PDA

View Full Version : Request: script that sends admin contents of retry queue daily



flaviozluca
12-14-2011, 06:48 AM
Hello!

Wondering if a programmer on the forum can help... :) I really think this can be useful for everyone.

We already have some mechanisms to control abuse... We have monitoring software checking incoming/outgoing and outgoing retry queues (# of messages), also we know IceWarp will have some features to alert admin if someone sends over x messages... And yes, we have hard pwds, require authentication and have daily limits.

I was hoping for a script that can, via icewarp API/PHP scan the outgoing/_retry que and send me the contents daily. It should show the same info that appears in status/outgoing queue, Sender, subject and recipient.

The thing is, monitoring really helps, it usually lets us some spam abuse, as it alerts us that retry queue is growing. But not always, sometimes the mail queue doesn't grow so much, thats why Id love to receive a daily email with contents of my out queue.

What for me is harder but perhaps for a programmer is easy is to parse the sender, subject and recipient.

Thanks!

Thanks!

vuser01
12-14-2011, 09:41 PM
One of the best features in IceWarp is the ability to set a maximum limit of email sent in 24 hours. This would be the a feature I would set, as no one will be sending out 10,000 emails in 24 hours.

This is one of the biggest security holes in other email server packages, is no ability to control the flow of email going out of the server. IceWarp has this functionality it just needs to be set.

You need to turn on the anti-spoofing option as well, also reject if originator's domain is local and not authorized and reject if originators domain does not exist.

Also, set the server to Block the user login for accounts that exceed a number of failed login attempts.

IceWarp has many security settings that will do a lot of work for you, protecting your server and IP reputation.

:)

flaviozluca
01-09-2012, 03:23 PM
Hi, Vuser01

When you say Icewarp has a feature to limit rate of emails, etc. afaik it only exists currently for mailing list, but such feature of controlling email flow / throttling for other messages (not just mailing lists), Afaik is in the plan for future releases... :)

But really what I wanted here is something else, a way to get a listing daily of all emails in the retry queue via email (and subject, sender, etc). So I can spot spam outbound, although Im usually able to by monitoring the retry queue (at least when the spam is abusive and the # of msgs in folder reaches a certain treshold) using monitoring software.

The features you mentioned are nice algo, but more Out to in. I personally dont use reject if local and not auth, as forged FROM will still get it (you rather need a filter to check if smtp auth and if FROM header contains your domain) and it will present problems to users that are in certain remote localities such as hotels that force to use their SMTP.

Thanks.

jakub
06-27-2012, 11:27 PM
Hello, its quite easy to create a PHP script doing what you want, would you like my help with it?

flaviozluca
07-02-2012, 09:51 AM
Dear Jakub,

Very nice of you, thanks! You know, maybe this can pass, because IceWarp already informed me it will add features to inform admin when over x emails are sent (so we dont find out via customer when his max msgs per day limit is reached). And besides that, we monitor our retry queue using monitoring software. So, unless its something very easy, maybe not worth it, although would be nice IMHO, imagine every day receiving a list in your email, similar to a spam report (and similar to the out queue you can see in webadmin), containing your retry queue, could help spot outgoing spam... But then again, my retry queue usually has like 1000 msgs+, so wouldnt be so practical, would be just 1 more thing to help control abuse.

If I were to choose Id prefer you help on this http://forum.icewarp.com/forum/showthread.php?308-Ideas-for-scripts

This one:

- script that checks orphan accounts, mail folders that exist in file system but not in icewarp. I think many users would enjoy this one.

I already have a script that lists the last login of customers, which I know IW does not store in DB but I can query via API. It could help me find stale accounts (which I know I have many), but at the most Id get a listing and would still have to delete 1 by 1. The idea with script above is to compare mail folder with accounts DB and list and possibly even let me delete accounts that exist in mail folder but not in DB.

Sorry, maybe its not worth the work involved.

If you reply this one perhaps we can start a new thread or use the other thread I posted.

THANKS A LOT!

PS - if you can, this one can also help customers, its a script in PHP that monitors retry queue for those that dont have monitoring software such as PRTG. But now with changes in 10.4, where retry queue has subfolders, it would have to do a recursive scan. http://forum.icewarp.com/forum/showthread.php?306-Monitoring-your-email-queue-%28PHP%29

All the best,
Flávio

jakub
07-05-2012, 03:47 AM
Hello Flávio,

I can create the script for you, its no problem. Would you like to have it for WIN or Linux? Any next requests for this script?

Jakub

flaviozluca
07-16-2012, 11:42 AM
Hi, Jakub

Very nice of you, I think it will be really useful and help in another case here on the forum where admins wanted to know which emails that were sent to wrong destination (typo) and end up in retry queue.

Initially on Windows as platform used by most customers.

So it would check the retry queue and email a report showing the FROM, TO, SUBJECT, DATE, correct?

Thanks!

jakub
07-17-2012, 04:06 AM
Hello, the script you want doesnt seem to be working with IceWarp, there are no such variables to get about retry e-mails, but it is quite simple to parse it in Windows, so I will prepare the script and post it on the forum.

freibuis
07-17-2012, 10:12 AM
Hi, Jakub

Very nice of you, I think it will be really useful and help in another case here on the forum where admins wanted to know which emails that were sent to wrong destination (typo) and end up in retry queue.

Initially on Windows as platform used by most customers.

So it would check the retry queue and email a report showing the FROM, TO, SUBJECT, DATE, correct?

Thanks!

I quick reverse enginer of the web admin to get the incoming/outgoing queue
https://mail.youmailserver.com/admin/messagequeue.html
select Server then choose outgoing. Outgoing = 2 queues. (retry & outgoing)

jakub
07-17-2012, 05:08 PM
I am writing the script to check only the retry queue, is it ok?

freibuis
07-17-2012, 06:48 PM
I am writing the script to check only the retry queue, is it ok?
;) sure
btw if you reference the
html\admin\inc\mailbox.php you will see a function that will pull the data for you already ;)
function getfilelist($path, $sms = false)

this will return an array called $files
$files contains $item[subject],$item[from],$item[to],$item[time],$item[size] and $item[id] (filename)



you could even modifiy it to include message content

that way you could create a php file in the admin folder, create all the referneces then output the array in a nice looking table.

Personally I out put the array in to an JSON and then use it as an sudo API. this then gets referenced by another web service and for PRTG for queue numbers

jakub
07-18-2012, 01:29 AM
Didnt know about the function and wrote the same myself, so I will use it yet. ;o)

jakub
07-18-2012, 08:21 AM
Hello,

here you are with Alfa version of the script, you can try if it is doing what is supposed, I will post better version after.

http://62.168.34.149/queue2.txt

Jakub

flaviozluca
08-05-2012, 10:45 AM
Wow! Thanks a lot, Jakub. I had not seen this post.

Beautiful, just 1 thing... Many times the TO: is blank... For example, 1 email sent to gmail.com.br incorrectly (this is the type of thing we want to catch, to possibly even inform senders), does not appear in the script.

Icewarp console shows the email TO: xxx@gmail.com.br

Checking the header, the TO is something completely different and gmail.com.br is in the CC...

So I guess we need to get the "correct to", the RCPT to actually. Perhaps one idea, I had the x-recipient via filter and the script checks for that?

Thanks,
Flávio

jakub
08-12-2012, 09:36 AM
Hi, as you want. So should I check the x-recipient or RCPT-TO?

flaviozluca
08-28-2012, 05:08 PM
Hi, Jakub

Sorry for late post, somehow this message which is something Im so eager for I didnt see.

Yes, I believe we need the recipient which afaik is same as rcpt to, no? :) The RCPT in logs I imagine would be hard to capture so you get the x-recipient from header, correct? The header TO is not trustable.

I have X-Recipient (add %%recipient%%) to header of the message only because I have a content filter that adds it (It actually ats only if its not BCC, for privacy reasons), so that would be a requirement for the script.

Yes I think thats what we need...

%%Recipient%% - list of all recipients delimited with semicolon ((whole content of RCPT TO: commands, even with < and >)

Thanks.