mirror of
https://github.com/docker-mailserver/docker-mailserver.git
synced 2024-01-19 02:48:50 +00:00
Adding daily mail review from Issue 839 (#881)
* Added dependencies, binary, startup configuration * Added env variable to dist files/readme * send summary after each logrotate, added env variable for mail/logrotate interval * remove mail.log from rsyslogs logrotate * rotate mail.log when no email is set * Added documentation for POSTFIX_LOGROTATE_INTERVAL * Removed interval option, since its not being tested for. * changed test to force logrotate to rotate fixed logrotate config * readded setup_environment, made logrotate_setup being called everytime * changed documentation for new variable names - again * Did Documentation, added a default recipient, added test for default config. * layout fix * changed variable names apposite the documentation
This commit is contained in:
parent
9192816e85
commit
a420b15370
14
.env.dist
14
.env.dist
|
@ -94,6 +94,20 @@ Enabled by ENABLE_POSTFIX_VIRTUAL_TRANSPORT. Specify the final delivery of postf
|
||||||
# etc.
|
# etc.
|
||||||
POSTFIX_DAGENT=
|
POSTFIX_DAGENT=
|
||||||
|
|
||||||
|
# Enables a report being sent (created by pflogsumm) on a regular basis.
|
||||||
|
# **0** => Report emails are disabled
|
||||||
|
# 1 => Using POSTMASTER_ADDRESS as the recipient
|
||||||
|
# => Specify the recipient address
|
||||||
|
REPORT_RECIPIENT=0
|
||||||
|
|
||||||
|
# Changes the interval in which a report is being sent.
|
||||||
|
# **daily** => Send a daily report
|
||||||
|
# weekly => Send a report every week
|
||||||
|
# monthly => Send a report every month
|
||||||
|
#
|
||||||
|
# Note: This Variable actually controls logrotate inside the container and rotates the log depending on this setting. The main log output is still available in its entirety via `docker logs mail` (Or your respective container name). If you want to control logrotation for the docker generated logfile see: [Docker Logging Drivers](https://docs.docker.com/config/containers/logging/configure/)
|
||||||
|
REPORT_INTERVAL=daily
|
||||||
|
|
||||||
# -----------------------------------------------------------------------------------------------------------------------------
|
# -----------------------------------------------------------------------------------------------------------------------------
|
||||||
# --------------------- Spamassassin section ----------------------------------------------------------------------------------
|
# --------------------- Spamassassin section ----------------------------------------------------------------------------------
|
||||||
# -----------------------------------------------------------------------------------------------------------------------------
|
# -----------------------------------------------------------------------------------------------------------------------------
|
||||||
|
|
|
@ -50,6 +50,7 @@ RUN apt-get update -q --fix-missing && \
|
||||||
opendkim-tools \
|
opendkim-tools \
|
||||||
opendmarc \
|
opendmarc \
|
||||||
pax \
|
pax \
|
||||||
|
pflogsumm \
|
||||||
p7zip-full \
|
p7zip-full \
|
||||||
postfix-ldap \
|
postfix-ldap \
|
||||||
postfix-pcre \
|
postfix-pcre \
|
||||||
|
@ -197,6 +198,7 @@ RUN sed -i -r "/^#?compress/c\compress\ncopytruncate" /etc/logrotate.conf && \
|
||||||
sed -i -r 's|UpdateLogFile /var/log/clamav/|UpdateLogFile /var/log/mail/|g' /etc/clamav/freshclam.conf && \
|
sed -i -r 's|UpdateLogFile /var/log/clamav/|UpdateLogFile /var/log/mail/|g' /etc/clamav/freshclam.conf && \
|
||||||
sed -i -r 's|/var/log/clamav|/var/log/mail|g' /etc/logrotate.d/clamav-daemon && \
|
sed -i -r 's|/var/log/clamav|/var/log/mail|g' /etc/logrotate.d/clamav-daemon && \
|
||||||
sed -i -r 's|/var/log/clamav|/var/log/mail|g' /etc/logrotate.d/clamav-freshclam && \
|
sed -i -r 's|/var/log/clamav|/var/log/mail|g' /etc/logrotate.d/clamav-freshclam && \
|
||||||
|
sed -i -r '/\/var\/log\/mail\/mail.log/d' /etc/logrotate.d/rsyslog && \
|
||||||
sed -i -r 's|/var/log/mail|/var/log/mail/mail|g' /etc/logrotate.d/rsyslog && \
|
sed -i -r 's|/var/log/mail|/var/log/mail/mail|g' /etc/logrotate.d/rsyslog && \
|
||||||
# prevent syslog logrotate warnings \
|
# prevent syslog logrotate warnings \
|
||||||
sed -i -e 's/\(printerror "could not determine current runlevel"\)/#\1/' /usr/sbin/invoke-rc.d && \
|
sed -i -e 's/\(printerror "could not determine current runlevel"\)/#\1/' /usr/sbin/invoke-rc.d && \
|
||||||
|
|
1
Makefile
1
Makefile
|
@ -25,6 +25,7 @@ run:
|
||||||
-e ENABLE_CLAMAV=1 \
|
-e ENABLE_CLAMAV=1 \
|
||||||
-e SPOOF_PROTECTION=1 \
|
-e SPOOF_PROTECTION=1 \
|
||||||
-e ENABLE_SPAMASSASSIN=1 \
|
-e ENABLE_SPAMASSASSIN=1 \
|
||||||
|
-e REPORT_RECIPIENT=user1@localhost.localdomain \
|
||||||
-e SA_TAG=-5.0 \
|
-e SA_TAG=-5.0 \
|
||||||
-e SA_TAG2=2.0 \
|
-e SA_TAG2=2.0 \
|
||||||
-e SA_KILL=3.0 \
|
-e SA_KILL=3.0 \
|
||||||
|
|
16
README.md
16
README.md
|
@ -311,6 +311,22 @@ Enabled by ENABLE_POSTFIX_VIRTUAL_TRANSPORT. Specify the final delivery of postf
|
||||||
- drop => Drop the connection immediately with a 521 SMTP reply. Repeat this test the next time the client connects.
|
- drop => Drop the connection immediately with a 521 SMTP reply. Repeat this test the next time the client connects.
|
||||||
- ignore => Ignore the failure of this test. Allow other tests to complete. Repeat this test the next time the client connects. This option is useful for testing and collecting statistics without blocking mail.
|
- ignore => Ignore the failure of this test. Allow other tests to complete. Repeat this test the next time the client connects. This option is useful for testing and collecting statistics without blocking mail.
|
||||||
|
|
||||||
|
##### REPORT_RECIPIENT
|
||||||
|
|
||||||
|
Enables a report being sent (created by pflogsumm) on a regular basis.
|
||||||
|
- **0** => Report emails are disabled
|
||||||
|
- 1 => Using POSTMASTER_ADDRESS as the recipient
|
||||||
|
- => Specify the recipient address
|
||||||
|
|
||||||
|
##### REPORT_INTERVAL
|
||||||
|
|
||||||
|
changes the interval in which a report is being sent.
|
||||||
|
- **daily** => Send a daily report
|
||||||
|
- weekly => Send a report every week
|
||||||
|
- monthly => Send a report every month
|
||||||
|
|
||||||
|
Note: This Variable actually controls logrotate inside the container and rotates the log depending on this setting. The main log output is still available in its entirety via `docker logs mail` (Or your respective container name). If you want to control logrotation for the docker generated logfile see: [Docker Logging Drivers](https://docs.docker.com/config/containers/logging/configure/)
|
||||||
|
|
||||||
## Spamassassin
|
## Spamassassin
|
||||||
|
|
||||||
##### ENABLE_SPAMASSASSIN
|
##### ENABLE_SPAMASSASSIN
|
||||||
|
|
|
@ -26,6 +26,8 @@ services:
|
||||||
- OVERRIDE_HOSTNAME=${OVERRIDE_HOSTNAME}
|
- OVERRIDE_HOSTNAME=${OVERRIDE_HOSTNAME}
|
||||||
- POSTMASTER_ADDRESS=${POSTMASTER_ADDRESS}
|
- POSTMASTER_ADDRESS=${POSTMASTER_ADDRESS}
|
||||||
- POSTSCREEN_ACTION=${POSTSCREEN_ACTION}
|
- POSTSCREEN_ACTION=${POSTSCREEN_ACTION}
|
||||||
|
- REPORT_RECIPIENT=${REPORT_RECIPIENT}
|
||||||
|
- REPORT_INTERVAL=${REPORT_INTERVAL}
|
||||||
- SMTP_ONLY=${SMTP_ONLY}
|
- SMTP_ONLY=${SMTP_ONLY}
|
||||||
- SSL_TYPE=${SSL_TYPE}
|
- SSL_TYPE=${SSL_TYPE}
|
||||||
- PERMIT_DOCKER=${PERMIT_DOCKER}
|
- PERMIT_DOCKER=${PERMIT_DOCKER}
|
||||||
|
|
|
@ -24,6 +24,8 @@ services:
|
||||||
- OVERRIDE_HOSTNAME=${OVERRIDE_HOSTNAME}
|
- OVERRIDE_HOSTNAME=${OVERRIDE_HOSTNAME}
|
||||||
- POSTMASTER_ADDRESS=${POSTMASTER_ADDRESS}
|
- POSTMASTER_ADDRESS=${POSTMASTER_ADDRESS}
|
||||||
- POSTSCREEN_ACTION=${POSTSCREEN_ACTION}
|
- POSTSCREEN_ACTION=${POSTSCREEN_ACTION}
|
||||||
|
- REPORT_RECIPIENT=${REPORT_RECIPIENT}
|
||||||
|
- REPORT_INTERVAL=${REPORT_INTERVAL}
|
||||||
- SMTP_ONLY=${SMTP_ONLY}
|
- SMTP_ONLY=${SMTP_ONLY}
|
||||||
- SSL_TYPE=${SSL_TYPE}
|
- SSL_TYPE=${SSL_TYPE}
|
||||||
- TLS_LEVEL=${TLS_LEVEL}
|
- TLS_LEVEL=${TLS_LEVEL}
|
||||||
|
|
18
target/bin/postfix-summary
Normal file
18
target/bin/postfix-summary
Normal file
|
@ -0,0 +1,18 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
HOSTNAME=$1
|
||||||
|
RECIPIENT=$2
|
||||||
|
|
||||||
|
errex() {
|
||||||
|
echo -e "$@" 1>&2
|
||||||
|
exit 1
|
||||||
|
}
|
||||||
|
|
||||||
|
test -x /usr/sbin/pflogsumm || errex "Critical: /usr/sbin/pflogsumm not found"
|
||||||
|
|
||||||
|
BODY="Subject: Postfix Summary for $HOSTNAME\n\n"
|
||||||
|
# The case that the mail.log.1 file isn't readable shouldn't actually be possible with logrotate not rotating empty files.. But you never know!
|
||||||
|
[ -r "/var/log/mail/mail.log.1" ] \
|
||||||
|
&& BODY="$BODY"$(/usr/sbin/pflogsumm /var/log/mail/mail.log.1 --problems-first) \
|
||||||
|
|| BODY="$BODY Error: Mail log not readable or not found: /var/log/mail/mail.log.1\n\nIn case of mail inactivity since the last report, this might be considered a nuisance warning.\n\nYours faithfully, The $HOSTNAME Mailserver"
|
||||||
|
echo -e "$BODY" | sendmail -f "mailserver-report@$HOSTNAME" "$RECIPIENT"
|
|
@ -27,6 +27,8 @@ DEFAULT_VARS["POSTMASTER_ADDRESS"]="${POSTMASTER_ADDRESS:="postmaster@domain.com
|
||||||
DEFAULT_VARS["POSTSCREEN_ACTION"]="${POSTSCREEN_ACTION:="enforce"}"
|
DEFAULT_VARS["POSTSCREEN_ACTION"]="${POSTSCREEN_ACTION:="enforce"}"
|
||||||
DEFAULT_VARS["SPOOF_PROTECTION"]="${SPOOF_PROTECTION:="0"}"
|
DEFAULT_VARS["SPOOF_PROTECTION"]="${SPOOF_PROTECTION:="0"}"
|
||||||
DEFAULT_VARS["TLS_LEVEL"]="${TLS_LEVEL:="modern"}"
|
DEFAULT_VARS["TLS_LEVEL"]="${TLS_LEVEL:="modern"}"
|
||||||
|
DEFAULT_VARS["REPORT_RECIPIENT"]="${REPORT_RECIPIENT:="0"}"
|
||||||
|
DEFAULT_VARS["REPORT_INTERVAL"]="${REPORT_INTERVAL:="daily"}"
|
||||||
##########################################################################
|
##########################################################################
|
||||||
# << DEFAULT VARS
|
# << DEFAULT VARS
|
||||||
##########################################################################
|
##########################################################################
|
||||||
|
@ -135,6 +137,11 @@ function register_functions() {
|
||||||
fi
|
fi
|
||||||
|
|
||||||
_register_setup_function "_setup_environment"
|
_register_setup_function "_setup_environment"
|
||||||
|
_register_setup_function "_setup_logrotate"
|
||||||
|
|
||||||
|
if [ "$REPORT_RECIPIENT" != 0 ]; then
|
||||||
|
_register_setup_function "_setup_mail_summary"
|
||||||
|
fi
|
||||||
|
|
||||||
################### << setup funcs
|
################### << setup funcs
|
||||||
|
|
||||||
|
@ -1085,6 +1092,34 @@ function _setup_elk_forwarder() {
|
||||||
> /etc/filebeat/filebeat.yml
|
> /etc/filebeat/filebeat.yml
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function _setup_logrotate() {
|
||||||
|
notify 'inf' "Setting up logrotate"
|
||||||
|
|
||||||
|
LOGROTATE="/var/log/mail/mail.log\n{\n compress\n copytruncate\n delaycompress\n"
|
||||||
|
case "$REPORT_INTERVAL" in
|
||||||
|
"daily" )
|
||||||
|
notify 'inf' "Setting postfix summary interval to daily"
|
||||||
|
LOGROTATE="$LOGROTATE rotate 1\n daily\n"
|
||||||
|
;;
|
||||||
|
"weekly" )
|
||||||
|
notify 'inf' "Setting postfix summary interval to weekly"
|
||||||
|
LOGROTATE="$LOGROTATE rotate 1\n weekly\n"
|
||||||
|
;;
|
||||||
|
"monthly" )
|
||||||
|
notify 'inf' "Setting postfix summary interval to monthly"
|
||||||
|
LOGROTATE="$LOGROTATE rotate 1\n monthly\n"
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
LOGROTATE="$LOGROTATE}"
|
||||||
|
echo -e "$LOGROTATE" > /etc/logrotate.d/maillog
|
||||||
|
}
|
||||||
|
|
||||||
|
function _setup_mail_summary() {
|
||||||
|
notify 'inf' "Enable postfix summary with recipient $REPORT_RECIPIENT"
|
||||||
|
[ "$REPORT_RECIPIENT" = 1 ] && REPORT_RECIPIENT=$POSTMASTER_ADDRESS
|
||||||
|
sed -i "s|}| postrotate\n /usr/local/bin/postfix-summary $HOSTNAME $REPORT_RECIPIENT\n endscript\n}\n|" /etc/logrotate.d/maillog
|
||||||
|
}
|
||||||
|
|
||||||
function _setup_environment() {
|
function _setup_environment() {
|
||||||
notify 'task' 'Setting up /etc/environment'
|
notify 'task' 'Setting up /etc/environment'
|
||||||
|
|
||||||
|
|
|
@ -1465,6 +1465,22 @@ load 'test_helper/bats-assert/load'
|
||||||
assert_output 1
|
assert_output 1
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#
|
||||||
|
# Pflogsumm delivery check
|
||||||
|
#
|
||||||
|
|
||||||
|
@test "checking pflogsum delivery" {
|
||||||
|
# checking logrotation working and report being sent
|
||||||
|
docker exec mail logrotate --force /etc/logrotate.d/maillog
|
||||||
|
sleep 10
|
||||||
|
run docker exec mail grep "Subject: Postfix Summary for " /var/mail/localhost.localdomain/user1/new/ -R
|
||||||
|
assert_success
|
||||||
|
# checking default logrotation setup
|
||||||
|
run docker exec mail_with_ldap grep "daily" /etc/logrotate.d/maillog
|
||||||
|
assert_success
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
#
|
#
|
||||||
# PCI compliance
|
# PCI compliance
|
||||||
#
|
#
|
||||||
|
|
Loading…
Reference in a new issue