Administration
==============
-The Administration GUI allows you to do common administration tasks
-like updating software packages, manage quarantine, view service
-status and manage mail queues. It also provides server statistics in
-order to verify server health.
+The Administration GUI allows you to carry out common tasks
+such as updating software packages, managing quarantines, viewing the
+status of services, and managing mail queues. It also provides server
+statistics, in order to verify server health.
Server Administration
---------------------
-Server status
-~~~~~~~~~~~~~
+Status
+~~~~~~
-image::images/screenshot/pmg-gui-server-status.png[]
+[thumbnail="pmg-gui-server-status.png", big=1]
-This page shows server statistics about CPU, memory, disk and network
-usage. You can select the displayed time span on the upper right.
+This page shows statistics about server CPU, memory, disk and network
+usage. You can select the displayed time span from the upper right.
Administrators can open a terminal window using the 'Console'
button. It is also possible to trigger a server 'Restart' or
Services
~~~~~~~~
-image::images/screenshot/pmg-gui-service-status.png[]
+[thumbnail="pmg-gui-service-status.png", big=1]
-This panel lists all major services used for mail processing and
+This panel lists all the major services used for mail processing and
cluster synchronization. If necessary, you can start, stop or restart
-them. The 'Syslog' button shows the system log filtered for the
+them. The 'Syslog' button shows the system log, filtered for the
selected service.
Please note that {pmg} uses {systemd} to manage services, so you can
Updates
~~~~~~~
-image::images/screenshot/pmg-gui-updates.png[]
+[thumbnail="pmg-gui-updates.png", big=1]
We release software updates on a regular basis, and it is recommended
to always run the latest available version. This page shows the
-available updates, and administrator can run an upgrade by pressing
+available updates, and administrators can run an upgrade by pressing
the 'Upgrade' button.
See section xref:pmg_package_repositories[Package Repositories] for
-details abaout available package repositories.
+details about the available package repositories.
Syslog and Tasks
~~~~~~~~~~~~~~~~
-image::images/screenshot/pmg-gui-syslog.png[]
+[thumbnail="pmg-gui-syslog.png", big=1]
-The syslog page gives you a quick real-time log view. Please use the
+The Syslog page gives you a quick real-time log view. You can use the
xref:pmg_tracking_center[Tracking Center] to search the logs.
+The Tasks page provides a history of the administration tasks that you
+carried out on the server, such as upgrading the system. Each task
+entry provides status information about the task, as well as the
+output.
Quarantine
----------
+[[pmgadministration_spam_quarantine]]
Spam
~~~~
-DODO
+[thumbnail="pmg-gui-spam-quarantine.png", big=1]
+
+This panel lets you inspect the mail quarantine. Emails can be safely
+previewed and if desired, delivered to the original user.
+
+The email preview on the web interface is very secure, as malicious
+code (attacking your operating system or email client) is removed by
+{pmg}.
+
+Users can access their personalized quarantine via the daily spam report or by
+navigating to the URL configured for the quarantine (defaults to
+`https://<pmg-host>:8006/quarantine`) and logging in with their LDAP credentials
+(email address and password).
+
+You can additionally enable user self-service for sending an access link from
+the Quarantine Login page.
+To enable this on the Quarantine Login page, edit `/etc/pmg/pmg.conf`. See section
+xref:pmgconfig_spamdetector_quarantine[Spam Detector Configuration - Quarantine]
+for more details about the available settings.
+
Virus
~~~~~
-TODO
+Allows administrators to inspect quarantined virus mails.
+
+
+Attachment
+~~~~~~~~~~
+Allows administrators to inspect quarantined mails and download their
+attachments or deliver/delete them.
+
+NOTE: Use the options of the 'Remove attachment' action to control the Attachment Quarantine.
+
+
+[[pmg_userblackwhitelist]]
User White- and Blacklist
~~~~~~~~~~~~~~~~~~~~~~~~~
-TODO
+This is mostly useful to debug or verify white- and blacklist user
+settings. The administrator should not change these values because
+users can manage this themselves.
+
[[pmg_tracking_center]]
Tracking Center
---------------
-image::images/screenshot/pmg-gui-tracking-center.png[]
+[thumbnail="pmg-gui-tracking-center.png", big=1]
+
+Email processing is a complex task and involves several service
+daemons. Each daemon logs information to the syslog service. The
+problem is that a server analyzes many emails in parallel, so it is
+usually very hard to find all logs corresponding to a specific mail.
+
+The Tracking Center simplifies the search for
+emails dramatically. We use highly optimized and safe Rust footnote:[A language
+empowering everyone to build reliable and efficient software.
+https://www.rust-lang.org/] code to search the available syslog data. This is
+very fast and powerful, and works for sites processing several million emails
+per day.
+
+The result is a list of received mails, including the following data:
+
+[cols="s,5d"]
+|====
+|Time | Timestamp of first syslog entry found
+|From | Envelope 'From' address (the sender)
+|To | The email receiver address
+|Status | Delivery status
+|Syslog | The corresponding syslog entries are shown if you double
+click such an entry or if you press the '+' button on the left
+|====
+
+To narrow the search down further, you can specify filters and set
+a 'Start' and 'End' time. By default, the start time is set to the
+last hour. If you still get too many entries, you can try to restrict
+the search to a specific sender or receiver address, or search for a
+specific text string in the logs ('Filter' entry).
+
+NOTE: Search is faster if you use a shorter time interval.
+
+The 'Status' field summarizes what happened with an email. {pmg} is a
+mail proxy, meaning that the proxy receives mails from outside,
+processes them and finally sends the result to the receiver.
+
+The first phase is receiving the mail. The proxy may reject the mail
+early or accept the mail and feed it into the filter. The filter
+rules can then block or accept the mail.
+
+In the second phase, accepted mails need to be delivered to the
+receiver. This action may also fail or succeed. 'Status'
+combines the results from the first and second phase.
+
+[options="header",cols="2s,1d,5d"]
+|====
+|Status |Phase |Description
+|rejected |1 | Email rejected (for example, the sender IP is listed on an IP blacklist)
+|greylisted |1 | Email temporarily rejected by greylisting
+|queued/deferred |1 | Internal email was queued, still trying to deliver
+|queued/bounced |1 | Internal email was queued but not accepted by the target email server (for example, user unknown)
+|queued/delivered |1 | Internal email was queued and delivered
+|quarantine |1 | Email was moved to quarantine
+|blocked |1 | Email was blocked by filter rules
+|accepted/deferred |2 | Email accepted, still trying to deliver
+|accepted/bounced |2 | Email accepted, but not accepted by the target email server (for example, user unknown)
+|accepted/delivered |2 | Email accepted and delivered
+|====
+
+[[postfix_queue_administration]]
+Postfix Queue Administration
+----------------------------
-TODO
+[thumbnail="pmg-gui-queue-admin-summary.png", big=1]
+Mail-queues are one of the central concepts of the SMTP protocol. Once a
+mail server accepts a mail for further processing it saves it to a queue.
+After the mail is either relayed to another system, stored locally
+or discarded, it is deleted from the local mail-queue.
-Postfix Queue Administration
-----------------------------
+If immediate processing is not possible, for example because a downstream
+mail server is not reachable, the mail remains on the queue for later
+processing.
+
+The 'Queue Administration' panel provides a summary about the current state
+of the postfix mail-queue, similar to the 'qshape (1)' command-line utility.
+It shows domains for which mails were not delivered, and how long they have
+been queued.
+
+The three Action Buttons on top provide the most common queue operations:
+
+'Flush Queue'::
+
+Attempt to deliver all currently queued mail, for example if a downstream
+server has become available again.
+
+'Delete All Messages'::
+
+Delete all currently queued mail, for example if the queue contains only spam.
+
+'Discard address verification database'::
+
+Clear the recipient verification cache.
+
+A sudden increase in queued mails should be closely inspected. This
+increase can indicate issues connecting to downstream servers or that
+one of the servers for which you relay emails sends spam itself.
+
+Deferred Mail
+~~~~~~~~~~~~~
+[thumbnail="pmg-gui-queue-admin-deferred.png"]
+
+In the 'Deferred Mail' tab, you can examine each deferred email
+separately. In addition to providing contact information about the
+sender and receiver, you can also check the reason for which an email
+remains queued.
+
+You can view the complete headers and filter by sender or receiver of
+queued emails.
-TODO
+Here, you can also flush or delete each deferred email independently.
projects / pmg-docs.git / blobdiff