Administration de la messagerie
Gestion des logs
Awstats
Package Gentoo : awstats geoip Geo-IP
http://awstats.sourceforge.net/
Voir Administration_des_Services_Web#Awstats.
Mailgraph
http://people.ee.ethz.ch/~dws/software/mailgraph/
Mailgraph is a very simple mail statistics RRDtool frontend for Postfix and Sendmail that produces daily, weekly, monthly and yearly graphs of received/sent and bounced/rejected mail.
Pflogsumm
pflogsumm envoie un mail d'information à partir des logs mail. Ici le mail est envoyé quotidiennement.
Package Gentoo: pflogsumm
<licode file=/etc/cron.daily/pflogsumm.cron> YEAR=`date -d yesterday +%Y`; MONTH=`date -d yesterday +%m`; DAY=`date -d yesterday +%d`; grep -v "relay=127.0.0.1" /var/log/gw/$YEAR/$MONTH/$DAY/mail.log \
| /usr/bin/pflogsumm.pl | mail -s "`uname -n` daily mail stats" cron
</licode>
Spamity
http://www.collaboration-world.com/spamity
Gentoo Package: DateManip, CGI-Session, Mail-IMAPClient
#cd spamity #mysql -p mysql>CREATE DATABASE spamity; #mysql spamity -p < ./table.mysql #mysql spamity -p < ./sessions.mysql
Copier le répertoire Spamity et Spamity.pm dans un des répertoires de perl, indiqué par la commande suivante:
# perl -e 'print join("\n",@INC)'
Copier le démon spamityd dans /sbin/
Le fichier de configuration se complète de soi-même. En plus des paramètres de base de données, voici quelques paramètres supplémentaires à préciser. <licode file=/etc/spamity.conf>
- Daemon parameters
- You have to specify the following parameters only if you want to
- run the daemon on this machine.
- The maillog_path parameter can be overwritten at the command-line
maillog_path = /var/log/gw/mail.log
- The daemon can log messages to a file (optional).
logfile = /var/log/spamityd
sleep = 1 # depends on how fast your log file grows pidfile = /var/run/spamityd.pid
- The unknown_recipient parameter is the username to which are
- associated the blocked message for which the recipient is unknown
unknown_recipient = postmaster
quarantine_path = /var/amavis/quarantine
- The number of seconds before trying to reconnect to the database
- in case of failure. Set it to 0 to desactivate reconnection.
db_reconnect_interval = 60
- Web-interface parameters
- You have to specify the following parameters only if you want to
- use the web interface on this machine.
cgibin_path = /spamity # URL of the cgi-bin directory htdocs_path = /spamity/htdocs # URL of the htdocs directory
default_language = fr_CA
- Administrator flag name used in sessions files
admin_id = _admin # must not be a valid account name
- Administrator accounts
admin = postmaster # comma-separated list of accounts names
- Absolute path of the templates directory
templates_path = /usr/share/spamity/cgi-bin/templates
- Default number of results shown per page
- Must be 25, 50, or 100
results_page = 25
- Antispam-free SMTP server name that allows reinjection
- Comment this parameter if you don't want to allow reinjection.
reinjection_smtp_server = localhost:10025
- Virus reinjection
allow_virus_reinjection = false
- On the stats page for the last week, show an additional graph for
- the average number of rejected messages by day of week (dow).
- This graph is disable by default since it's SQL intensive.
show_graph_dow = false
- Authentication backend
- Specify the backend used for users authentication.
- Possible values (case sensitive) are:
- 'imap' : Authenticate through an IMAP server.
- 'ldap' : Authenticate through LDAP. The server(s) defined in the
- lookup section are used.
- authentication_backend = ldap
authentication_backend = imap
- Specify the IMAP server if you use the 'imap' backend.
imap_server = localhost
- Session handler
- Specify where the sessions are stored.
- If you want to store the sessions in a database, the table 'sessions'
- must currently be defined in the same database as the tables used by
- Spamity. Therefore, it must match the value of 'database_backend'.
- Possible values (case sensitive) are:
- 'file' : Sessions are stored in files under 'session_path'.
- 'pgsql' : Sessions are stored in a PostgreSQL database.
- 'mysql' : Sessions are stored in a MySQL database.
- session_handler = file
session_handler = mysql
- If you use the file session handler, define the path where the
- sessions files are saved
- This directory must exist and owned by the httpd user
session_path = /tmp/cgisessid </licode>
Configuration Apache
Il faut aussi configurer apache: <licode file="httpd.conf ou configuration vhost">
Alias /spamity/htdocs /usr/share/spamity/htdocs/ ScriptAlias /spamity/ /usr/share/spamity/cgi-bin/
<Directory /usr/share/spamity/> Order allow,deny Allow from all Options -FollowSymLinks +ExecCGI
<IfModule mod_mime.c> AddHandler cgi-script .cgi </IfModule>
</Directory> </licode>
Configuration gentoo
Les fichiers suivants pemettent de gérer spamityd comme un démon classique:
<licode file=/etc/conf.d/spamityd>
- DON'T CHANGE THIS
CONF="/etc/spamity.conf"
- You probably don't want to change this, but in case you do
HOSTNAME="gw" LOGFILE="/var/log/gw/mail.log" PIDFILE="spamityd.pid"
DEBUG=0
- This pulls in the options above
SPAMITYD_OPTS="--host $HOSTNAME -f $LOGFILE -t" </licode>
<licode file=/etc/init.d/spamityd>
- !/sbin/runscript
depend() {
need amavisd
}
checkconfig() {
if [ ! -e $CONF ] ; then eerror "You need a configuration file to run spamityd" return 1 fi
}
start() {
checkconfig || return 1 ebegin "Starting spamityd" if [ "$DEBUG" = "1" ];then start-stop-daemon --start --quiet --exec /sbin/spamityd -- ${SPAMITYD_OPTS} --debug echo echo "DEBUG mode: type /etc/init.d/spamityd zap to stop." else start-stop-daemon --start --exec /sbin/spamityd -- ${SPAMITYD_OPTS} >/dev/null 2>1& array=`ps -e -o pid,comm | grep spamityd | head -n 1 | cut -d " " -f 1` echo ${array[0]} > ${PIDFILE} fi eend $?
}
stop() {
ebegin "Stopping spamityd" start-stop-daemon --stop --quiet --pidfile ${PIDFILE} eend $?
} </licode>
Gestion des fichiers de log
Si les fichiers de log subissent une rotation , il faut prévenir spamityd avec une ligne dans le script de rotation du type:
/bin/kill -HUP `cat /var/run/spamityd.pid 2> /dev/null` 2> /dev/null || true
Configuration ldap
<licode file=/etc/spamity.conf>
- Lookup parameters
- Specify the backend for usernames and addresses lookups.
- Possible values are:
- 'file' : Your email addresses table is defined in a text file.
- 'ldap' : You use a LDAP server to handle the addresses table.
lookup_backend = ldap
- File variables
- Defined the following paths only if you use the 'file' backend.
- mail_addresses_path = /etc/postfix/virtual
- mail_aliases_path = /etc/postfix/aliases
- mail_domains_path = /etc/postfix/domains
- LDAP variables
- Defined the following paramaters only if you use the 'ldap' backend.
- The LDAP server name or address. You can list multiple servers, separated by commas,
- that use the same parameters.
ldap_server = ldap.livois.com
- Branch of search
ldap_search_base = o=hebergement,dc=livois,dc=com
- Distinguished name and password for binding to the LDAP server.
- Leave blank for anonymous access.
- ldap_bind_dn = uid=manager,o=hebergement,dc=livois,dc=com
- ldap_bind_password = secret
- LDAP attribute defining the username
ldap_attribute_username = uid
- List of LDAP attributes defining email addresses.
- Each attribute must be separated by a comma
ldap_attributes_email = mail
- Additional LDAP filter when performing a search (optional).
- ldap_query_filter = (objectClass=person)
- List of domains for which you accept mail.
ldap_domains = livois.com </licode>
Outils d'administration
Les commandes postfix
- mailq
affiche la queue – liste des mails à traiter
- postsuper
-r (requeue)
- qshape
analyse l'état de la queue
- postmap
-q test l'existence d'un utilisateur dans une base
pfqueue
Package Gentoo : pfqueue
http://pfqueue.sourceforge.net/
Cet outil est un outil de gestion des queues postfix. Il permet de regarder les queues deferred/active/incoming/hold et d'agir sur les mails de ces queues : suppression/hold/libération/requeue/visionnage.
damnit
cf message d'absence et gnarwl
Tests du système
Interactive DNS MX-verify: http://www.zmailer.org/mxverify.html
Copyright
© 2006 Christophe de Livois
Vous avez l'autorisation de copier, distribuer et/ou modifier ce document suivant les termes de la GNU Free Documentation License, Version 1.2 ou n'importe quelle version ultérieure publiée par la Free Software Foundation; sans section invariante, sans page de garde, sans entête et sans page finale. Pour plus d'informations consulter le site de l'APRIL. |