How to Understand and Manage The Mail System
This document is intended for people who are new to DTC and managing a shared hosting mail system with mail queues.
Postfix(approve sites), spamassassin(approve sites), ClamAV(approve sites) and Courier(approve sites)
By default DTC installs Postfix as the MTA (Mail Transfer Agent), SpamAssassin to manage spam, ClamAV to filter out virus and Courier Maildrop to deliver mail to mailboxes.
DTC puts users mail in /var/www/sites/<Admin Account>/<Domain Name>/Mailboxs/.
Mail is stored in MailDir format. This means each individual mail message is stored in its own file.
DTC can be used to assign quotas to each mail account. See: How To Configure Mailboxes
If a mail box goes over quota then messages are held in the deferred queue.
Note: Courier creates a file called .maildirsize to remember how much spare is taken in a mailbox.
This file can be deleted if you're having problems with a users quota.
Maildrop can be configured to send the user a warning message when their mail box gets to full. See the warming message text in /etc/courier. The percent full is defined in /etc/postfix/master.cf using the -w switch of the maildrop argument.
The Postfix web site has detailed information about managing Postfix queues, here are some commands you will find helpful:
# qshape incoming active deferred
This will display a summary of messages in the queues.
# postqueue -p
This shows messages currently in the queue.
# postqueue -f
This will cause postfix to attempt to reprocess messages stuck in the deferred queue
You should read the man pages for postfix, postqueue and qshape.
Spam and Virus System Management
clamavd and freshclam are installed on your system. freshclam gets the updates that clamavd uses.
You can see what version of virus definision is installed by using the following command:
# clamscan --version
ClamAV 0.96.1/11330/Wed Jul 7 01:20:41 2010
Update clamavd and freshclam
From time to time you need to make sure that you're using the latest copies of the ClamAV programs.
This command will check the current version and perform an update if required.
# apt-get install clamav
SpamAssassin takes care of its own binary updating, but to keep the spam rules fresh you need to enable sa-update via the cronjob.
# sed -i s/CRON=0/CRON=1/ /etc/default/spamassassin
DTC uses graylisting to manage spam. This can delay messages between 15 minutes and 4 hours.
If you don't know what Graylisting is see: http://en.wikipedia.org/wiki/Graylisting
Tumgreyspf is used to do the graylisting, only IP addresses are kept in /var/lib/tumgreyspf/data
For more information see: http://www.tummy.com/Community/software/tumgreyspf/ and read the .conf files in /etc/tumgreyspf
If you want to follow what Tumgreyspf is up to then you can follow your mail.log file:
# grep "tumgreyspf" /var/log/mail.log | wc -l
This command will show you how many lines rumgreyspf appears in the log file.
# grep "tumgreyspf" /var/log/mail.log | less
This command will list the lines in the current log file.
Note: Logrotate rotates the log files depending on what's in /etc/logrotate.d. (eg. Daily)
# tail -f /var/log/mail.log | grep "tumgreyspf"
This command will follow the mail.log file and only show you new lines produced by tumgreyspf.
Also see: How the Mail System Works
Raw config file debugging
The settings you make in the web interface exist in database and are then transferred to the raw Linux configuration files by the cron.php every 10 minutes.
The configuration files for mail users exist in: /var/lib/dtc/etc
There are two files for the settings: * and *.db
eg: postfix_vmailbox and postfix_vmailbox.db
The * file is just plain text. The db files is a compiled version that Postfix actually uses.
To recompile your file you use postmap, so:
# postmap postfix_vmailbox
Oct 14 10:57:27 mx postfix/virtual: error: open database /var/lib/dtc/etc/postfix_vmailbox.db: Permission denied
In this case the problem wasn't that the permissions were wrong on postfix_vmailbox.db, the permissions on the folder /var/lib/dtc/etc/ were set to read only.
Hint: File permissions are a constant issue in the mail system for security reasons. If you encounter problems you should be constantly thinking about if your files have the right permissions.
Managing mail submissions.
Add the following to your postfix config file - /etc/postfix/main.cf - you will then get a header that tells you who submitted mail. This is very useful when attempting to track down who's mail account is compromised and needs a password change.
#Track down who's sending messages
#See: http://serverfault.com/questions/404883/how-to-determine-which-user-sent-a-specific-email-with-postfix(approve sites)
smtpd_sasl_authenticated_header = yes
The mail system logs error information into /var/log/mail.err.
# tail -f /var/log/mail.err
Use this command to follow the the error log during debugging.
Editing this page means accepting its license.