Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > HOWTO-Related Questions

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1  
Old 4th October 2007, 11:52
klonos klonos is offline
Member
 
Join Date: Apr 2007
Posts: 78
Thanks: 5
Thanked 3 Times in 3 Posts
Question Ubuntu Mail Server issues (warning: a long list!)

Hello everybody... after a long time, here I am posting once again. In the meantime I have setup and deployed another 3 mail servers based on Ubuntu (one of them on 6.10 and two on 7.04) by following the "http://www.howtoforge.com/virtual_po..._quota_courier" HowTo and also grabbed a few ideas from "http://www.howtoforge.com/virtual_po...er_ubuntu_edgy", "http://www.howtoforge.com/mail_stati...raph_pflogsumm" and "http://www.howtoforge.com/debian_etc...pd_mysql_quota" in order to implement features like ftp and statistics. Now, I have learned a great deal on the way (coming from the m$ world and being a linux newbie and all) plus troubleshooting issues that came along, taught me a few things as well. So, now I have a few servers to "play with" (7 in production and another 2-3 on vmware standing by for testing), all based on Ubuntu Linux and HowToForge tutorials.

Cutting to the chase, I have collected a few questions/issues and here they are, numbered so we wont loose track of them as we hunt them down:

Issue #1: Since the HowTo refers to virtual users and domains, I suppose that it may be used by say a small office to serve both users within the company and also road-warriors/branch office users outside of it. So it is meant for users both inside and outside the network, right????

I may be doing something wrong here, but what I end up with most of the times is users outside mynetworks not being able to send through smtp. I have worked around this by adding check_client_access hash:/relay_access rules. Also, in some cases neither users within mynetworks can authenticate unless I add the ip range of the network there (mynetworks = 127.0.0.0/8 10.0.0.0/8 or mynetworks = 127.0.0.0/8 192.168.1.0/8), again as a workaround.

Any ideas? what should I be looking for??

Issues #2 and #3: I implement stats with mailgraph (http) & the pflogsumm script (by email). The first issue (#2) here is that after log rotation and on the 7th day instead of the normal stats email to the postmaster account, I receive:

Code:
gunzip: /var/log/mail.log.0 already exists;    not overwritten
gzip: /var/log/mail.log.0.gz already exists;    not overwritten
in the email. The script is:

Code:
#!/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
gunzip /var/log/mail.log.0.gz

pflogsumm -h 10 -u 10 /var/log/mail.log.0 | formail -c -I"Subject: Mail Statistics" -I"From: stats@gnosis.gr" -I"To: postmaster@gnosis.gr" -I"Received: from mail.gnosis.gr ([10.0.0.14])" | $

gzip /var/log/mail.log.0
exit 0
So, what I think should be done is have it to first check if mail.log.0 already exists and if so, use it without gunzipping it. Also it should first check if mail.log.0.gz already exists before trying to gzip mail.log.0. Now I know a bit of coding, but nothing on linux scripts. Can someone please add these if-exist-checks (or if-not-exists-checks) to the script??

Issue #3 is that since the email with the stats contains a lot of numbers and all, it gets detected as spam. How can I whitelist it so that I don't have to amavisd-release it all the time?

Issue #4: All .exe/.com etc. attachments get blocked with:

Code:
BANNED contents (multipart/mixed | application/x-zip-compressed,.zip
How do I control which extensions get blocked or not? Is there any way I can define users or groups and have per-user or per-group rules regarding attachments?? How can I implement something like MailZu (http://www.mailzu.net/) or any other quarantine management system/interface???

Issue #5: Each time I setup a mail server that is meant to serve only a single domain, I set the virtual_mailbox_domains = domain.net instead of pointing it to the domains table in the mysql db. In these cases, since there is no other domain served, I need to have the users authenticate by using username instead of username@domain.net. If I enter only the username in mysql, I need to change the query in email2email.cf from:

Code:
query = SELECT email FROM users WHERE email='%s'
to something that retrieves the username and adds the '@' and the value of virtual_mailbox_domains to it? That would do the trick, right??? Can anyone help on this one please?

Issue #6: ClamAV is pretty good at what it does, but if I need to use a commercial anti-virus solution how should I do it? Can I have both of them checking emails without the one getting in the way of the other? I think this has to do with amavisd, right???

Issue #7
: I have a case where while all smtp and pop traffic goes through the gateway defined in /etc/network/interfaces , all outgoing http traffic (freshclam updates, dcc, apt-get or wget downloads etc.) needs to be redirected to another proxy. I know that in freshclam I can define proxy and port settings, but (besides I had no luck with it) what about all other http requests? Plus, if I need to change the proxy, I would have to go through each conf file and do it. Would squid do the job? If yes, what do I need to define in squid.conf to have it redirect requests to an ip diferent from the default gateway and perhaps a port different from 80 plus only allow the server itself.


Issue #8: Talking about changing settings in a lot of files... if I need to change the root password or a local account, I use passwd. If I need to change virtual email account passwords I use phpmyadmin. What if I need to change the mail_admin password? I have to go through each mysql_virtual*.cf file and change it! Is there any way we can have this set of credentials (user/pass) stored in a single place and point to it instead?

Whow, what a list I have there, huh ?!?!?! Are these some headache or what?? Thank you all in advance for any help/ideas.
__________________
You can support Howtoforge and all the people behind it too. Consider becoming a supporter. It only costs a few and has to offer so much more than it already does. Take a look here
Reply With Quote
Sponsored Links
 

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
postfix problems with smtp linkdeb Server Operation 13 15th March 2014 17:58
Freebsd 6.1 support misterm Installation/Configuration 10 9th April 2009 09:29
Installation Troubles bswinnerton Installation/Configuration 4 29th July 2007 16:56
Mail Issue - Server name issues yohon Installation/Configuration 3 13th January 2007 22:25
Can not recieve mail with de virtual mail adress Mounir Installation/Configuration 9 24th July 2006 23:16


All times are GMT +2. The time now is 10:26.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.