pmg-administration.adoc

   1 Administration
   2 ==============
   3
   4 The Administration GUI allows you to carry out common tasks
   5 such as updating software packages, managing quarantines, viewing the
   6 status of services, and managing mail queues. It also provides server
   7 statistics, in order to verify server health.
   8
   9
  10 Server Administration
  11 ---------------------
  12
  13 Status
  14 ~~~~~~
  15
  16 [thumbnail="pmg-gui-server-status.png", big=1]
  17
  18 This page shows statistics about server CPU, memory, disk and network
  19 usage. You can select the displayed time span from the upper right.
  20
  21 Administrators can open a terminal window using the 'Console'
  22 button. It is also possible to trigger a server 'Restart' or
  23 'Shutdown'.
  24
  25
  26 Services
  27 ~~~~~~~~
  28
  29 [thumbnail="pmg-gui-service-status.png", big=1]
  30
  31 This panel lists all the major services used for mail processing and
  32 cluster synchronization. If necessary, you can start, stop or restart
  33 them. The 'Syslog' button shows the system log, filtered for the
  34 selected service.
  35
  36 Please note that {pmg} uses {systemd} to manage services, so you can
  37 also use the standard `systemctl` command line tool to manage or view
  38 service status, for example:
  39
  40 -----
  41 systemctl status postfix
  42 -----
  43
  44
  45 Updates
  46 ~~~~~~~
  47
  48 [thumbnail="pmg-gui-updates.png", big=1]
  49
  50 We release software updates on a regular basis, and it is recommended
  51 to always run the latest available version. This page shows the
  52 available updates, and administrators can run an upgrade by pressing
  53 the 'Upgrade' button.
  54
  55 See section xref:pmg_package_repositories[Package Repositories] for
  56 details about the available package repositories.
  57
  58
  59 Syslog and Tasks
  60 ~~~~~~~~~~~~~~~~
  61
  62 [thumbnail="pmg-gui-syslog.png", big=1]
  63
  64 The Syslog page gives you a quick real-time log view. You can use the
  65 xref:pmg_tracking_center[Tracking Center] to search the logs.
  66
  67 The Tasks page provides a history of the administration tasks that you
  68 carried out on the server, such as upgrading the system. Each task
  69 entry provides status information about the task, as well as the
  70 output.
  71
  72 Quarantine
  73 ----------
  74
  75 [[pmgadministration_spam_quarantine]]
  76 Spam
  77 ~~~~
  78
  79 [thumbnail="pmg-gui-spam-quarantine.png", big=1]
  80
  81 This panel lets you inspect the mail quarantine. Emails can be safely
  82 previewed and if desired, delivered to the original user.
  83
  84 The email preview on the web interface is very secure, as malicious
  85 code (attacking your operating system or email client) is removed by
  86 {pmg}.
  87
  88 Users can access their personalized quarantine via the daily spam report or by
  89 navigating to the URL configured for the quarantine (defaults to
  90 `https://<pmg-host>:8006/quarantine`) and logging in with their LDAP credentials
  91 (email address and password).
  92
  93 You can additionally enable user self-service for sending an access link from
  94 the Quarantine Login page.
  95 To enable this on the Quarantine Login page, edit `/etc/pmg/pmg.conf`. See section
  96 xref:pmgconfig_spamdetector_quarantine[Spam Detector Configuration - Quarantine]
  97 for more details about the available settings.
  98
  99
 100 Virus
 101 ~~~~~
 102
 103 Allows administrators to inspect quarantined virus mails.
 104
 105
 106 Attachment
 107 ~~~~~~~~~~
 108
 109 Allows administrators to inspect quarantined mails and download their
 110 attachments or deliver/delete them.
 111
 112 NOTE: Use the options of the 'Remove attachment' action to control the Attachment Quarantine.
 113
 114
 115 [[pmg_userblackwhitelist]]
 116 User White- and Blacklist
 117 ~~~~~~~~~~~~~~~~~~~~~~~~~
 118
 119 This is mostly useful to debug or verify white- and blacklist user
 120 settings. The administrator should not change these values because
 121 users can manage this themselves.
 122
 123
 124 [[pmg_tracking_center]]
 125 Tracking Center
 126 ---------------
 127
 128 [thumbnail="pmg-gui-tracking-center.png", big=1]
 129
 130 Email processing is a complex task and involves several service
 131 daemons. Each daemon logs information to the syslog service. The
 132 problem is that a server analyzes many emails in parallel, so it is
 133 usually very hard to find all logs corresponding to a specific mail.
 134
 135 The Tracking Center simplifies the search for
 136 emails dramatically. We use highly optimized and safe Rust footnote:[A language
 137 empowering everyone to build reliable and efficient software.
 138 https://www.rust-lang.org/] code to search the available syslog data. This is
 139 very fast and powerful, and works for sites processing several million emails
 140 per day.
 141
 142 The result is a list of received mails, including the following data:
 143
 144 [cols="s,5d"]
 145 |====
 146 |Time | Timestamp of first syslog entry found
 147 |From | Envelope 'From' address (the sender)
 148 |To   | The email receiver address
 149 |Status | Delivery status
 150 |Syslog | The corresponding syslog entries are shown if you double
 151 click such an entry or if you press the '+' button on the left
 152 |====
 153
 154 To narrow the search down further, you can specify filters and set
 155 a 'Start' and 'End' time. By default, the start time is set to the
 156 last hour. If you still get too many entries, you can try to restrict
 157 the search to a specific sender or receiver address, or search for a
 158 specific text string in the logs ('Filter' entry).
 159
 160 NOTE: Search is faster if you use a shorter time interval.
 161
 162 The 'Status' field summarizes what happened with an email. {pmg} is a
 163 mail proxy, meaning that the proxy receives mails from outside,
 164 processes them and finally sends the result to the receiver.
 165
 166 The first phase is receiving the mail. The proxy may reject the mail
 167 early or accept the mail and feed it into the filter. The filter
 168 rules can then block or accept the mail.
 169
 170 In the second phase, accepted mails need to be delivered to the
 171 receiver. This action may also fail or succeed. 'Status'
 172 combines the results from the first and second phase.
 173
 174 [options="header",cols="2s,1d,5d"]
 175 |====
 176 |Status |Phase |Description
 177 |rejected             |1 | Email rejected (for example, the sender IP is listed on an IP blacklist)
 178 |greylisted           |1 | Email temporarily rejected by greylisting
 179 |queued/deferred      |1 | Internal email was queued, still trying to deliver
 180 |queued/bounced       |1 | Internal email was queued but not accepted by the target email server (for example, user unknown)
 181 |queued/delivered     |1 | Internal email was queued and delivered
 182 |quarantine           |1 | Email was moved to quarantine
 183 |blocked              |1 | Email was blocked by filter rules
 184 |accepted/deferred    |2 | Email accepted, still trying to deliver
 185 |accepted/bounced     |2 | Email accepted, but not accepted by the target email server (for example, user unknown)
 186 |accepted/delivered   |2 | Email accepted and delivered
 187 |====
 188
 189 [[postfix_queue_administration]]
 190 Postfix Queue Administration
 191 ----------------------------
 192
 193 [thumbnail="pmg-gui-queue-admin-summary.png", big=1]
 194
 195 Mail-queues are one of the central concepts of the SMTP protocol. Once a
 196 mail server accepts a mail for further processing it saves it to a queue.
 197 After the mail is either relayed to another system, stored locally
 198 or discarded, it is deleted from the local mail-queue.
 199
 200 If immediate processing is not possible, for example because a downstream
 201 mail server is not reachable, the mail remains on the queue for later
 202 processing.
 203
 204 The 'Queue Administration' panel provides a summary about the current state
 205 of the postfix mail-queue, similar to the 'qshape (1)' command-line utility.
 206 It shows domains for which mails were not delivered, and how long they have
 207 been queued.
 208
 209 The three Action Buttons on top provide the most common queue operations:
 210
 211 'Flush Queue'::
 212
 213 Attempt to deliver all currently queued mail, for example if a downstream
 214 server has become available again.
 215
 216 'Delete All Messages'::
 217
 218 Delete all currently queued mail, for example if the queue contains only spam.
 219
 220 'Discard address verification database'::
 221
 222 Clear the recipient verification cache.
 223
 224 A sudden increase in queued mails should be closely inspected. This
 225 increase can indicate issues connecting to downstream servers or that
 226 one of the servers for which you relay emails sends spam itself.
 227
 228 Deferred Mail
 229 ~~~~~~~~~~~~~
 230 [thumbnail="pmg-gui-queue-admin-deferred.png"]
 231
 232 In the 'Deferred Mail' tab, you can examine each deferred email
 233 separately. In addition to providing contact information about the
 234 sender and receiver, you can also check the reason for which an email
 235 remains queued.
 236
 237 You can view the complete headers and filter by sender or receiver of
 238 queued emails.
 239
 240 Here, you can also flush or delete each deferred email independently.