Vboxadm: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Postfix wrong config parameter
Ubuntu: package required
add systemuser vmail with uid=150 and gid=150
dovecot: Error userdb lookup
vboxadm-sa logging
Links
K (x) |
K (fix) |
||
| (12 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) | |||
| Zeile 1: | Zeile 1: | ||
VBoxAdm is a web based management GUI for Mailservers running e.g. Postfix and Dovecot. http://www.vboxadm.net<br> | |||
<br> | |||
exclude ' | <br> | ||
== DMARC-Report/cleanup == | |||
vboxadm can read dmarc-report-mails automatically. Reports are under "Admin-Tools" -> DMARC Reports<br> | |||
for dmarc you need an dns entry (with rua), see [[Setting Up SPF and DKIM|here]]<br> | |||
cleanup will delete mailboxes from disk if they are deleted from database | |||
<syntaxhighlight lang="bash"> | |||
#/etc/cron.d/vboxadm-cgi | |||
# | |||
# Regular cron jobs for the vboxadm-cgi package | |||
# | |||
0 4 * * * root [ -x /usr/lib/vboxadm/bin/cleanup ] && /usr/lib/vboxadm/bin/cleanup | |||
0 4 * * * vboxadm [ -x /usr/lib/vboxadm/bin/dmarc ] && /usr/lib/vboxadm/bin/dmarc | |||
</syntaxhighlight> | |||
<br> | |||
<syntaxhighlight lang="ini"> | |||
#/etc/vboxadm/vboxadm.conf | |||
[dmarc] | |||
#username | |||
username = dmarc-report@domain.com | |||
password = XXX | |||
#autoclean deleted mailboxes and/or mails | |||
[cleanup] | |||
purge_mailboxes = 1 | |||
#purge_mails | |||
loglevel=99 | |||
nsloglevel=99 | |||
dry=1 | |||
</syntaxhighlight> | |||
fix report-template | |||
<syntaxhighlight lang="html4strict"> | |||
#/usr/lib/vwebadm/tpl/vboxadm/dmarc_report/list.tpl | |||
#from | |||
<a href="?rm=dmarc_report&id=[% line.id %]">[% line.tsfrom | localtime %]</a> | |||
#to | |||
<a href="?rm=dmarc_report&report_id=[% line.id %]">[% line.tsfrom | localtime %]</a> | |||
</syntaxhighlight> | |||
== Patches/Info/Changes == | |||
=== Enable Basic Auth for Web-GUI === | |||
don't know anymore what or where exactly you need to modify... | |||
<syntaxhighlight lang="perl"> | |||
#/usr/share/perl5/VBoxAdm/Controller/Frontend.pm | |||
... | |||
my $Messages = VWebAdm::Model::MessageQueue::->new( | |||
{ | |||
'lh' => $self->{'lh'}, | |||
'lh_en' => $self->{'lh_en'}, | |||
'session' => $self->session, | |||
'logger' => $Logger, | |||
} | |||
); | |||
$self->{'Messages'} = $Messages; | |||
#add here this code: | |||
#autologin if HTTP_Auth is given | |||
if ($ENV{'HTTP_AUTHORIZATION'} && $self->query->param('rm') && $self->query->param('rm') eq 'welcome'){ | |||
use MIME::Base64; | |||
my $AUTHORIZATION =$ENV{'HTTP_AUTHORIZATION'}; | |||
$AUTHORIZATION =~ s/Basic //; | |||
my ($username, $password) = split(/:/, decode_base64($AUTHORIZATION)); | |||
# Get CGI Query object | |||
my $q = $self->query(); | |||
$q->param('authen_username',$username); | |||
$q->param('authen_password',$password); | |||
my $rm = $q->param('rm'); | |||
#$self->log( "Autologin with: nr: $rm"."l: ".length($self->query->param('rm'))." x:".$self->authen->login_attempts()." auth:".$self->authen->is_authenticated.$q->param(' | |||
authen_username'), 'error', ); | |||
} | |||
... | |||
# | |||
# CGI::Application Hooks | |||
# | |||
# cgiapp_init is run right before setup | |||
sub cgiapp_init { | |||
... | |||
$self->config_requiressl( | |||
'keep_in_ssl' => 1, | |||
'ignore_check' => $ignore_ssl_check, | |||
); | |||
# autologin if HTTP_Auth is given | |||
if (!$ENV{'HTTP_AUTHORIZATION'}){ | |||
use MIME::Base64; | |||
my $AUTHORIZATION =$ENV{'HTTP_AUTHORIZATION'}; | |||
$AUTHORIZATION =~ s/Basic //; | |||
my ($username, $password) = split(/:/, decode_base64($AUTHORIZATION)); | |||
# Get CGI Query object | |||
my $q = $self->query(); | |||
$q->param('authen_username',$username); | |||
$q->param('authen_password',$password); | |||
$q->param('rm','authen_login'); | |||
$q->param('destination','/member/cgi-bin/vboxadm.pl?rm=welcome'); | |||
# $self->log( "Autologin with: nr: ".$self->authen->login_attempts()." auth:".$self->authen->is_authenticated.$q->param('authen_username'), 'error', ); | |||
} | |||
... | |||
</syntaxhighlight> | |||
=== Update vboxadm-current.sql to allow bigger quota for mailboxes === | |||
https://github.com/matzex/VBoxAdm/commit/c0e6477f9bce75f14e01ce31b83762da95665e27 | |||
=== Postfix wrong config parameter<br> === | |||
in /etc/postfix/main.cf change address_verify_maps to address_verify_map<br> | |||
=== Ubuntu: package required<br> === | |||
install package libcgi-application-plugin-authentication-perl<br> | |||
=== change maildir to /srv/vmail (not /var/vmail) === | |||
<source lang="">#/etc/dovecot/dovecot-sql.conf | |||
user_query = /* dovecot-sql.conf user_query */ \ | |||
SELECT '/srv/vmail/%d/%n' AS home,... | |||
password_query = /* dovecot-sql.conf password_query */ \ | |||
SELECT '/srv/vmail/%d/%n' AS userdb_home,...</source> | |||
=== add systemuser vmail with uid=150 and gid=150<br> === | |||
<source lang="bash">adduser --uid 150 --gid=150 --system --home /srv/vmail --no-create-home --group --disabled-password vmail (untested!!)</source> | |||
or you will have to change uids/gids in /etc/dovecot/dovecot-sql.conf and /etc/dovecot/conf.d/10-mail.conf<br> | |||
=== dovecot: Error userdb lookup<br> === | |||
<source lang="bash">Sep 23 21:06:37 server dovecot: lda: Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: Permission denied (euid=112(vmail) egid=119(vmail) missing +r perm: /var/run/dovecot/auth-userdb, UNIX perms appear ok (ACL/MAC wrong?))</source><br> | |||
Solution: | |||
<source lang="">#/etc/postfix/main.cf | |||
#see http://wiki2.dovecot.org/LDA#multipleuids | |||
virtual_transport = lmtp:unix:private/dovecot-lmtp</source> | |||
=== Run vboxadm in a sub-dir === | |||
<source lang="apache"># url of script is /member/cgi-bin/vboxadm.pl | |||
# css, images... are in /member/vboxadm | |||
ScriptAlias /member/cgi-bin/ /var/lib/vboxadm/cgi-bin/ | |||
Alias /member/vboxadm/icons/fffsilk/ /usr/share/icons/famfamfam/silk/ | |||
Alias /member/vboxadm /var/lib/vwebadm/htdocs/ | |||
<Directory "/var/lib/vboxadm/cgi-bin/"> | |||
AllowOverride AuthConfig | |||
Options ExecCGI -MultiViews +SymLinksIfOwnerMatch | |||
Order allow,deny | |||
Allow from all | |||
</Directory> | |||
<Directory "/usr/share/icons/famfamfam/silk/"> | |||
Order allow,deny | |||
Allow from all | |||
</Directory> | |||
<Directory "/var/lib/vwebadm/htdocs"> | |||
Order allow,deny | |||
Allow from all | |||
</Directory></source> | |||
and the config | |||
<source lang="bash">#/etc/vboxadm/vboxadm.conf | |||
# config for webfrontend | |||
[cgi] | |||
base_url=/member/cgi-bin/vboxadm.pl | |||
media_prefix=/member/vboxadm</source> | |||
=== vboxadm-sa === | |||
exclude 'access denied' from /etc/cron.d/vboxadm-sa | |||
<source lang="bash"># Remove any spamassasin temp files which are older than one hour | <source lang="bash"># Remove any spamassasin temp files which are older than one hour | ||
# exclude | # exclude error message access denied | ||
0 * * * * vboxadm find /tmp -name ".spamassassin.*" ! -name lost+found -mmin +60 -exec rm {} \;</source> | 0 * * * * vboxadm find /tmp -name ".spamassassin.*" ! -name lost+found -mmin +60 -exec rm {} \; 2>/dev/null</source> | ||
=== vboxadm-sa logging<br> === | |||
in /usr/share/perl5/VBoxAdm/SMTP/Proxy/SA.pm<br> | |||
change all level = 'notice' to level='info' - didn't help. Still searching...<br> | |||
=== Ignore lower/upper characters in email addresses === | |||
The current configuration treated upper and lower characters in email addresses which is really bad. You don't want different maildirs for e.g. INFO@domain.de, inFo@domain.de or info@DOMAIN.de ;-) | |||
Solution found on http://wiki2.dovecot.org/Variables. Use a 'L'. | |||
<source lang="">#/etc/dovecot/dovecot-sql.conf | |||
user_query = /* dovecot-sql.conf user_query */ \ | |||
SELECT '/srv/vmail/%Ld/%Ln' AS home,... | |||
password_query = /* dovecot-sql.conf password_query */ \ | |||
SELECT '/srv/vmail/%Ld/%Ln' AS userdb_home,...</source> | |||
== Links<br> == | |||
*http://www.vboxadm.net/doc/ispmail-vboxadm-squeeze/<br> | |||
*http://wiki.nefarius.at/linux/the_ueber_mail-server<br> | |||
*[http://workaround.org/ispmail/ ISPMail] | |||
<br> | |||
<br> | |||
[[Kategorie:Datenbank]] | [[Kategorie:Datenbank]] | ||
| Zeile 14: | Zeile 225: | ||
[[Kategorie:Ubuntu]] | [[Kategorie:Ubuntu]] | ||
[[Kategorie:Mail]] | [[Kategorie:Mail]] | ||
[[Kategorie:AntiSpam]] | |||
[[Kategorie:Dovecot]] | |||
[[Kategorie:Postfix]] | |||
[[Kategorie:Perl]] | |||
[[Kategorie:WWW]] | |||
[[Kategorie:Apache]] | [[Kategorie:Apache]] | ||
Aktuelle Version vom 9. Dezember 2015, 23:12 Uhr
VBoxAdm is a web based management GUI for Mailservers running e.g. Postfix and Dovecot. http://www.vboxadm.net
DMARC-Report/cleanup
vboxadm can read dmarc-report-mails automatically. Reports are under "Admin-Tools" -> DMARC Reports
for dmarc you need an dns entry (with rua), see here
cleanup will delete mailboxes from disk if they are deleted from database
#/etc/cron.d/vboxadm-cgi
#
# Regular cron jobs for the vboxadm-cgi package
#
0 4 * * * root [ -x /usr/lib/vboxadm/bin/cleanup ] && /usr/lib/vboxadm/bin/cleanup
0 4 * * * vboxadm [ -x /usr/lib/vboxadm/bin/dmarc ] && /usr/lib/vboxadm/bin/dmarc
#/etc/vboxadm/vboxadm.conf
[dmarc]
#username
username = dmarc-report@domain.com
password = XXX
#autoclean deleted mailboxes and/or mails
[cleanup]
purge_mailboxes = 1
#purge_mails
loglevel=99
nsloglevel=99
dry=1
fix report-template
#/usr/lib/vwebadm/tpl/vboxadm/dmarc_report/list.tpl
#from
<a href="?rm=dmarc_report&id=[% line.id %]">[% line.tsfrom | localtime %]</a>
#to
<a href="?rm=dmarc_report&report_id=[% line.id %]">[% line.tsfrom | localtime %]</a>
Patches/Info/Changes
Enable Basic Auth for Web-GUI
don't know anymore what or where exactly you need to modify...
#/usr/share/perl5/VBoxAdm/Controller/Frontend.pm
...
my $Messages = VWebAdm::Model::MessageQueue::->new(
{
'lh' => $self->{'lh'},
'lh_en' => $self->{'lh_en'},
'session' => $self->session,
'logger' => $Logger,
}
);
$self->{'Messages'} = $Messages;
#add here this code:
#autologin if HTTP_Auth is given
if ($ENV{'HTTP_AUTHORIZATION'} && $self->query->param('rm') && $self->query->param('rm') eq 'welcome'){
use MIME::Base64;
my $AUTHORIZATION =$ENV{'HTTP_AUTHORIZATION'};
$AUTHORIZATION =~ s/Basic //;
my ($username, $password) = split(/:/, decode_base64($AUTHORIZATION));
# Get CGI Query object
my $q = $self->query();
$q->param('authen_username',$username);
$q->param('authen_password',$password);
my $rm = $q->param('rm');
#$self->log( "Autologin with: nr: $rm"."l: ".length($self->query->param('rm'))." x:".$self->authen->login_attempts()." auth:".$self->authen->is_authenticated.$q->param('
authen_username'), 'error', );
}
...
#
# CGI::Application Hooks
#
# cgiapp_init is run right before setup
sub cgiapp_init {
...
$self->config_requiressl(
'keep_in_ssl' => 1,
'ignore_check' => $ignore_ssl_check,
);
# autologin if HTTP_Auth is given
if (!$ENV{'HTTP_AUTHORIZATION'}){
use MIME::Base64;
my $AUTHORIZATION =$ENV{'HTTP_AUTHORIZATION'};
$AUTHORIZATION =~ s/Basic //;
my ($username, $password) = split(/:/, decode_base64($AUTHORIZATION));
# Get CGI Query object
my $q = $self->query();
$q->param('authen_username',$username);
$q->param('authen_password',$password);
$q->param('rm','authen_login');
$q->param('destination','/member/cgi-bin/vboxadm.pl?rm=welcome');
# $self->log( "Autologin with: nr: ".$self->authen->login_attempts()." auth:".$self->authen->is_authenticated.$q->param('authen_username'), 'error', );
}
...
Update vboxadm-current.sql to allow bigger quota for mailboxes
https://github.com/matzex/VBoxAdm/commit/c0e6477f9bce75f14e01ce31b83762da95665e27
Postfix wrong config parameter
in /etc/postfix/main.cf change address_verify_maps to address_verify_map
Ubuntu: package required
install package libcgi-application-plugin-authentication-perl
change maildir to /srv/vmail (not /var/vmail)
#/etc/dovecot/dovecot-sql.conf
user_query = /* dovecot-sql.conf user_query */ \
SELECT '/srv/vmail/%d/%n' AS home,...
password_query = /* dovecot-sql.conf password_query */ \
SELECT '/srv/vmail/%d/%n' AS userdb_home,...add systemuser vmail with uid=150 and gid=150
adduser --uid 150 --gid=150 --system --home /srv/vmail --no-create-home --group --disabled-password vmail (untested!!)
or you will have to change uids/gids in /etc/dovecot/dovecot-sql.conf and /etc/dovecot/conf.d/10-mail.conf
dovecot: Error userdb lookup
Sep 23 21:06:37 server dovecot: lda: Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: Permission denied (euid=112(vmail) egid=119(vmail) missing +r perm: /var/run/dovecot/auth-userdb, UNIX perms appear ok (ACL/MAC wrong?))
Solution:
#/etc/postfix/main.cf
#see http://wiki2.dovecot.org/LDA#multipleuids
virtual_transport = lmtp:unix:private/dovecot-lmtpRun vboxadm in a sub-dir
# url of script is /member/cgi-bin/vboxadm.pl
# css, images... are in /member/vboxadm
ScriptAlias /member/cgi-bin/ /var/lib/vboxadm/cgi-bin/
Alias /member/vboxadm/icons/fffsilk/ /usr/share/icons/famfamfam/silk/
Alias /member/vboxadm /var/lib/vwebadm/htdocs/
<Directory "/var/lib/vboxadm/cgi-bin/">
AllowOverride AuthConfig
Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
<Directory "/usr/share/icons/famfamfam/silk/">
Order allow,deny
Allow from all
</Directory>
<Directory "/var/lib/vwebadm/htdocs">
Order allow,deny
Allow from all
</Directory>
and the config
#/etc/vboxadm/vboxadm.conf
# config for webfrontend
[cgi]
base_url=/member/cgi-bin/vboxadm.pl
media_prefix=/member/vboxadm
vboxadm-sa
exclude 'access denied' from /etc/cron.d/vboxadm-sa
# Remove any spamassasin temp files which are older than one hour
# exclude error message access denied
0 * * * * vboxadm find /tmp -name ".spamassassin.*" ! -name lost+found -mmin +60 -exec rm {} \; 2>/dev/null
vboxadm-sa logging
in /usr/share/perl5/VBoxAdm/SMTP/Proxy/SA.pm
change all level = 'notice' to level='info' - didn't help. Still searching...
Ignore lower/upper characters in email addresses
The current configuration treated upper and lower characters in email addresses which is really bad. You don't want different maildirs for e.g. INFO@domain.de, inFo@domain.de or info@DOMAIN.de ;-)
Solution found on http://wiki2.dovecot.org/Variables. Use a 'L'.
#/etc/dovecot/dovecot-sql.conf
user_query = /* dovecot-sql.conf user_query */ \
SELECT '/srv/vmail/%Ld/%Ln' AS home,...
password_query = /* dovecot-sql.conf password_query */ \
SELECT '/srv/vmail/%Ld/%Ln' AS userdb_home,...Links
- http://www.vboxadm.net/doc/ispmail-vboxadm-squeeze/
- http://wiki.nefarius.at/linux/the_ueber_mail-server
- ISPMail