Vboxadm

Aus crazylinux.de
Wechseln zu: Navigation, Suche

VBoxAdm is a web based management GUI for Mailservers running e.g. Postfix and Dovecot. http://www.vboxadm.net



1 DMARC-Report/cleanup

vboxadm can read dmarc-report-mails automatically. Reports are under "Admin-Tools" -> DMARC Reports
for dmarc you need an dns entry (with rua), see here
cleanup will delete mailboxes from disk if they are deleted from database

#/etc/cron.d/vboxadm-cgi
#
# Regular cron jobs for the vboxadm-cgi package
#
0 4     * * *   root    [ -x /usr/lib/vboxadm/bin/cleanup ] && /usr/lib/vboxadm/bin/cleanup
0 4 * * *  vboxadm [ -x /usr/lib/vboxadm/bin/dmarc ] && /usr/lib/vboxadm/bin/dmarc


#/etc/vboxadm/vboxadm.conf
[dmarc]
#username
username = dmarc-report@domain.com
password = XXX

#autoclean deleted mailboxes and/or mails
[cleanup]
purge_mailboxes = 1
#purge_mails
loglevel=99
nsloglevel=99
dry=1

fix report-template

#/usr/lib/vwebadm/tpl/vboxadm/dmarc_report/list.tpl
#from
                                    <a href="?rm=dmarc_report&id=[% line.id %]">[% line.tsfrom | localtime %]</a>
#to
                                    <a href="?rm=dmarc_report&report_id=[% line.id %]">[% line.tsfrom | localtime %]</a>

2 Patches/Info/Changes

2.1 Enable Basic Auth for Web-GUI

don't know anymore what or where exactly you need to modify...

#/usr/share/perl5/VBoxAdm/Controller/Frontend.pm
...
    my $Messages = VWebAdm::Model::MessageQueue::->new(
        {
            'lh'      => $self->{'lh'},
            'lh_en'   => $self->{'lh_en'},
            'session' => $self->session,
            'logger'  => $Logger,
        }
    );
    $self->{'Messages'} = $Messages;
   
    #add here this code:

    #autologin if HTTP_Auth is given
    if ($ENV{'HTTP_AUTHORIZATION'} && $self->query->param('rm') &&  $self->query->param('rm') eq 'welcome'){
        use MIME::Base64;
        my $AUTHORIZATION =$ENV{'HTTP_AUTHORIZATION'};
        $AUTHORIZATION =~ s/Basic //;
        my ($username, $password) = split(/:/, decode_base64($AUTHORIZATION));
        # Get CGI Query object
        my $q = $self->query();
        $q->param('authen_username',$username);
        $q->param('authen_password',$password);
        my $rm = $q->param('rm');
        #$self->log( "Autologin with: nr: $rm"."l: ".length($self->query->param('rm'))." x:".$self->authen->login_attempts()." auth:".$self->authen->is_authenticated.$q->param('
authen_username'), 'error', );
    }
...

#
# CGI::Application Hooks
#
# cgiapp_init is run right before setup
sub cgiapp_init {
    ...

    $self->config_requiressl(
        'keep_in_ssl'  => 1,
        'ignore_check' => $ignore_ssl_check,
    );

    # autologin if HTTP_Auth is given
    if (!$ENV{'HTTP_AUTHORIZATION'}){
        use MIME::Base64;
        my $AUTHORIZATION =$ENV{'HTTP_AUTHORIZATION'};
        $AUTHORIZATION =~ s/Basic //;
        my ($username, $password) = split(/:/, decode_base64($AUTHORIZATION));
        # Get CGI Query object
        my $q = $self->query();
        $q->param('authen_username',$username);
        $q->param('authen_password',$password);
        $q->param('rm','authen_login');
        $q->param('destination','/member/cgi-bin/vboxadm.pl?rm=welcome');
    #    $self->log( "Autologin with: nr: ".$self->authen->login_attempts()." auth:".$self->authen->is_authenticated.$q->param('authen_username'), 'error', );
    }
...

2.2 Update vboxadm-current.sql to allow bigger quota for mailboxes

https://github.com/matzex/VBoxAdm/commit/c0e6477f9bce75f14e01ce31b83762da95665e27


2.3 Postfix wrong config parameter

in /etc/postfix/main.cf change address_verify_maps to address_verify_map

2.4 Ubuntu: package required

install package libcgi-application-plugin-authentication-perl

2.5 change maildir to /srv/vmail (not /var/vmail)

#/etc/dovecot/dovecot-sql.conf

user_query = /* dovecot-sql.conf user_query */ \
        SELECT '/srv/vmail/%d/%n' AS home,...

password_query = /* dovecot-sql.conf password_query */ \
        SELECT '/srv/vmail/%d/%n' AS userdb_home,...

2.6 add systemuser vmail with uid=150 and gid=150

adduser --uid 150 --gid=150 --system --home /srv/vmail --no-create-home --group --disabled-password vmail (untested!!)

or you will have to change uids/gids in /etc/dovecot/dovecot-sql.conf and /etc/dovecot/conf.d/10-mail.conf

2.7 dovecot: Error userdb lookup

Sep 23 21:06:37 server dovecot: lda: Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: Permission denied (euid=112(vmail) egid=119(vmail) missing +r perm: /var/run/dovecot/auth-userdb, UNIX perms appear ok (ACL/MAC wrong?))

Solution:

#/etc/postfix/main.cf
#see http://wiki2.dovecot.org/LDA#multipleuids
virtual_transport = lmtp:unix:private/dovecot-lmtp

2.8 Run vboxadm in a sub-dir

# url of script is /member/cgi-bin/vboxadm.pl
# css, images... are in /member/vboxadm

        ScriptAlias /member/cgi-bin/ /var/lib/vboxadm/cgi-bin/
        Alias /member/vboxadm/icons/fffsilk/ /usr/share/icons/famfamfam/silk/
        Alias /member/vboxadm /var/lib/vwebadm/htdocs/

        <Directory "/var/lib/vboxadm/cgi-bin/">
                AllowOverride AuthConfig
                Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
                Order allow,deny
                Allow from all
        </Directory>

        <Directory "/usr/share/icons/famfamfam/silk/">
                Order allow,deny
                Allow from all
        </Directory>

        <Directory "/var/lib/vwebadm/htdocs">
                Order allow,deny
                Allow from all
        </Directory>

and the config

#/etc/vboxadm/vboxadm.conf
# config for webfrontend

[cgi]
base_url=/member/cgi-bin/vboxadm.pl
media_prefix=/member/vboxadm

2.9 vboxadm-sa

exclude 'access denied' from /etc/cron.d/vboxadm-sa

# Remove any spamassasin temp files which are older than one hour
# exclude error message access denied
0 *     * * *   vboxadm         find /tmp -name ".spamassassin.*" ! -name lost+found -mmin +60 -exec rm {} \; 2>/dev/null

2.10 vboxadm-sa logging

in /usr/share/perl5/VBoxAdm/SMTP/Proxy/SA.pm

change all level = 'notice' to level='info' - didn't help. Still searching...


2.11 Ignore lower/upper characters in email addresses

The current configuration treated upper and lower characters in email addresses which is really bad. You don't want different maildirs for e.g. INFO@domain.de, inFo@domain.de or info@DOMAIN.de ;-)

Solution found on http://wiki2.dovecot.org/Variables. Use a 'L'.

#/etc/dovecot/dovecot-sql.conf

user_query = /* dovecot-sql.conf user_query */ \
        SELECT '/srv/vmail/%Ld/%Ln' AS home,...

password_query = /* dovecot-sql.conf password_query */ \
        SELECT '/srv/vmail/%Ld/%Ln' AS userdb_home,...

3 Links