1 4 5 6 7 8 Previous Next 118 Replies Latest reply on Nov 19, 2011 8:09 AM by !Real Go to original post
      • 90. Re: ESVA 1.6
        LogIQ Novice

        Andy

         

        That is why I would like to manually be able to browse the Postgrey logfile, so I can sleep a night, knowing that my customers mails gets through.

         

        Well for a start gmail.com. Sending from my google mail resultet in a returned failure message instantly.

         

        \- Ulrich

        • 91. Re: ESVA 1.6
          LogIQ Novice

          julian_o_brien

           

          I am looking forward to that script. I must admit that I am a little worried/sceptic about the Postgrey feature as it removes 99.9% og all my spam. I do get a lot of "real" mails through, but I would like to see what is beeing rejected and what is not, and then form a large whitelist, just to be sure.

           

          \- Ulrich

          • 92. Re: ESVA 1.6
            julian_o_brien Enthusiast

            I'm cleaning up my script a bit so I won't be terribly embarrassed when the public at large looks at it (blush).  Also, I have to change permissions on /var/log/maillog, and I'm not sure if logrotate will reset these permissions.  (if anybody has any ideas on this then I'm all ears).  Hopefully I'll post up a basic version later today.  Thanks for the interest.

             

            - Andy:  All the credit goes to you my man.  This is a great virtual machine.

             

            Oh, and one more thing.  Any real email that doesn't get through because of postgrey, is only because of a poorly configured mailserver on the other end.  I've already called a couple ISPs to have them fix their mailservers response to 450 errors.  They are always responsive when you say "Your mail server is broken and here's why..."

             

            Message was edited by:

                    julian_o_brien

            • 93. Re: ESVA 1.6
              LogIQ Novice

              julian_o_brien

               

              Looking forward to trying your script.

               

              I know how postgrey works, and why some mailservers fail, but that does not change the risk of a very business critial mail, or a mail from a potential big new customer goes to the trash because of postgrey.

               

              \- Ulrich

              • 94. Re: ESVA 1.6
                andy.mac Hot Shot

                Agreed on the missing email thing - That's why Julian's script will be so useful.

                 

                -Have you considered running a cron job hourly that just updates a web page containing the postgrey details?

                That way the cron job can run as root and not have issues with permissions, but wouldn't be as up to date as your php script.

                Also (thinking aloud now) maybe put a job in cron.houly to reset the permissions on the rotated log file???

                 

                -Andy

                • 95. Re: ESVA 1.6
                  julian_o_brien Enthusiast

                  o.k. so a very basic script here.  i use one that's a little more complex (searches by user name) but this one gives the basic idea.  i'll be working on it to make it more useful and i'll keep everybody updated.

                   

                  two files->

                   

                  1st file is scanLog.php

                  it searches the maillog for delays and sends

                   

                  $line) { if (strpos($line, "NOQUEUE")) { $pos1 = strpos($line, 'from='); $pos2 = strpos($line, 'to='); $delays\[substr($line, $pos1 + 6, $pos2 - $pos1 - 8)] = substr($line, 0, 15); } elseif (strpos($line, "hold")) { $pos1 = strpos($line, 'from='); $pos2 = strpos($line, 'to='); $sents\[substr($line, $pos1 + 6, $pos2 - $pos1 - 8)] = substr($line, 0, 15); } } foreach ($sents as $key => $sent){ if (isset($delays\[$key])){ unset($delays\[$key]); } } unset($key, $file); //display the data echo '

                  '; echo 'h2. Delays: '; echo '

                  These email address were told to resend, but have not done so successfully yet.
                  '; echo 'They may still try to resend in the future.

                  '; foreach ($delays as $key => $delay) { echo $delay . ' - ' . '[' . $key . ' | searchLog.php?search=' . urlencode($key) . ']
                  <//br>'; } unset($key); echo '
                  '; echo 'h2. Sents: '; echo '

                  These emails were succesfully sent.


                  '; foreach ($sents as $key => $sent){ echo $sent . ' - ' . '[' . $key . ' | searchLog.php?search=' . urlencode($key) . ']
                  <//br>'; } echo '
                  '; ?>

                  /code

                   

                  2nd file is searchLog.php

                  it simply searches the log for the email address in the first script, so you can get a better idea as to what exactly happened.  you'll see.

                  you can also use searchLog.php to search for any string you want.

                   

                  Search String:

                  '; exit(); } $file = '/var/log/maillog'; $file = file($file); echo '
                  ';$delays = array();$sents = array();foreach ($file as $key => $line) { if (strpos($line, $_GET\['search'])) {  print_r($line); }}echo '</xmp>';?></body>

                  /code

                   

                  copy this text into two files and upload them to  esva  at /var/www/html with webmin and point your browser to http://esva.ip.address/scanLog.php.

                   

                  as far as the permissions thing goes, it appears logrotate will keep the original permissions (whatever that means for sure i'll find out).  if it does reset the permissions on maillog then logrotate can be fixed to run chmod right after it rotates.

                   

                  Message was edited by:

                          julian_o_brien

                  • 96. Re: ESVA 1.6
                    LogIQ Novice

                    julian_o_brien

                     

                    Thank you for the script, it works perfectly!

                     

                    Someone will eventually help you crack the permissions issue, I am sure.

                     

                    May I propose a change to the script? I am no programmer, and therefore have no idea as to how difficult it is to do.

                     

                    Would it be possible to read out the filter for the user logged on to MailWatch, and make your script sort results by these filters?

                     

                    If user@domain.com is logged on MailWatch and is only able to see mails to user@domain.com, scanLog.php would also sort to only show entrys for this e-mail address.

                     

                    If possible one could just make a link to it from Tools/Links and all users could react if any errors should occur.

                     

                    Thanks again!

                     

                    \- Ulrich

                    • 97. Re: ESVA 1.6
                      julian_o_brien Enthusiast

                      Yeah, to have the search limited by user was my original idea and will be the final goal.

                       

                      I've changed my approach at this point.  My new idea is to use a cron job that runs postgreyreport (which shows all emails that havent gotten through) and then parse it's output file.  It seems to work a little cleaner than having me parsing each line in the maillog (though I still want to do this for searchLog.php).

                       

                      I'll keep this place updated.

                       

                      Also, I agree that a phpbb forum would be great for this.

                      • 98. Re: ESVA 1.6
                        andy.mac Hot Shot

                        Great work - and thanks again!

                         

                        There seems to a bit of a community springing up around ESVA so I will mostlikely setup a phpbb based forum on global-domination.org.

                         

                        \|'ll keep you posted re: this.

                         

                        At some stage I think that I'll create a maintenance release (aim is to upgrade existing 1.6 installs inplace) to include this sort of reporting as well as a few other minor enhancements.

                         

                        -Andy

                        • 99. Re: ESVA 1.6
                          andy.mac Hot Shot

                          I've tried this out, but all I get back is blank screen once i've set the perms on /var/log/maillog to 644. (same with 777).

                           

                          Any idea?

                           

                          -Andy

                          • 100. Re: ESVA 1.6
                            LogIQ Novice

                            \- Andy and julian_o_brien

                             

                            I had the script working perfectly for about 30 hours or so, but now I also get a blank screen.

                             

                            \- Ulrich

                            • 101. Re: ESVA 1.6
                              LogIQ Novice

                              Andy

                               

                              Is there a way to make ESVA check the receiving mailserver for the existans of the mailbox, and reject mails sent to non-existing mailboxes?

                               

                              ESVA correctly stops most of these, and those comming through should not be received anywhere as the domain has no catchall. Where do these messages go?

                               

                              \- Ulrich

                              • 102. Re: ESVA 1.6
                                andy.mac Hot Shot

                                Cheers - I was thinking along those lines anyway, so I'll probably go down that route...

                                 

                                -Andy

                                • 103. Re: ESVA 1.6
                                  andy.mac Hot Shot

                                  Hi Ulrich,

                                  1.6 doesn't do any recipient checking (unlike 1.5) due to the fact that I designed it to check outbound messages as well...

                                  Because of this, all inbound messages for a given domain are routed to the appropriate mailserver for that domain after the normal checks. It is unfortunately upto the receiving mailserver to reject unknown recipients which is far from ideal, however there are ways of importing lists of valid recipients via LDAP so that ESVA (actually postfix) can handle the rejection bit. The exact method really depends on what the downstream mailserver is.

                                   

                                  -Andy

                                  • 104. Re: ESVA 1.6
                                    LogIQ Novice

                                    Andy

                                     

                                    Could be a little more specific as to where to setup postfix for that import?

                                     

                                    Also when using ESVA for outbound messages, is it then ESVA IP/URL that the user should set in as outgoing SMTP in Outlook?

                                     

                                    I am quite sure that one of my customers has different server with different IPs for smtp receiving mails and smtp sending mails, how do I configure this i ESVA/Postfix?

                                     

                                    Thx again for this marvelous virtual machine.

                                     

                                    \- Ulrich

                                    1 4 5 6 7 8 Previous Next