Hello everybody... after a long time, here I am posting once again. In the meantime I have setup and deployed another 3 mail servers based on Ubuntu (one of them on 6.10 and two on 7.04) by following the "http://www.howtoforge.com/virtual_po..._quota_courier
" HowTo and also grabbed a few ideas from "http://www.howtoforge.com/virtual_po...er_ubuntu_edgy
" and "http://www.howtoforge.com/debian_etc...pd_mysql_quota
" in order to implement features like ftp and statistics. Now, I have learned a great deal on the way (coming from the m$ world and being a linux newbie and all) plus troubleshooting issues that came along, taught me a few things as well. So, now I have a few servers to "play with" (7 in production and another 2-3 on vmware standing by for testing), all based on Ubuntu Linux and HowToForge tutorials.
Cutting to the chase, I have collected a few questions/issues and here they are, numbered so we wont loose track of them as we hunt them down:
: Since the HowTo refers to virtual users and domains, I suppose that it may be used by say a small office to serve both users within the company and also road-warriors/branch office users outside of it. So it is meant for users both inside and outside the network, right????
I may be doing something wrong here, but what I end up with most of the times is users outside mynetworks
not being able to send through smtp. I have worked around this by adding check_client_access hash:/relay_access
Also, in some cases neither users within mynetworks
can authenticate unless I add the ip range of the network there (mynetworks = 127.0.0.0/8 10.0.0.0/8
or mynetworks = 127.0.0.0/8 192.168.1.0/8
), again as a workaround.
Any ideas? what should I be looking for??
Issues #2 and #3
: I implement stats with mailgraph (http) & the pflogsumm script (by email). The first issue (#2) here is that after log rotation and on the 7th day instead of the normal stats email to the postmaster account, I receive:
gunzip: /var/log/mail.log.0 already exists; not overwritten
gzip: /var/log/mail.log.0.gz already exists; not overwritten
in the email. The script is:
pflogsumm -h 10 -u 10 /var/log/mail.log.0 | formail -c -I"Subject: Mail Statistics" -I"From: firstname.lastname@example.org" -I"To: email@example.com" -I"Received: from mail.gnosis.gr ([10.0.0.14])" | $
So, what I think should be done is have it to first check if mail.log.0 already exists and if so, use it without gunzipping it. Also it should first check if mail.log.0.gz already exists before trying to gzip mail.log.0. Now I know a bit of coding, but nothing on linux scripts. Can someone please add these if-exist-checks (or if-not-exists-checks) to the script??
Issue #3 is that since the email with the stats contains a lot of numbers and all, it gets detected as spam. How can I whitelist it so that I don't have to amavisd-release it all the time?
: All .exe/.com etc. attachments get blocked with:
BANNED contents (multipart/mixed | application/x-zip-compressed,.zip
How do I control which extensions get blocked or not? Is there any way I can define users or groups and have per-user or per-group rules regarding attachments?? How can I implement something like MailZu (http://www.mailzu.net/
) or any other quarantine management system/interface???
: Each time I setup a mail server that is meant to serve only a single domain, I set the virtual_mailbox_domains = domain.net
instead of pointing it to the domains table in the mysql db. In these cases, since there is no other domain served, I need to have the users authenticate by using username instead of firstname.lastname@example.org
. If I enter only the username in mysql, I need to change the query in email2email.cf from:
query = SELECT email FROM users WHERE email='%s'
to something that retrieves the username and adds the '@' and the value of virtual_mailbox_domains
to it? That would do the trick, right??? Can anyone help on this one please?
: ClamAV is pretty good at what it does, but if I need to use a commercial anti-virus solution how should I do it? Can I have both of them checking emails without the one getting in the way of the other? I think this has to do with amavisd, right???
: I have a case where while all smtp and pop traffic goes through the gateway defined in /etc/network/interfaces ,
all outgoing http traffic (freshclam updates, dcc, apt-get or wget downloads etc.) needs to be redirected to another proxy. I know that in freshclam I can define proxy and port settings, but (besides I had no luck with it) what about all other http requests? Plus, if I need to change the proxy, I would have to go through each conf file and do it. Would squid do the job? If yes, what do I need to define in squid.conf to have it redirect requests to an ip diferent from the default gateway and perhaps a port different
from 80 plus only allow the server itself.
: Talking about changing settings in a lot of files... if I need to change the root password or a local account, I use passwd. If I need to change virtual email account passwords I use phpmyadmin. What if I need to change the mail_admin password? I have to go through each mysql_virtual*.cf file and change it! Is there any way we can have this set of credentials (user/pass) stored in a single place and point to it instead?
Whow, what a list I have there, huh ?!?!?! Are these some headache or what??
Thank you all in advance for any help/ideas.