1 rain6966发表 最后由 rain6966 (2017-02-14 15:37:43) 编辑

  • 注册日期: 2012-04-12
  • 文章数: 206

主题: Notify users about quarantined mails 如何啟動

==== ==== 必填信息。没有填写将不予回复 ====
- iRedMail 版本号:0.6.0
- 使用哪个数据库存储用户帐号(OpenLDAP,MySQL,PostgreSQL):Prp-2.7.0(LDAP)
- 使用的 Linux/BSD 发行版名称及版本号:CentOS7.3
- 与您的问题相关的日志信息:
====
參照:http://www.iredmail.org/docs/quarantining.html#notify-users-about-quarantined-mails

1).
# vi /var/www/iredadmin/settings.py
NOTIFICATION_IREDADMIN_URL = 'https://mail.mydomain.com/iredadmin/'

NOTIFICATION_QUARANTINE_MAIL_SUBJECT = '[Attention] You have emails quarantined and not delivered to mailbox'

2).
#1 */12 * * * python /var/www/iredadmin/tools/notify_quarantined_recipients.py >/dev/null
*/5 * * * * python /var/www/iredadmin/tools/notify_quarantined_recipients.py >/dev/null
改5分鐘 也沒有動作

3).
# python /var/www/iredadmin/tools/notify_quarantined_recipients.py
出現:
* << ERROR >> Error while querying mail users: LDAPError('LDAP connection invalid',)

self-service 已啟用.
哪裡未設定好呢?

Thanks

  • 注册日期: 2009-12-18
  • 文章数: 2,864

回复: Notify users about quarantined mails 如何啟動

这个工具的文档不够详细,但是代码的注释倒是够详细。这里先贴出代码的注释部分,稍后完善文档:

# Purpose: Notify local recipients (via email) that they have emails
#          quarantined on server and not delivered to their mailbox.

# Usage:
#
#   - Set a correct URL in iRedAdmin-Pro config file `settings.py`, so that
#     users can manage quarantined email within received notification email:
#
#       # URL of iRedAdmin-Pro, it will be displayed in notification email,
#       # so that users can know where they can manage quarantined mails.
#       # It should be https://[your_server]/iredadmin/
#       NOTIFICATION_IREDADMIN_URL = 'https://[your_server]/iredadmin/'
#
#   - Setup a cron job to run this script every 6 or 12, 24 hours, it's up to
#     you. Sample cron job (every 12 hours):
#
#       1 */12 * * * python /path/to/notify_quarantined_recipients.py >/dev/null
#
#     Available arguments:
#
#       --force-all:
#           Send notification to all users (who have email quarantined).
#
#       --force-all-time:
#           Notify all quarantined emails instead of the new ones since last
#           notification.
#
#       --notify-backupmx
#           Send notification to all recipients under backup mx domain
#
#   - Also, it's ok to run this script manually:
#
#       # python notify_quarantined_recipients.py [arg1 arg2 arg3 ...]

# Customization
#
#   - This script sends email via /usr/sbin/sendmail command by default, it
#     should work quite well and has better performance. if you still prefer
#     to send notification email via smtp, please set proper smtp server and
#     account info in iRedAdmin-Pro config file `settings.py`:
#
#       NOTIFICATION_SMTP_SERVER = 'localhost'
#       NOTIFICATION_SMTP_PORT = 587
#       NOTIFICATION_SMTP_STARTTLS = True
#       NOTIFICATION_SMTP_USER = ''
#       NOTIFICATION_SMTP_PASSWORD = ''
#
#   - To custom mail subject of notification email, please define below
#     variable in iRedAdmin-Pro config file `settings.py`:
#
#       # Subject of notification email.
#       NOTIFICATION_QUARANTINE_MAIL_SUBJECT = '[Attention] You have emails quarantined and not delivered to mailbox'
#
#   - To custom HTML template file, please create your own file by named
#     `tools/notify_quarantined_recipients.custom.html`. If no custom HTML
#     template file, this script will use default one instead:
#     `tools/notify_quarantined_recipients.html`

# How it works:
#
#   - Mail user login to iRedAdmin-Pro (self-service) and choose to receive
#     notification email when there's email quarantined.
#
#       - OpenLDAP: user will be assigned `enabledService=quar_notify`.
#       - SQL backends: column `mailbox.settings` contains `quar_notify:yes`.
#
#   - This script queries SQL/LDAP database to see who are willing to receive
#     a notification email.
#
#   - This script checks Amavisd database to get info of quarantined mails
#     for these users.
  • 注册日期: 2009-12-18
  • 文章数: 2,864

回复: Notify users about quarantined mails 如何啟動

文档已更新:
http://www.iredmail.org/docs/quarantini … ined-mails

4 rain6966回复 最后由 rain6966 (2017-02-15 11:27:01) 编辑

  • 注册日期: 2012-04-12
  • 文章数: 206

回复: Notify users about quarantined mails 如何啟動

在 /var/www/iredadmin/tools/notify_quarantined_recipients.py有
# How it works:
#
#   - Mail user login to iRedAdmin-Pro (self-service) and choose to receive
#     notification email when there's email quarantined.
#
#       - OpenLDAP: user will be assigned `enabledService=quar_notify`.

此enabledService=quar_notify 如何加入?

在 phpldapadmin
伺服器:    Distinguished Name: domainName=mydomain.com,o=domains,dc=mydomain,dc=com
下的enabledService 加入 quar_notify

還是在
伺服器:    Distinguished Name: mail=1@mydomain.com,ou=Users,domainName=mydomain.com,o=domains,dc=mydomain,dc=com
下的enabledService 加入 quar_notify
這樣變成是每一個user 皆須手動來加

/var/www/iredadmin/settings.py
再加入:
# SMTP server address, port, username, password used to send notification mail.
NOTIFICATION_SMTP_SERVER = 'localhost'
NOTIFICATION_SMTP_PORT = 587
NOTIFICATION_SMTP_STARTTLS = True
#NOTIFICATION_SMTP_USER = 'no-reply@localhost.local'
#NOTIFICATION_SMTP_PASSWORD = ''
NOTIFICATION_SMTP_USER = 'spam@mydomain.com'
NOTIFICATION_SMTP_PASSWORD = 'xxxxxxxxx'
NOTIFICATION_SMTP_DEBUG_LEVEL = 0
NOTIFICATION_IREDADMIN_URL = 'https://mail.mydoamin.com/iredadmin/'
NOTIFICATION_QUARANTINE_MAIL_SUBJECT = '[Attention] You have emails quarantined and not delivered to mailbox'

執行# python notify_quarantined_recipients.py
* << ERROR >> Error while querying mail users: LDAPError('LDAP connection invalid',)

還是錯誤.
log: /var/log/openldap.log

Feb 15 10:27:28 mail slapd[23549]: daemon: shutdown requested and initiated.
Feb 15 10:27:28 mail slapd[23549]: slapd shutdown: waiting for 0 operations/tasks to finish
Feb 15 10:27:28 mail slapd[23549]: slapd stopped.
Feb 15 10:27:28 mail slapd[24438]: @(#) $OpenLDAP: slapd 2.4.40 (Nov  6 2016 01:21:28) $#012#011mockbuild@worker1.bsys.centos.org:/builddir/build/BUILD/openldap-2.4.40/openldap-2.4.40/servers/slapd
Feb 15 10:27:28 mail slapd[24440]: config_back_db_open: line 0: warning: cannot assess the validity of the ACL scope within backend naming context
Feb 15 10:27:28 mail slapd[24440]: mdb_monitor_db_open: monitoring disabled; configure monitor database to enable
Feb 15 10:27:28 mail slapd[24440]: slapd starting
Feb 15 10:27:48 mail slapd[24440]: => access_allowed: result not in cache (userPassword)
Feb 15 10:27:48 mail slapd[24440]: => access_allowed: auth access to "cn=vmailadmin,dc=mydomain,dc=com" "userPassword" requested
Feb 15 10:27:48 mail slapd[24440]: => acl_get: [1] attr userPassword
Feb 15 10:27:48 mail slapd[24440]: => acl_mask: access to entry "cn=vmailadmin,dc=mydomain,dc=com", attr "userPassword" requested
Feb 15 10:27:48 mail slapd[24440]: => acl_mask: to value by "", (=0)
Feb 15 10:27:48 mail slapd[24440]: <= check a_dn_pat: anonymous
Feb 15 10:27:48 mail slapd[24440]: <= acl_mask: [1] applying auth(=xd) (stop)
Feb 15 10:27:48 mail slapd[24440]: <= acl_mask: [1] mask: auth(=xd)
Feb 15 10:27:48 mail slapd[24440]: => slap_access_allowed: auth access granted by auth(=xd)
Feb 15 10:27:48 mail slapd[24440]: => access_allowed: auth access granted by auth(=xd)

logwatch 部分內容:
Warnings
--------
  cleanup (total: 20)
        10   proxy:ldap:/etc/postfix/ldap/sender_bcc_maps_user.cf lookup err...
         1   21CD2C0000132: sender_bcc_maps lookup problem
         1   8E342C0000132: sender_bcc_maps lookup problem
         1   8E7DCC0000132: sender_bcc_maps lookup problem
         1   B8A53C0000132: sender_bcc_maps lookup problem
         1   B8CE6C0000132: sender_bcc_maps lookup problem
         1   B8E57C0000132: sender_bcc_maps lookup problem
         1   B8F7EC0000132: sender_bcc_maps lookup problem
         1   C3188C0000132: sender_bcc_maps lookup problem
         1   C3630C0000132: sender_bcc_maps lookup problem
         1   C37E4C0000132: sender_bcc_maps lookup problem
  pickup (total: 10)
         1   maildrop/4C99CD009E58C: error writing 8E7DCC0000132: queue file...
         1   maildrop/4C99CD009E58C: error writing C3630C0000132: queue file...
         1   maildrop/4C99CD009E58C: error writing B8CE6C0000132: queue file...
         1   maildrop/6997BD009E58B: error writing 8E342C0000132: queue file...
         1   maildrop/6997BD009E58B: error writing B8A53C0000132: queue file...
         1   maildrop/6997BD009E58B: error writing C3188C0000132: queue file...
         1   maildrop/6997BD009E58B: error writing 21CD2C0000132: queue file...
         1   maildrop/9B2F1D009E58E: error writing B8F7EC0000132: queue file...
         1   maildrop/AE391D009E58D: error writing B8E57C0000132: queue file...
         1   maildrop/AE391D009E58D: error writing C37E4C0000132: queue file...
  proxymap (total: 12)
        12   dict_ldap_connect: Unable to bind to server ldap://127.0.0.1:38...
  trivial-rewrite (total: 2)
         2   proxy:ldap:/etc/postfix/ldap/transport_maps_user.cf lookup erro...

其sender_bcc_maps_user.cf 及transport_maps_user.cf  出錯

ps: iRedMail 版本号:0.9.6, 才對;  寫錯為0.6.0

  • 注册日期: 2009-12-18
  • 文章数: 2,864

回复: Notify users about quarantined mails 如何啟動

rain6966 写道:

此enabledService=quar_notify 如何加入?
...
伺服器:    Distinguished Name: mail=1@mydomain.com,ou=Users,domainName=mydomain.com,o=domains,dc=mydomain,dc=com
下的enabledService 加入 quar_notify
這樣變成是每一個user 皆須手動來加

原本的设计是让用户在 self-service 页面里自己选择是否要收到这样的通知,所以这个是加在每一个 user 里的。但目前 iRedAdmin-Pro 没有加入这个功能,所以作为管理员,你只能用 '--force-all' 参数来强制检查所有用户的隔离邮件并发送通知。

rain6966 写道:

執行# python notify_quarantined_recipients.py
* << ERROR >> Error while querying mail users: LDAPError('LDAP connection invalid',)

这个错误似乎是 python 连接 ldap 服务器出错了。先试下这个 patch,让它能打印出更详细的错误:

diff -r 9560b0c4ed4d tools/ira_tool_lib.py
--- a/tools/ira_tool_lib.py    Tue Feb 14 22:16:28 2017 +0800
+++ b/tools/ira_tool_lib.py    Wed Feb 15 12:30:46 2017 +0800
@@ -37,10 +37,6 @@
 logger.setLevel(logging.INFO)
 
 
-def print_error(msg):
-    print '< ERROR > ' + msg
-
-
 def get_db_conn(db):
     if backend == 'ldap' and db in ['ldap', 'vmail']:
         from libs.ldaplib.core import LDAPWrap
@@ -49,6 +45,7 @@
         conn = _wrap.conn
 
         return conn
+
     try:
         conn = web.database(dbn=sql_dbn,
                             host=settings.__dict__[db + '_db_host'],
@@ -61,7 +58,7 @@
 
         return conn
     except Exception, e:
-        print_error(e)
+        logger.error(e)
 
 
 # Log in `iredadmin.log`
  • 注册日期: 2012-04-12
  • 文章数: 206

回复: Notify users about quarantined mails 如何啟動

ZhangHuangbin 写道:

但目前 iRedAdmin-Pro 没有加入这个功能,所以作为管理员,你只能用 '--force-all' 参数来强制检查所有用户的隔离邮件并发送通知。

了解.

这个错误似乎是 python 连接 ldap 服务器出错了。先试下这个 patch,让它能打印出更详细的错误:

cd /var/www/iredadmin
# patch -b -p0 tools/ira_tool_lib.py<ira_tool_lib.patch
# systemctl restart amavisd
# systemctl restart slapd.service
# systemctl restart httpd.service

# python tools/notify_quarantined_recipients.py
* << ERROR >> Error while querying mail users: LDAPError('LDAP connection invalid',)
# python tools/notify_quarantined_recipients.py --force-all
* << ERROR >> Error while querying mail users: LDAPError('LDAP connection invalid',)

/var/log/openldap.log 如下:
Feb 15 14:16:34 mail slapd[29652]: => access_allowed: result not in cache (userPassword)
Feb 15 14:16:34 mail slapd[29652]: => access_allowed: auth access to "cn=vmailadmin,dc=l,dc=techlins,dc=com" "userPassword" requested
Feb 15 14:16:34 mail slapd[29652]: => acl_get: [1] attr userPassword
Feb 15 14:16:34 mail slapd[29652]: => acl_mask: access to entry "cn=vmailadmin,dc=l,dc=techlins,dc=com", attr "userPassword" requested
Feb 15 14:16:34 mail slapd[29652]: => acl_mask: to value by "", (=0)
Feb 15 14:16:34 mail slapd[29652]: <= check a_dn_pat: anonymous
Feb 15 14:16:34 mail slapd[29652]: <= acl_mask: [1] applying auth(=xd) (stop)
Feb 15 14:16:34 mail slapd[29652]: <= acl_mask: [1] mask: auth(=xd)
Feb 15 14:16:34 mail slapd[29652]: => slap_access_allowed: auth access granted by auth(=xd)
Feb 15 14:16:34 mail slapd[29652]: => access_allowed: auth access granted by auth(=xd)
Feb 15 14:16:51 mail slapd[29652]: => access_allowed: result not in cache (userPassword)
Feb 15 14:16:51 mail slapd[29652]: => access_allowed: auth access to "cn=vmailadmin,dc=l,dc=techlins,dc=com" "userPassword" requested
Feb 15 14:16:51 mail slapd[29652]: => acl_get: [1] attr userPassword
Feb 15 14:16:51 mail slapd[29652]: => acl_mask: access to entry "cn=vmailadmin,dc=l,dc=techlins,dc=com", attr "userPassword" requested
Feb 15 14:16:51 mail slapd[29652]: => acl_mask: to value by "", (=0)
Feb 15 14:16:51 mail slapd[29652]: <= check a_dn_pat: anonymous
Feb 15 14:16:51 mail slapd[29652]: <= acl_mask: [1] applying auth(=xd) (stop)
Feb 15 14:16:51 mail slapd[29652]: <= acl_mask: [1] mask: auth(=xd)
Feb 15 14:16:51 mail slapd[29652]: => slap_access_allowed: auth access granted by auth(=xd)
Feb 15 14:16:51 mail slapd[29652]: => access_allowed: auth access granted by auth(=xd)

結果一樣 .
我找不到 iredadmin.log 檔

patch 的檔案和原始檔比較:
# diff ira_tool_lib.py ira_tool_lib.py.20170215
39a40,43
> def print_error(msg):
>     print '< ERROR > ' + msg
>
>
48d51
<
61c64
<         logger.error(e)
---
>         print_error(e)

Thanks.

  • 注册日期: 2009-12-18
  • 文章数: 2,864

回复: Notify users about quarantined mails 如何啟動

log 文件位置可在这篇文档里查:
http://www.iredmail.com/docs/file.locat … #iredadmin

因为没法得到更多 log,可能只能以 ssh 登录上去做 debug 了。这个是否可行?

  • 注册日期: 2012-04-12
  • 文章数: 206

回复: Notify users about quarantined mails 如何啟動

感謝幫忙,
ssh 登入等下寄出 zhb@iredmail.org

Thanks

  • 注册日期: 2009-12-18
  • 文章数: 2,864

回复: Notify users about quarantined mails 如何啟動

发送了几封测试邮件,通过查看 Postfix log file,确实没有对 outgoing email 做 bcc。
但是无论 postfix main.cf 还是 LDAP data,都没问题。所以我也无法解释了。