Category Archives: Postfix

Membuat Smtp email Gateway

Dua hari ini saya berkesempatan membantu teman untuk membuat smtp email gateway. Sebenarnya saya sudah lama tidak ngoprek smtp. Mumpung ada kesempatan untuk merefresh ulang ingatan maka saya siap membantu.

Berikut hal yang akan di bangun

  • Smtp email gateway untuk menerima dan mengirim email dari emailserver dengan detail : hostname :(server smtp.saparatoz.com) ip = 182.253.226.38 Setting mx pada dns sudah mengarah ke = smtp IN MX 10 smtp.saparatoz.com
  • Email server menggunakan zimbra 8.0 dengan detail : hostname: ( mail.saparatoz.com) ip = 182.253.226.37

Langkah – langkah pembuatan email server gateway:

      • Install linux centos 6.4 64 bit ( akan di gabungkan dengan kaspersky mailgateway dikemudian hari)
      • Pastikan hostname dengan command: nano /etc/hosts  :-> smtp.saparatoz.com untuk melihat hostname yang sudah di buat dengan perintah : hostname -f
      • Install postfix = yum install Postfix
      • Settup main.cf = nano /etc/postfix/main.cf

alias_database = hash:/etc/aliases
append_at_myorigin = no
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
html_directory = no
inet_interfaces = all
inet_protocols = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain,
mydomain = smtp.saparatoz.com
myhostname = smtp.saparatoz.com
mynetworks = 182.253.226.38
mynetworks_style = host
myorigin = smtp.saparatoz.com
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES
relay_domains = smtp.saparatoz.com
sample_directory = /usr/share/doc/postfix-2.6.6/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
    • Edit file  : nano /etc/postfix/transport 
 mail.saparatoz.com  smtp:[182.253.226.37]
  • Setiap perubahan perlu melakukan map ulang dan restart system postfix:
postmap /etc/postfix/transport

Dan lakukan restart Postfix:

/etc/init.d/postfix restart

Selanjutnya untuk server zimbra. Asumsinya bahwa server zimbra sudah berjalan dan tinggal mensetting relay ke server smtp dengan mengganti pada MTA setting.

Home -> Configure -> Global Settings -> MTA

Relay MTA for external delivery: smtp.saparatoz.com

Web mail MTA Hostnames:smtp.saparatoz.com

Inbound SMTP host name: smtp.saparatoz.com

MTA Trusted Networks: 182.253.226.37

Selanjutnya tes kirim email dan cek log pada smtp server email gateway

tail -f /var/log/maillog

May 30 06:28:49 smtp postfix/qmgr[18042]: EA47022034A: from=<cahpct@gmail.com>, size=13742, nrcpt=1 (queue active)
May 30 06:28:49 smtp postfix/smtpd[23059]: disconnect from mail-pb0-f50.google.com[209.85.160.50]
May 30 06:28:49 smtp postfix/smtp[23064]: EA47022034A: to=<user@mail.saparatoz.com>, 
relay=182.253.226.38[182.253.226.38]:25, delay=0.77, delays=0.57/0.01/0.12/0.08, dsn=2.0.0, status=sent (250 2.0.0 Ok: 
queued as 0659B30002F)

Apabila anda atau perusahaan anda memerlukan jasa setting email gateway dan membangun email server yang free alias gratis silahkan menggunakan zimbra, jangan lupa contact saya di jamin maknyus!!

Postfix Monitoring With Mailgraph And pflogsumm in ubuntu

Mailgraph

To install Mailgraph, we run

apt-get install rrdtool mailgraph

Ubuntu doesn't ask us questions. Nevertheless, we have to make the differentiation if we use a content filter like amavisd in Postfix or not. Open /etc/default/mailgraph:

vi /etc/default/mailgraph

If you use a content filter like amavisd, the file should have the following contents:

MAIL_LOG=/var/log/mail.log
IGNORE_LOCALHOST=true

If you don't, then it should look like this:

MAIL_LOG=/var/log/mail.log
IGNORE_LOCALHOST=false

Ubuntu doesn't create the system startup links for Mailgraph automatically, so we do it now:

update-rc.d mailgraph defaults

Also, we have to start Mailgraph now:

/etc/init.d/mailgraph start

Now we must copy the mailgraph.cgi script (which draws the graphs and creates the output for our web browsers) to the cgi-bin directory of our www.example.com web site:

cp -p /usr/lib/cgi-bin/mailgraph.cgi /var/www/www.example.com/cgi-bin

The script is already executable, so we don't need to chmod it. If you use suExec for the www.example.com web site, you must chown mailgraph.cgi to the appropriate owner and group.

Now direct your browser to http://www.example.com/cgi-bin/mailgraph.cgi, and you should see some graphs. Of course, there must be some emails going through your system before you see the first results, so be patient.

 

The pflogsumm part is exactly the same as for Debian Sarge:

To install pflogsumm, we run

apt-get install pflogsumm

We want pflogsumm to be run by a cron job each day and send the report to postmaster@example.com. Therefore we must configure our system that it writes one mail log file for 24 hours, and afterwards starts the next mail log so that we can feed the old mail log to pflogsumm. Therefore we configure logrotate (that's the program that rotates our system's log files) like this: open /etc/logrotate.conf and append the following stanza to it, after the line # system-specific logs may be configured here:

vi /etc/logrotate.conf

/var/log/mail.log {
    missingok
    daily
    rotate 7
    create
    compress
    start 0
}

There's a logrotate script in /etc/cron.daily. This script is called everyday between 06:00h and 07:00h. With the configuration we just made, it will copy the current Postfix log /var/log/mail.log to /var/log/mail.log.0 and compress it, and the compressed file will be /var/log/mail.log.0.gz. It will also create a new, empty /var/log/mail.log to which Postfix can log for the next 24 hours.

Now we create the script /usr/local/sbin/postfix_report.sh which invokes pflogsumm and makes it send the report to postmaster@example.com:

vi /usr/local/sbin/postfix_report.sh

#!/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
gunzip /var/log/mail.log.0.gz

pflogsumm /var/log/mail.log.0 | formail -c -I"Subject: Mail Statistics" 
-I"From: pflogsumm@localhost" -I"To: postmaster@example.com" -I"Received: 
from www.example.com ([192.168.0.100])" | sendmail postmaster@example.com

gzip /var/log/mail.log.0
exit 0

We must make this script executable:

chmod 755 /usr/local/sbin/postfix_report.sh

Then we create a cron job which calls the script everyday at 07:00h:

crontab -e

0 7 * * * /usr/local/sbin/postfix_report.sh &> /dev/null

This will send the report to postmaster@example.com.

Managing Postfix

Delete an Email from the Queue

For Example – sending an email to someone and it bounces. Defauly retry is for 3 days. To remove it manually :

postsuper -d queue_id

Tons more info at: http://www.postfix.org/postsuper.1.html

Delete all Deferred Emails from the Queue

If spam emails are been sent and/or your mail queue fills up, you can delete all deferred emails with the following:

postsuper -d ALL deferred

Checking Mail logs with pflogsumm

pflogsumm shows all the essential information from mail.log. It groups information into the following headings:

  • Grand Totals – messages sent and recieved.
  • Per-Day Traffic Summary
  • Per-Hour Traffic Daily Average
  • Host/Domain Summary: Message Delivery
  • Host/Domain Summary: Messages Received
  • Senders by message count
  • Recipients by message count
  • Senders by message size
  • Recipients by message size
  • message deferral detail
  • message reject detail
  • message reject warning detail
  • smtp delivery failures
  • Warnings
apt-get install pflogsumm
pflogsumm /var/log/mail.log | less

It is a very useful tool and shows an excellent insight into mail delivery and sending on your server.

Show Mail Queue

If mails are deferred etc. and you want to see a list of them:

postqueue -p

Install kaspersky mailgateway with postfix on CentOS release 5.6 (Final)

Kesempatan kali ini saya ingin berbagi bagaimana install kaspersky mailgateway dengan menggunakan CentOS release 5.6 (Final)

1. Install centos 5.6 sampai selesai dan matikan selinux, uninstall sendmail, disable iptables karena kita akan mempergunakan postfix

2. Yum update

3. Yum install postfix ( selanjutnya custom sesuai kebutuan atur relay_domain, access dll)

4. Download kaspersky dari link berikut http://products.kaspersky-labs.com/english/email_gateways/ksmail_gateway/linux-gcc3.3.2-glibc2.2.x/mailgw-5.6-28.i386.rpm

5. rpm -i mailgw-5.6-28.i386.rpm

6. /opt/kaspersky/mailgw/lib/bin/setup/postinstall.pl ( ikuti dan isikan sesuai yang diperlukan).

7. /opt/kaspersky/mailgw/bin/mailgw-licensemanager -a 0dglll.key ( key yang diberikan oleh kaspersky beli ya ini key)

8. /opt/kaspersky/mailgw/bin/mailgw-keepup2date

9. /opt/kaspersky/mailgw/lib/bin/setup/setup.pl

Mengatasi email masuk junk pada HOTMAIL dengan membuat spf

Pada kesempatan ini saya ingin menulis pengalaman mengenai pengiriman email dari kantor yang selalu masuk folder junk pada email HOTMAIL.

Setelah beberapa hari ngoprek dengan bekal ilmu yang pas – pasan dan dengan dorongan keterpakasaan mesti menelusuri dimana salah dan kurang tepatnya. Dari menelusuri log sampai mencari informasi dari berbagai sumber.

Pertama yang menjadi penyebab email masuk junk adalah karena settingan pada DNS tertulis hanya smtp.binus.edu sedangkan yang mengirimkan email adalah dari mx2.binus.edu dan mx3.binus.edu maka langkah pertama saya menambahkan MX record menjadi 3 yaitu : smtp.binus.edu, mx2.binus.edu, mx3.binus.edu.

Ternyata hal ini belum menyelesaikan permasalahan selanjutnya saya coba menulusuri penulisan spf apakah sudah betul atau belum sebagi petunjuk saya mengikuti tutorial dari SPF

mail.binus.edu. IN TXT "v=spf1 ip4:202.58.182.2 a mx:mx2.binus.edu mx:mx2.binus.edu mx:smtp.binus.edu -all"

Berikut penjelasannya

[v=spf1] v=spf1 This identifies the TXT record as an SPF string.
[ip4:] ip4:202.58.182.2 202.58.182.2 is allowed to send mail from mail.binus.edu.
[a] a mail.binus.edu's IP address is 202.58.182.100.
That server is allowed to send mail from mail.binus.edu.
[mx:] mx:mx2.binus.edu The MX servers for mx2.binus.edu are allowed to send mail from mail.binus.edu.
[mx:] mx:mx2.binus.edu The MX servers for mx2.binus.edu are allowed to send mail from mail.binus.edu.
[mx:] mx:smtp.binus.edu The MX servers for smtp.binus.edu are allowed to send mail from mail.binus.edu.
[all] ~all SPF queries that do not match any other mechanism will return "softfail".
Messages that are not sent from an approved server should still be accepted but may be subjected to greater scrutiny.

Postfix Flush the Mail Queue

Traditionally you use the "sendmail -q" command to flush mail queue under Sendmail MTA. Under Postfix MTA, just enter the following command to flush the mail queue:
# postfix flush
OR
# postfix -f

To see mail queue, enter:
# mailq

To remove all mail from the queue, enter:
# postsuper -d ALL

To remove all mails in the deferred queue, enter:
# postsuper -d ALL deferred

postfix-delete.pl script

Following script deletes all mail from the mailq which matches the regular expression specified as the first argument (Credit: ??? – I found it on old good newsgroup)

#!/usr/bin/perl
 
$REGEXP = shift || die "no email-adress given (regexp-style, e.g. bl.*@yahoo.com)!";
 
@data = qx</usr/sbin/postqueue -p>;
for (@data) {
  if (/^(w+)(*|!)?s/) {
     $queue_id = $1;
  }
  if($queue_id) {
    if (/$REGEXP/i) {
      $Q{$queue_id} = 1;
      $queue_id = "";
    }
  }
}
 
#open(POSTSUPER,"|cat") || die "couldn't open postsuper" ;
open(POSTSUPER,"|postsuper -d -") || die "couldn't open postsuper" ;
 
foreach (keys %Q) {
  print POSTSUPER "$_n";
};
close(POSTSUPER);
 

For example, delete all queued messages from or to the domain called fackspamdomain.com, enter:
./postfix-delete.pl fackspamdomain.com
Delete all queued messages that contain the word "xyz" in the e-mail address:
./postfix-delete.pl xyz