|
|
| Author |
Message |
vinx
Joined: 06 Mar 2006
Posts: 18
|
 Posted: Wed Mar 08, 2006 11:13 am Post subject: |
 |
|
ok, I upgraded to latest cacti's version and now works.
the problem, is that the graph is empty.
Are steps from 1 to 5 to be done on mailserver?
|
|
| Back to top |
|
 |
vinx
Joined: 06 Mar 2006
Posts: 18
|
| Posted: Thu Mar 09, 2006 2:44 am Post subject: |
|
|
I'm an idiot. I forgot to restart snmp daemon!
now the mail transporting graph is ok, but the mail filtering graph is empty, altough i'm receiveing both spam and viruses.
|
|
| Back to top |
|
|
curtis001
Joined: 10 Mar 2006
Posts: 1
|
| Posted: Fri Mar 10, 2006 6:42 am Post subject: |
|
|
I have also follow the instruction but also no graph produced .... but no error come out 
is there any setting in cacit itself ? thx all.
|
|
| Back to top |
|
|
vinx
Joined: 06 Mar 2006
Posts: 18
|
| Posted: Mon Mar 13, 2006 5:24 am Post subject: |
|
|
I had a look on fetch_mail_statistics.pl script:
| Code: | while( <LOGFILE> ) {
if ( / postfix\/smtpd/ && /client=/ && ! /127.0.0.1/ ) { $num_rec++; }
elsif ( /status=sent/ && ! /relay=(mailfilter|procmail|local|127.0.0.1)/ ) { $num_sent++; }
elsif ( /status=deferred/ ) { $num_deferred++; }
elsif ( /status=bounced/ ) { $num_bounced++; }
elsif ( /: NOQUEUE: reject: / ) { $num_reject++; }
elsif ( / Passed CLEAN/ ) { $num_clean++; }
elsif ( / Passed SPAM/ ) { $num_pspam++; }
elsif ( / Blocked SPAM/ ) { $num_spam++; }
elsif ( / Blocked INFECTED/ ) { $num_infected++; }
elsif ( / Passed BAD-HEADER/ ) { $num_header++; }
elsif ( / Blocked BAD-HEADER/ ) { $num_header++; }
elsif ( / Blocked BANNED/ ) { $num_banned++; } |
Il looks for the above strings on maillog.
I searched above strings on mail.log, but there are no entries in file. I'm using amavis for email filtering.
|
|
| Back to top |
|
|
Mathieu
Joined: 13 Mar 2006
Posts: 12
Location: France
|
| Posted: Mon Mar 13, 2006 11:45 am Post subject: |
|
|
Hi there,
i made this script work for my configuration of Postfix/ClamAv/Amavisd-New/SpamAssasin this morning (i am using a Sarge Debian fully upgraded). I had to modify both amavisd logformat and fetch_mail_statistics.pl scripts. Here are my modifications :
/etc/amavisd/amavisd.conf
| Code: |
$log_templ = '[?%#D|Not-Delivered|Passed] [? %#V |[? %#F |[? %#X |CLEAN|BAD-HEADER]|BANNED name/type (%F)]|INFECTED (%V)], #
[?%o|(?)|<%o>] -> [<%R>|,][? %i ||, quarantine %i], Message-ID: %m, Hits: %c';
|
fetch_mail_statistics.pl
| Code: |
while( <LOGFILE> ) {
if ( / postfix\/smtpd/ && /client=/ && ! /127.0.0.1/ ) { $num_rec++; }
elsif ( /status=sent/ && ! /relay=(mailfilter|procmail|local|127.0.0.1)/ ) { $num_sent++; }
elsif ( /status=deferred/ ) { $num_deferred++; }
elsif ( /status=bounced/ ) { $num_bounced++; }
elsif ( /: NOQUEUE: reject: / ) { $num_reject++; }
elsif ( / Passed CLEAN/ && /Hits: ([-+]?[0-9]*\.?[0-9]+)/) {
$hits = $1;
$num_clean++ if ($hits < $tag_level);
$num_pspam++ if ($hits > $tag_level);
}
elsif ( / Not-Delivered CLEAN/ && /Hits: ([-+]?[0-9]*\.?[0-9]+)/) {
$hits = $1;
$num_clean++ if ($hits < $tag_level);
$num_spam++ if ($hits > $tag_level);
}
elsif ( / Passed INFECTED/ ) { $num_infected++; }
elsif ( / Not-Delivered INFECTED/ ) { $num_infected++; }
elsif ( / Passed BAD-HEADER/ ) { $num_header++; }
elsif ( / Not-Delivered BAD-HEADER/ ) { $num_header++; }
elsif ( / Blocked BANNED/ ) { $num_banned++; }
elsif ( / Not-Delivered BANNED/ ) { $num_banned++; }
}
|
To use this modification, you must add at the beginning of the script a SPAMLVL variable with your local value. You can find this value in /etc/amavisd/amavisd.conf if you look for parameter.
Here is an exemple of such a line :
I hope this will help...
Mathieu
| Description: |
Here is my version of fetch_mail_statistics.pl script for Debian users. It relies on particular amavisd log configuration :
$log_templ = '[?%#D|Not-Delivered|Passed] [? %#V |[? %#F |[? %#X |CLEAN|BAD-HEADER]|BANNED name/type (%F)]|INFECTED (%V)], #
[?%o |
|
Download |
| Filename: |
fetch_mail_statistics.txt |
| Filesize: |
5.97 KB |
| Downloaded: |
664 Time(s) |
|
|
| Back to top |
|
|
vinx
Joined: 06 Mar 2006
Posts: 18
|
| Posted: Tue Mar 14, 2006 5:11 am Post subject: |
|
|
| Mathieu wrote: |
To use this modification, you must add at the beginning of the script a SPAMLVL variable with your local value. You can find this value in /etc/amavisd/amavisd.conf if you look for parameter.
Here is an exemple of such a line :
Mathieu |
Mathieu,
thanks for your help, but I cannot find such value in my amavid.conf file.
could please attach your amavisd.conf file to let me compare mine?
merci,
a bientôt
|
|
| Back to top |
|
|
Mathieu
Joined: 13 Mar 2006
Posts: 12
Location: France
|
| Posted: Wed Mar 15, 2006 4:47 am Post subject: |
|
|
Did you use SpamAssassin as anti spam software with amavisd ?
My post was not enougth detailed : it is the $sa_tag2_level_deflt parameter that you must look for.
Here is an extract of my configuration :
| Code: |
# default values, can be overridden by more specific lookups, e.g. SQL
$sa_tag_level_deflt = -999; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 2.0; # add 'spam detected' headers at that level
|
Mathieu
|
|
| Back to top |
|
|
dsmooth
Joined: 17 Mar 2006
Posts: 8
|
| Posted: Fri Mar 17, 2006 2:03 pm Post subject: |
|
|
| Instigater wrote: | Fixed, tested, looks nice and right 
Installation:
....
4) Add following line in snmpd.conf file
| Code: | | pass .1.3.6.1.4.1.2021.255 /usr/local/bin/fetch_mail_statistics.pl /var/log/mail.log /var/log/mailstats.db .1.3.6.1.4.1.2021.255 |
...] |
fetch_mail_statistics.pl requires 5 parameters, but there are only 3 here. Any idea how to get it work? I tried your posted version as well...
|
|
| Back to top |
|
|
davea
Joined: 18 Mar 2006
Posts: 7
|
| Posted: Sat Mar 18, 2006 12:15 pm Post subject: monitoring 2 instances of postfix on the same box? |
|
|
Thanks for the PF monitoring with Cacti.
I had it working in a short time.
How can I monitor a 2nd instance of PF on the same box? I have 2 PF instance setups:
/etc/postfix
/etc/postfix-outbound
The *outbound* is for relay for outbound email only.
What changes are needed?
TIA
Dave
|
|
| Back to top |
|
|
dsmooth
Joined: 17 Mar 2006
Posts: 8
|
| Posted: Sat Mar 18, 2006 1:04 pm Post subject: ack |
|
|
so you got that perl script running already?! rats... i seem to be having trouble as the script demands 5 parameters, but the instructions only provide three! Maybe you could PM me any details or edits you had to make?
For your PF#2... you could have it log to a separate log file (e.g. /var/log/maillogOB) then parse it separately.
|
|
| Back to top |
|
|
Mathieu
Joined: 13 Mar 2006
Posts: 12
Location: France
|
| Posted: Sun Mar 19, 2006 1:11 pm Post subject: |
|
|
To monitor 2 Postfix Instance You will have to change the snmpd pass setting to use an alternative OID ( dont use the .255 one but the .254 for example).
You will have to change the DataSource template to pass the new snmp OID.
I see that someone complains about a wrong number of arguments with fetch_statistis Perl script: in my memory the 2 last argument are optional or passed by snmpd, i'll check this tomorrow and give you a full detailed answer with example extracted from my configuration.
|
|
| Back to top |
|
|
dsmooth
Joined: 17 Mar 2006
Posts: 8
|
| Posted: Sun Mar 19, 2006 4:31 pm Post subject: |
|
|
| Quote: | | ...I see that someone complains about a wrong number of arguments with fetch_statistis Perl script: in my memory the 2 last argument are optional or passed by snmpd, i'll check this tomorrow and give you a full detailed answer with example extracted from my configuration. |
I would really appreciate that; thank you
|
|
| Back to top |
|
|
Mathieu
Joined: 13 Mar 2006
Posts: 12
Location: France
|
| Posted: Mon Mar 20, 2006 4:25 am Post subject: |
|
|
Hi dsmooth,
On my snmpd pass configuration line, i only have 3 argument after the script name. Here is the extract :
| Code: | pass .1.3.6.1.4.1.2021.255 /usr/local/bin/fetch_mail_statistics.pl /var/log/mail.log /var/log/mailstats.db .1.3.6.1.4.1.2021.255
|
As i thought, it is the snmpd daemon that pass the 2 more arguments to the script. Here is an extract of snmpd.conf manpage explaining the process:
| Quote: |
PASS-THROUGH CONTROL
pass MIBOID EXEC
(If you're writing perl scripts, please see the embedded perl
support information later in this manual page). Passes entire
control of MIBOID to the EXEC program. The EXEC program is
called in one of the following three ways:
EXEC -g MIBOID
EXEC -n MIBOID
These call lines match to SNMP get and getnext requests.
It is expected that the EXEC program will take the argu-
ments passed to it and return the appropriate response
through it's stdout.
|
You can simply check that the pass configuration line is working by executing the following command from a local or remote host ( note that you have to adjust it for your personnal snmpd authentication configuration is your are not using SNMP V1 Community Authentification):
| Quote: |
snmpwalk -v 1 -c public <host> .1.3.6.1.4.1.2021.255
|
Here is the result of such a command on my system :
| Quote: |
computer01:/home/math# snmpwalk -v 1 -c public localhost .1.3.6.1.4.1.2021.255
UCD-SNMP-MIB::ucdavis.255.0 = INTEGER: 21
UCD-SNMP-MIB::ucdavis.255.1 = INTEGER: 21
UCD-SNMP-MIB::ucdavis.255.2 = INTEGER: 0
UCD-SNMP-MIB::ucdavis.255.3 = INTEGER: 0
UCD-SNMP-MIB::ucdavis.255.4 = INTEGER: 0
UCD-SNMP-MIB::ucdavis.255.5 = INTEGER: 21
UCD-SNMP-MIB::ucdavis.255.6 = INTEGER: 0
UCD-SNMP-MIB::ucdavis.255.7 = INTEGER: 0
UCD-SNMP-MIB::ucdavis.255.8 = INTEGER: 0
UCD-SNMP-MIB::ucdavis.255.9 = INTEGER: 0
UCD-SNMP-MIB::ucdavis.255.10 = INTEGER: 0
|
On more test can be to call the fectch script as snmpd would :
| Quote: |
computer01:/usr/local/bin# ./fetch_mail_statistics.pl /var/log/mail.log /var/log/mailstats.db .1.3.6.1.4.1.2021.255 -n .1.3.6.1.4.1.2021.255.1
.1.3.6.1.4.1.2021.255.2
integer
0
|
I hope that will help !
Mathieu
|
|
| Back to top |
|
|
vinx
Joined: 06 Mar 2006
Posts: 18
|
| Posted: Mon Mar 20, 2006 9:33 am Post subject: |
|
|
| Mathieu wrote: | Did you use SpamAssassin as anti spam software with amavisd ?
My post was not enougth detailed : it is the $sa_tag2_level_deflt parameter that you must look for.
Here is an extract of my configuration :
| Code: |
# default values, can be overridden by more specific lookups, e.g. SQL
$sa_tag_level_deflt = -999; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 2.0; # add 'spam detected' headers at that level
|
Mathieu |
ah! ok. I have the following values:
| Code: | $sa_tag_level_deflt = 3.0; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 4.0; # add 'spam detected' headers at that level
|
|
|
| Back to top |
|
|
Mathieu
Joined: 13 Mar 2006
Posts: 12
Location: France
|
| Posted: Mon Mar 20, 2006 9:42 am Post subject: |
|
|
You configuration mean that :
- mail with SpamAssasin hitscore below 3.0 will not be tagged as 'spam analyzed'
- mail with SpamAssasin hitscore between 3.0 and 4.0 will be tagged as 'spam analyzed'
- mail with SpamAssasin hitscore above 4.0 will be tagged as 'spam detected'
To be more precise, i mean by 'tagged' that an SMTP header will be added to the Email. Look at SpamAssassin documentation for more details about it.
You just have to set $SPAMLVL = 4.0 ; and it must work. In fine, $SPAMLVL = ' the value of $sa_tag2_level_deflt in /etc/amavisd/amavisd.conf';
Hope this will help too.
Mathieu
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Register
Profile
Log in to check your private messages
Log in
