop-daemon --stop --quiet --pidfile ${PIDFILE}
       eend $?

} </licode>

Gestion des fichiers de log

Si les fichiers de log subissent une rotation , il faut prévenir spamityd avec une ligne dans le script de rotation du type:

/bin/kill -HUP `cat /var/run/spamityd.pid 2> /dev/null` 2> /dev/null || true

Configuration ldap

<licode file=/etc/spamity.conf>

  1. Lookup parameters
  2. Specify the backend for usernames and addresses lookups.
  3. Possible values are:
  4. 'file'  : Your email addresses table is defined in a text file.
  5. 'ldap'  : You use a LDAP server to handle the addresses table.

lookup_backend = ldap

  1. File variables
  2. Defined the following paths only if you use the 'file' backend.
  1. mail_addresses_path = /etc/postfix/virtual
  2. mail_aliases_path = /etc/postfix/aliases
  3. mail_domains_path = /etc/postfix/domains
  1. LDAP variables
  2. Defined the following paramaters only if you use the 'ldap' backend.
  1. The LDAP server name or address. You can list multiple servers, separated by commas,
  2. that use the same parameters.

ldap_server = ldap.livois.com

  1. Branch of search

ldap_search_base = o=hebergement,dc=livois,dc=com

  1. Distinguished name and password for binding to the LDAP server.
  2. Leave blank for anonymous access.
  3. ldap_bind_dn = uid=manager,o=hebergement,dc=livois,dc=com
  4. ldap_bind_password = secret
  1. LDAP attribute defining the username

ldap_attribute_username = uid

  1. List of LDAP attributes defining email addresses.
  2. Each attribute must be separated by a comma

ldap_attributes_email = mail

  1. Additional LDAP filter when performing a search (optional).
  2. ldap_query_filter = (objectClass=person)
  1. List of domains for which you accept mail.

ldap_domains = livois.com </licode>

Outils d'administration

Les commandes postfix

  • mailq

affiche la queue – liste des mails à traiter

  • postsuper

-r (requeue)

  • qshape

analyse l'état de la queue

  • postmap

-q test l'existence d'un utilisateur dans une base

pfqueue

Package Gentoo : pfqueue

http://pfqueue.sourceforge.net/

Cet outil est un outil de gestion des queues postfix. Il permet de regarder les queues deferred/active/incoming/hold et d'agir sur les mails de ces queues : suppression/hold/libération/requeue/visionnage.

damnit

cf message d'absence et gnarwl

Tests du système

Interactive DNS MX-verify: http://www.zmailer.org/mxverify.html

Copyright

© 2006 Christophe de Livois

Tête de GNU Vous avez l'autorisation de copier, distribuer et/ou modifier ce document suivant les termes de la GNU Free Documentation License, Version 1.2 ou n'importe quelle version ultérieure publiée par la Free Software Foundation; sans section invariante, sans page de garde, sans entête et sans page finale. Pour plus d'informations consulter le site de l'APRIL.