Fix #1093, pflogsumm and logwatch

This commit is contained in:
Erik Wramner 2019-09-15 15:40:05 +02:00
parent 0d1e716f36
commit 008b8e6bce
6 changed files with 173 additions and 24 deletions

View file

@ -44,6 +44,8 @@ RUN echo "deb http://http.debian.net/debian stretch-backports main" | tee -a /et
iproute2 \
iptables \
locales \
logwatch \
libdate-manip-perl \
liblz4-tool \
libmail-spf-perl \
libnet-dns-perl \
@ -99,7 +101,8 @@ RUN echo "deb http://http.debian.net/debian stretch-backports main" | tee -a /et
touch /var/log/auth.log && \
update-locale && \
rm -f /etc/cron.weekly/fstrim && \
rm -f /etc/postsrsd.secret
rm -f /etc/postsrsd.secret && \
rm -f /etc/cron.daily/00logwatch
# install filebeat for logging
RUN curl https://packages.elasticsearch.org/GPG-KEY-elasticsearch | apt-key add - && \

View file

@ -132,6 +132,7 @@ services:
volumes:
- maildata:/var/mail
- mailstate:/var/mail-state
- maillogs:/var/log/mail
- ./config/:/tmp/docker-mailserver/
environment:
- ENABLE_SPAMASSASSIN=1
@ -149,6 +150,8 @@ volumes:
driver: local
mailstate:
driver: local
maillogs:
driver: local
```
__for ldap setup__:
@ -170,6 +173,7 @@ services:
volumes:
- maildata:/var/mail
- mailstate:/var/mail-state
- maillogs:/var/log/mail
- ./config/:/tmp/docker-mailserver/
environment:
- ENABLE_SPAMASSASSIN=1
@ -206,6 +210,8 @@ volumes:
driver: local
mailstate:
driver: local
maillogs:
driver: local
```
# Environment variables
@ -347,28 +353,81 @@ Set the message size limit for all users. If set to zero, the size will be unlim
- ignore => Ignore the failure of this test. Allow other tests to complete. Repeat this test the next time the client connects. This option is useful for testing and collecting statistics without blocking mail.
##### REPORT_RECIPIENT
## Reports
##### PFLOGSUMM_TRIGGER
Enables a report being sent (created by pflogsumm) on a regular basis.
- **0** => Report emails are disabled
- **none** => No report
- daily_cron => Daily report for Yesterday will be sent
- logrotate => Full report for period will be sent when logs are rotated
This is a new option. The old REPORT options are still supported for backwards compatibility.
If this is not set and reports are enabled with the old options, logrotate will be used.
##### PFLOGSUMM_RECIPIENT
Recipient address for pflogsumm reports if they are enabled.
- **not set** => Use REPORT_RECIPIENT or POSTMASTER_ADDRESS
- => Specify the recipient address(es)
##### PFLOGSUMM_SENDER
From address for pflogsumm reports if they are enabled.
- **not set** => Use REPORT_SENDER or POSTMASTER_ADDRESS
- => Specify the sender address
##### LOGWATCH_INTERVAL
Interval for logwatch report.
- **none** => No report is generated
- daily => Send a daily report
- weekly => Send a report every week
##### LOGWATCH_RECIPIENT
Recipient address for logwatch reports if they are enabled.
- **not set** => Use REPORT_RECIPIENT or POSTMASTER_ADDRESS
- => Specify the recipient address(es)
##### REPORT_RECIPIENT (deprecated)
Enables a report being sent (created by pflogsumm) on a regular basis.
- **0** => Report emails are disabled unless enabled by other options
- 1 => Using POSTMASTER_ADDRESS as the recipient
- => Specify the recipient address
##### REPORT_SENDER
##### REPORT_SENDER (deprecated)
Change the sending address for mail report
- **empty** => mailserver-report@hostname
- => Specify the report sender (From) address
##### REPORT_INTERVAL (deprecated)
##### REPORT_INTERVAL
changes the interval in which a report is being sent.
changes the interval in which logs are rotated and a report is being sent (deprecated).
- **daily** => Send a daily report
- weekly => Send a report every week
- monthly => Send a report every month
Note: This Variable actually controls logrotate inside the container and rotates the log depending on this setting. The main log output is still available in its entirety via `docker logs mail` (Or your respective container name). If you want to control logrotation for the docker generated logfile see: [Docker Logging Drivers](https://docs.docker.com/config/containers/logging/configure/)
Note: This variable used to control logrotate inside the container and sent the pflogsumm report when the logs were rotated.
It is still supported for backwards compatibility, but the new option LOGROTATE_INTERVAL has been added that only rotates
the logs.
##### LOGROTATE_INTERVAL
Defines the interval in which the mail log is being rotated.
- **daily** => Rotate daily.
- weekly => Rotate weekly.
- monthly => Rotate monthly.
Note that only the log inside the container is affected.
The full log output is still available via `docker logs mail` (or your respective container name).
If you want to control logrotation for the docker generated logfile see: [Docker Logging Drivers](https://docs.docker.com/config/containers/logging/configure/).
Also note that by default the logs are lost when the container is recycled. To keep the logs, mount a volume.
Finally the logrotate interval **may** affect the period for generated reports. That is the case when the reports are triggered by log rotation.
## Spamassassin

View file

@ -15,6 +15,7 @@ services:
- "993:993"
volumes:
- maildata:/var/mail
- maillogs:/var/log/mail
- ./config/:/tmp/docker-mailserver/
environment:
- DMS_DEBUG=${DMS_DEBUG}
@ -53,6 +54,7 @@ services:
- LDAP_QUERY_FILTER_GROUP=${LDAP_QUERY_FILTER_GROUP}
- LDAP_QUERY_FILTER_ALIAS=${LDAP_QUERY_FILTER_ALIAS}
- LDAP_QUERY_FILTER_DOMAIN=${LDAP_QUERY_FILTER_DOMAIN}
- LOGROTATE_INTERVAL=${LOGROTATE_INTERVAL}
- DOVECOT_TLS=${DOVECOT_TLS}
- DOVECOT_USER_FILTER=${DOVECOT_USER_FILTER}
- DOVECOT_PASS_FILTER=${DOVECOT_PASS_FILTER}
@ -89,3 +91,5 @@ services:
volumes:
maildata:
driver: local
maillogs:
driver: local

View file

@ -13,6 +13,7 @@ services:
volumes:
- maildata:/var/mail
- mailstate:/var/mail-state
- maillogs:/var/log/mail
- ./config/:/tmp/docker-mailserver/
environment:
- DMS_DEBUG=${DMS_DEBUG}
@ -55,6 +56,7 @@ services:
- LDAP_QUERY_FILTER_GROUP=${LDAP_QUERY_FILTER_GROUP}
- LDAP_QUERY_FILTER_ALIAS=${LDAP_QUERY_FILTER_ALIAS}
- LDAP_QUERY_FILTER_DOMAIN=${LDAP_QUERY_FILTER_DOMAIN}
- LOGROTATE_INTERVAL=${LOGROTATE_INTERVAL}
- DOVECOT_TLS=${DOVECOT_TLS}
- DOVECOT_USER_FILTER=${DOVECOT_USER_FILTER}
- DOVECOT_PASS_FILTER=${DOVECOT_PASS_FILTER}
@ -91,4 +93,5 @@ volumes:
driver: local
mailstate:
driver: local
maillogs:
driver: local

View file

@ -0,0 +1,25 @@
#!/bin/bash
set -eo
HOSTNAME=$1
RECIPIENT=$2
SENDER=$3
errex() {
echo -e "$@" 1>&2
exit 1
}
test -x /usr/sbin/pflogsumm || errex "Critical: /usr/sbin/pflogsumm not found"
BODY=$(gzip -cdfq $(ls -tr /var/log/mail/mail.log*) | /usr/sbin/pflogsumm --problems_first -d yesterday)
sendmail -t <<EOF
From: $SENDER
To: $RECIPIENT
Subject: Postfix summary for $HOSTNAME sent $(date '+%Y-%m-%d_%H%M%S')
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset=UTF-8
$BODY
EOF

View file

@ -33,7 +33,8 @@ DEFAULT_VARS["SPOOF_PROTECTION"]="${SPOOF_PROTECTION:="0"}"
DEFAULT_VARS["TLS_LEVEL"]="${TLS_LEVEL:="modern"}"
DEFAULT_VARS["ENABLE_SRS"]="${ENABLE_SRS:="0"}"
DEFAULT_VARS["REPORT_RECIPIENT"]="${REPORT_RECIPIENT:="0"}"
DEFAULT_VARS["REPORT_INTERVAL"]="${REPORT_INTERVAL:="daily"}"
DEFAULT_VARS["LOGROTATE_INTERVAL"]="${LOGROTATE_INTERVAL:=${REPORT_INTERVAL:-"daily"}}"
DEFAULT_VARS["LOGWATCH_INTERVAL"]="${LOGWATCH_INTERVAL:="none"}"
DEFAULT_VARS["VIRUSMAILS_DELETE_DELAY"]="${VIRUSMAILS_DELETE_DELAY:="7"}"
##########################################################################
@ -164,9 +165,14 @@ function register_functions() {
_register_setup_function "_setup_environment"
_register_setup_function "_setup_logrotate"
if [ "$REPORT_RECIPIENT" != 0 ]; then
_register_setup_function "_setup_mail_summary"
fi
if [ "$PFLOGSUMM_TRIGGER" != "none" ]; then
_register_setup_function "_setup_mail_summary"
fi
if [ "$LOGWATCH_TRIGGER" != "none" ]; then
_register_setup_function "_setup_logwatch"
fi
# Compute last as the config files are modified in-place
_register_setup_function "_setup_chksum_file"
@ -438,8 +444,26 @@ function _setup_default_vars() {
# update POSTMASTER_ADDRESS - must be done done after _check_hostname()
DEFAULT_VARS["POSTMASTER_ADDRESS"]="${POSTMASTER_ADDRESS:=postmaster@${DOMAINNAME}}"
# update REPORT_SENDER - must be done done after _check_hostname()
DEFAULT_VARS["REPORT_SENDER"]="${REPORT_SENDER:=mailserver-report@${HOSTNAME}}"
# update REPORT_SENDER - must be done done after _check_hostname()
DEFAULT_VARS["REPORT_SENDER"]="${REPORT_SENDER:=mailserver-report@${HOSTNAME}}"
DEFAULT_VARS["PFLOGSUMM_SENDER"]="${PFLOGSUMM_SENDER:=${REPORT_SENDER}}"
# set PFLOGSUMM_TRIGGER here for backwards compatibility
# when REPORT_RECIPIENT is on the old method should be used
if [ $"REPORT_RECIPIENT" != "0" ]; then
DEFAULT_VARS["PFLOGSUMM_TRIGGER"]="${PFLOGSUMM_TRIGGER:="logrotate"}"
else
DEFAULT_VARS["PFLOGSUMM_TRIGGER"]="${PFLOGSUMM_TRIGGER:="none"}"
fi
# Expand address to simplify the rest of the script
if [ $"REPORT_RECIPIENT" == "1" ]; then
REPORT_RECIPIENT="$POSTMASTER_ADDRESS"
DEFAULT_VARS["REPORT_RECIPIENT"]="${REPORT_RECIPIENT}"
fi
DEFAULT_VARS["PFLOGSUMM_RECIPIENT"]="${PFLOGSUMM_RECIPIENT:=${REPORT_RECIPIENT}}"
DEFAULT_VARS["LOGWATCH_RECIPIENT"]="${LOGWATCH_RECIPIENT:=${REPORT_RECIPIENT}}"
for var in ${!DEFAULT_VARS[@]}; do
echo "export $var=\"${DEFAULT_VARS[$var]}\"" >> /root/.bashrc
@ -626,7 +650,7 @@ function _setup_dovecot_local_user() {
if [[ ! $(grep '@' /tmp/docker-mailserver/postfix-accounts.cf | grep '|') ]]; then
if [ $ENABLE_LDAP -eq 0 ]; then
notify 'fatal' "Unless using LDAP, you need at least 1 email account to start the server."
notify 'fatal' "Unless using LDAP, you need at least 1 email account to start Dovecot."
defunc
fi
fi
@ -1385,17 +1409,17 @@ function _setup_logrotate() {
notify 'inf' "Setting up logrotate"
LOGROTATE="/var/log/mail/mail.log\n{\n compress\n copytruncate\n delaycompress\n"
case "$REPORT_INTERVAL" in
case "$LOGROTATE_INTERVAL" in
"daily" )
notify 'inf' "Setting postfix summary interval to daily"
notify 'inf' "Setting postfix logrotate interval to daily"
LOGROTATE="$LOGROTATE rotate 1\n daily\n"
;;
"weekly" )
notify 'inf' "Setting postfix summary interval to weekly"
notify 'inf' "Setting postfix logrotate interval to weekly"
LOGROTATE="$LOGROTATE rotate 1\n weekly\n"
;;
"monthly" )
notify 'inf' "Setting postfix summary interval to monthly"
notify 'inf' "Setting postfix logrotate interval to monthly"
LOGROTATE="$LOGROTATE rotate 1\n monthly\n"
;;
esac
@ -1404,10 +1428,41 @@ function _setup_logrotate() {
}
function _setup_mail_summary() {
notify 'inf' "Enable postfix summary with recipient $REPORT_RECIPIENT"
[ "$REPORT_RECIPIENT" = 1 ] && REPORT_RECIPIENT=$POSTMASTER_ADDRESS
sed -i "s|}| postrotate\n /usr/local/bin/postfix-summary $HOSTNAME \
$REPORT_RECIPIENT $REPORT_SENDER\n endscript\n}\n|" /etc/logrotate.d/maillog
notify 'inf' "Enable postfix summary with recipient $PFLOGSUMM_RECIPIENT"
case "$PFLOGSUMM_TRIGGER" in
"daily_cron" )
notify 'inf' "Creating daily cron job for pflogsumm report"
echo "#!/bin/bash" > /etc/cron.daily/postfix-summary
echo "/usr/local/bin/report-pflogsumm-yesterday $HOSTNAME $PFLOGSUMM_RECIPIENT $PFLOGSUMM_SENDER" \
>> /etc/cron.daily/postfix-summary
chmod +x /etc/cron.daily/postfix-summary
;;
"logrotate" )
notify 'inf' "Add postrotate action for pflogsumm report"
sed -i "s|}| postrotate\n /usr/local/bin/postfix-summary $HOSTNAME \
$PFLOGSUMM_RECIPIENT $PFLOGSUMM_SENDER\n endscript\n}\n|" /etc/logrotate.d/maillog
;;
esac
}
function _setup_logwatch() {
notify 'inf' "Enable logwatch reports with recipient $LOGWATCH_RECIPIENT"
case "$LOGWATCH_INTERVAL" in
"daily" )
notify 'inf' "Creating daily cron job for logwatch reports"
echo "#!/bin/bash" > /etc/cron.daily/logwatch
echo "/usr/sbin/logwatch --range Yesterday --hostname $HOSTNAME --mailto $LOGWATCH_RECIPIENT" \
>> /etc/cron.daily/logwatch
chmod 744 /etc/cron.daily/logwatch
;;
"weekly" )
notify 'inf' "Creating weekly cron job for logwatch reports"
echo "#!/bin/bash" > /etc/cron.weekly/logwatch
echo "/usr/sbin/logwatch --range 'between -7 days and -1 days' --hostname $HOSTNAME --mailto $LOGWATCH_RECIPIENT" \
>> /etc/cron.weekly/logwatch
chmod 744 /etc/cron.weekly/logwatch
;;
esac
}
function _setup_environment() {