Logwatch Installation 24.04LTS: Difference between revisions
No edit summary |
No edit summary |
||
Line 9: | Line 9: | ||
Set the System mail name = your solaris.scottworld.net<br> | Set the System mail name = your solaris.scottworld.net<br> | ||
For the mail outgoing mail to relay correctly we need to set a '''relayhost''' | |||
When prompted for the relay host, enter: | When prompted for the relay host, enter: | ||
[ssl0.ovh.net]:465 | [ssl0.ovh.net]:465 | ||
sudo nano /etc/postfix/main.cf | sudo nano /etc/postfix/main.cf |
Revision as of 16:31, 18 March 2024
Logwatch
Logwatch is a handy utility that can parse the system logs and send you details of system errors or issues with the server. Lets stick this on and set it up to mail the logs to an email address daily.
sudo apt install logwatch
As part of the installation, logwatch will install the postfix mailer which we need to configure on install. We will choose the option satellite system
Set the System mail name = your solaris.scottworld.net
For the mail outgoing mail to relay correctly we need to set a relayhost When prompted for the relay host, enter:
[ssl0.ovh.net]:465
sudo nano /etc/postfix/main.cf
Modify the parameters below
# See /usr/share/postfix/main.cf.dist for a commented, more complete version # Debian specific: Specifying a file name will cause the first # line of that file to be used as the name. The Debian default # is /etc/mailname. #myorigin = /etc/mailname smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no # appending .domain is the MUA's job. append_dot_mydomain = no # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h readme_directory = no # TLS parameters smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtp_tls_wrappermode = yes smtp_tls_security_level = encrypt # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for # information on enabling SSL in the smtp client. smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination myhostname = scottworld.net alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = solaris.scottworld.net, localhost.scottworld.net, localhost relayhost = [ssl0.ovh.net]:465 # Added to authentice SMTP with OVH smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = noanonymous # Added to re-map senders sender_canonical_maps = regexp:/etc/postfix/sender_rewrite mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = loopback-only inet_protocols = all
Create a file
nano /etc/postfix/sasl_passwd
add the host and the account details.
ssl0.ovh.net root@scottworld.net:password
Execute the command (to refresh the password table)
postmap /etc/postfix/sasl_passwd
Alias the sender account if needed by your ISP
If you dont have authorisation on your SMTP relay to send mail for the standard sender account (in this case root@scottworld.net) you can alias it.
nano /etc/postfix/main.cf (this line is already added to the sample above if you copied it)
sender_canonical_maps = regexp:/etc/postfix/sender_rewrite
Now create /etc/postfix/sender_rewrite
sudo nano /etc/postfix/sender_rewrite
And add the following to allow the replay host to not be rejected as we don't own the address root@scottworld.net (this will alias the outgoing address)
/.*/ root@scottworld.net
Then run the following to enable the re-write.
postmap /etc/postfix/sender_rewrite
Restart postfix
sudo service postfix restart
Testing
You can now test logwatch and the email functionality is working with the following command.
logwatch --detail Med --mailto mark@scottworld.net
Monitor email errors with
tail -f /var/log/mail.log
All we need to do now to get a daily email is to add a cron job.
nano /etc/crond.d/logwatch
Add the following entry to send a mail at 1:00am every day running as root (use your email address please, I get enough spam)
0 01 * * * root /usr/sbin/logwatch --detail Med --mailto mark@scottworld.net
Emailing Tweaks
We may want to catch mail errors, so we need to set up a root mailing account and a few mail utilities. We should be good citizens and set this up as it will collect bounced emails.
sudo apt-get install mailutils
Install the mutt mail reader
sudo apt-get install mutt
Check 'roots' mailbox
sudo touch /var/mail/root sudo chown root:root /var/mail/root mutt -f /var/mail/root
You can test this by sending a mail to root@servername and reading it with mutt.