Hallo ubuntuusers,
ich habe seit einigen Jahren das Problem, dass mir syslog-ng keine Mails mehr sendet. Meine Versuche das Problem zu beheben blieben die letzen Jahre immer erfolglos. Heuer habe ich nochmals einen intensiven Versuch unternommen, viele Artikel durchgeackert und Lösungsansätze probiert, leider alles ohne Erfolg.
Mein System habe ich 2012 aufgesetzt und immer wieder hochgezogen, derzeit auf (Ubuntu 22.04.1 LTS (GNU/Linux 5.15.0-58-generic x86_64)). Heuer habe ich das System auch erfolgreich von meiner alten MBR Hardware auf eine neue UEFI Hardware übersiedelt. Mit
sudo echo "mailtext" | mail -s "mailbetreff" empfaenger@domain.at
ist es mir möglich Mails zu versenden. Auch cron und apcupsd versenden problemlos Mails, nur aus syslog-ng funktioniert der Versand nicht.
Ich konnte leider nicht mal herausfinden ob das Problem an syslog-ng oder an postfix liegt.
/etc/syslog-ng/syslog-ng.conf
@version: 3.35
@include "scl.conf"
# Syslog-ng configuration file, compatible with default Debian syslogd
# installation.
# First, set some global options.
options { chain_hostnames(off); flush_lines(0); use_dns(no); use_fqdn(no);
dns_cache(no); owner("root"); group("adm"); perm(0640);
stats_freq(0); bad_hostname("^gconfd$");
};
########################
# Sources
########################
# This is the default behavior of sysklogd package
# Logs may come from unix stream, but not from another machine.
#
source s_src {
system();
internal();
};
# Arduino
source s_udp {
udp(ip(127.0.0.1) port(514));
};
# If you wish to get logs from remote machine you should uncomment
# this and comment the above source line.
#
#source s_net { tcp(ip(127.0.0.1) port(1000)); };
########################
# Destinations
########################
# First some standard logfile
#
destination d_auth { file("/var/log/auth.log"); };
destination d_cron { file("/var/log/cron.log"); };
destination d_daemon { file("/var/log/daemon.log"); };
destination d_kern { file("/var/log/kern.log"); };
destination d_lpr { file("/var/log/lpr.log"); };
destination d_mail { file("/var/log/mail.log"); };
destination d_syslog { file("/var/log/syslog"); };
destination d_user { file("/var/log/user.log"); };
destination d_uucp { file("/var/log/uucp.log"); };
# This files are the log come from the mail subsystem.
#
destination d_mailinfo { file("/var/log/mail.info"); };
destination d_mailwarn { file("/var/log/mail.warn"); };
destination d_mailerr { file("/var/log/mail.err"); };
# Logging for INN news system
#
destination d_newscrit { file("/var/log/news/news.crit"); };
destination d_newserr { file("/var/log/news/news.err"); };
destination d_newsnotice { file("/var/log/news/news.notice"); };
# Some 'catch-all' logfiles.
#
destination d_debug { file("/var/log/debug"); };
destination d_error { file("/var/log/error"); };
destination d_messages { file("/var/log/messages"); };
# The root's console.
#
destination d_console { usertty("root"); };
# Virtual console.
#
destination d_console_all { file(`tty10`); };
# The named pipe /dev/xconsole is for the nsole' utility. To use it,
# you must invoke nsole' with the -file' option:
#
# $ xconsole -file /dev/xconsole [...]
#
destination d_xconsole { pipe("/dev/xconsole"); };
# Send the messages to an other host
#
#destination d_net { tcp("127.0.0.1" port(1000) log_fifo_size(1000)); };
# Debian only
destination d_ppp { file("/var/log/ppp.log"); };
# Arduino
#destination d_arduino { file("/var/log/arduino.log"); };
destination d_arduino { file("/mnt/daten/arduino.log"); };
#destination d_arduino_mail_glocke { smtp( body("Syslog received an alert:\n$MSG") host("localhost") port(25)
# from("glocke" "glocke@meinedomain.at")
# to("Name" "empfaenger@meinedomain.at")
# subject("GLOCKE") ); };
#destination d_arduino_mail_post { smtp( body("Syslog received an alert:\n$MSG") host("localhost") port(25)
# from("post" "post@meinedomain.at")
# to("Name" "empfaenger@meinedomain.at")
# subject("POST") ); };
#destination d_arduino_mail_wiegand { smtp( body("Syslog received an alert:\n$MSG") host("localhost") port(25)
# from("syslog" "tor@meinedomain.at")
# to("Name" "empfaenger@meinedomain.at")
# subject("HAUSTUER") ); };
destination d_arduino_mail_telefon { smtp( body("Syslog received an alert:\nCode OK") host("localhost") port(24)
from("syslog" "tor@meinedomain.at")
to("Name" "empfaenger@meinedomain.at")
subject("GARTENTUER") ); };
#destination d_arduino_mail_fehler { smtp( body("Syslog received an alert:\n$MSG") host("localhost") port(25)
# from("syslog" "arduino@meinedomain.at")
# to("Name" "empfaenger@meinedomain.at")
# subject("FEHLER") ); };
########################
# Filters
########################
# Here's come the filter options. With this rules, we can set which
# message go where.
filter f_dbg { level(debug); };
filter f_info { level(info); };
filter f_notice { level(notice); };
filter f_warn { level(warn); };
filter f_err { level(err); };
filter f_crit { level(crit .. emerg); };
filter f_debug { level(debug) and not facility(auth, authpriv, news, mail); };
filter f_error { level(err .. emerg) ; };
filter f_messages { level(info,notice,warn) and
not facility(auth,authpriv,cron,daemon,mail,news); };
filter f_auth { facility(auth, authpriv) and not filter(f_debug); };
filter f_cron { facility(cron) and not filter(f_debug); };
filter f_daemon { facility(daemon) and not filter(f_debug); };
filter f_kern { facility(kern) and not filter(f_debug); };
filter f_lpr { facility(lpr) and not filter(f_debug); };
filter f_local { facility(local0, local1, local3, local4, local5,
local6, local7) and not filter(f_debug); };
filter f_mail { facility(mail) and not filter(f_debug); };
filter f_news { facility(news) and not filter(f_debug); };
filter f_syslog3 { not facility(auth, authpriv, mail) and not filter(f_debug); };
filter f_user { facility(user) and not filter(f_debug); };
filter f_uucp { facility(uucp) and not filter(f_debug); };
filter f_cnews { level(notice, err, crit) and facility(news); };
filter f_cother { level(debug, info, notice, warn) or facility(daemon, mail); };
filter f_ppp { facility(local2) and not filter(f_debug); };
filter f_console { level(warn .. emerg); };
# Arduino
filter f_arduino { host("10.100.20.233"); };
filter f_arduino_mail_glocke { filter(f_arduino) and message(" Glocke"); };
filter f_arduino_mail_post { filter(f_arduino) and message(" Post"); };
filter f_arduino_mail_wiegand { filter(f_arduino) and message("Tueroeffner durch Wiegand"); };
filter f_arduino_mail_telefon { filter(f_arduino) and (
message("Tueroeffner von Telefonanlage")
or
message("Typ:W26")
or
message("Typ:W34")
) ; };
filter f_arduino_mail_fehler { filter(f_arduino) and message("FEHLER"); };
########################
# Log paths
########################
log { source(s_src); filter(f_auth); destination(d_auth); };
log { source(s_src); filter(f_cron); destination(d_cron); };
log { source(s_src); filter(f_daemon); destination(d_daemon); };
log { source(s_src); filter(f_kern); destination(d_kern); };
log { source(s_src); filter(f_lpr); destination(d_lpr); };
log { source(s_src); filter(f_syslog3); destination(d_syslog); };
log { source(s_src); filter(f_user); destination(d_user); };
log { source(s_src); filter(f_uucp); destination(d_uucp); };
log { source(s_src); filter(f_mail); destination(d_mail); };
#log { source(s_src); filter(f_mail); filter(f_info); destination(d_mailinfo); };
#log { source(s_src); filter(f_mail); filter(f_warn); destination(d_mailwarn); };
#log { source(s_src); filter(f_mail); filter(f_err); destination(d_mailerr); };
log { source(s_src); filter(f_news); filter(f_crit); destination(d_newscrit); };
log { source(s_src); filter(f_news); filter(f_err); destination(d_newserr); };
log { source(s_src); filter(f_news); filter(f_notice); destination(d_newsnotice); };
#log { source(s_src); filter(f_cnews); destination(d_console_all); };
#log { source(s_src); filter(f_cother); destination(d_console_all); };
#log { source(s_src); filter(f_ppp); destination(d_ppp); };
log { source(s_src); filter(f_debug); destination(d_debug); };
log { source(s_src); filter(f_error); destination(d_error); };
log { source(s_src); filter(f_messages); destination(d_messages); };
log { source(s_src); filter(f_console); destination(d_console_all);
destination(d_xconsole); };
log { source(s_src); filter(f_crit); destination(d_console); };
# Arduino
log { source(s_udp); filter(f_arduino); destination(d_arduino); };
#log { source(s_udp); filter(f_arduino_mail_glocke); destination(d_arduino_mail_glocke); };
#log { source(s_udp); filter(f_arduino_mail_post); destination(d_arduino_mail_post); };
#log { source(s_udp); filter(f_arduino_mail_wiegand); destination(d_arduino_mail_wiegand); };
log { source(s_udp); filter(f_arduino_mail_telefon); destination(d_arduino_mail_telefon); };
#log { source(s_udp); filter(f_arduino_mail_fehler); destination(d_arduino_mail_fehler); };
# All messages send to a remote site
#
#log { source(s_src); destination(d_net); };
###
# Include all config files in /etc/syslog-ng/conf.d/
###
@include "/etc/syslog-ng/conf.d/*.conf"
Zu Beginn hat der Mailversand mit dieser syslog-ng.conf funktionert. Bei irgendeinem Upgrade auf eine neue LTS Version hat es dann nicht mehr funktioniert. Damals hatte ich aufgrund meiner damals nocht sehr kleinen Kinder keine Nerven für die Fehlerbehebung. Jezt habe ich dadurch das Problem, dass ich nicht genau eingrenzen kann wann und wo der Fehler aufgetreten ist.
hier noch meine /etc/postfix/main.cf
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_tls_security_level = encrypt
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = aliki.microscooter
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination =
relayhost = smtp.meinedomain.com:587
mailbox_size_limit = 51200000
recipient_delimiter = +
inet_interfaces = loopback-only
inet_protocols = all
mynetworks = 127.0.0.0/8, 10.100.20.0/24
#mailbox_command = procmail -a "$EXTENSION"
smtp_sasl_auth_enable = yes
# noplaintext weglassen, wenn Passw▒rter im Klartext ▒bertragen werden m▒ssen:
# (nicht empfohlen, nur wenn's anders nicht funktioniert)
#smtp_sasl_security_options = noplaintext noanonymous
smtp_sasl_security_options = noanonymous
smtp_sasl_password_maps = hash:/etc/postfix/sasl_password
sender_canonical_maps = hash:/etc/postfix/sender_canonical
#2023-01-13 eingefuegt da syslog-ng keine mails sendet
#smtpd_relay_restrictions = permit_mynetworks
#smtpd_recipient_restrictions=permit_mynetworks
#smtpd_recipient_restrictions = permit_mynetworks
#,permit_sasl_authenticated,defer_unauth_destination
#,permit
#smtpd_recipient_restrictions= permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination,permit
#2023-01-22
smtpd_relay_restrictions=3.6
compatibility_level = 3.6
In den letzten 10 Jahren habe ich zwar schon sehr viele dazugelernt und konnte mein System, zumindest aus subjektiver Sicht, immer gut betreuen. Hier fehlt mir aber das Verständnis der grundlegenden Funktionsweise und Zusammenhänge.
Ich bin für jede Hilfe dankbar.
Nachtrag 2023-01-31 Hier noch der Status des service:
sudo service syslog-ng status
● syslog-ng.service - System Logger Daemon
Loaded: loaded (/lib/systemd/system/syslog-ng.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2023-01-29 09:53:52 CET; 1 day 19h ago
Docs: man:syslog-ng(8)
Main PID: 2224 (syslog-ng)
Tasks: 4 (limit: 18166)
Memory: 106.4M
CPU: 720ms
CGroup: /system.slice/syslog-ng.service
└─2224 /usr/sbin/syslog-ng -F
Jän 29 09:53:52 aliki systemd[1]: Starting System Logger Daemon...
Jän 29 09:53:52 aliki syslog-ng[2224]: DIGEST-MD5 common mech free
Jän 29 09:53:52 aliki systemd[1]: Started System Logger Daemon.
Jän 30 00:00:07 aliki systemd[1]: Reloading System Logger Daemon...
Jän 30 00:00:07 aliki systemd[1]: Reloaded System Logger Daemon.
Jän 30 00:00:07 aliki syslog-ng[2224]: DIGEST-MD5 common mech free
Jän 31 00:00:05 aliki systemd[1]: Reloading System Logger Daemon...
Jän 31 00:00:05 aliki systemd[1]: Reloaded System Logger Daemon.
Jän 31 00:00:05 aliki syslog-ng[2224]: DIGEST-MD5 common mech free