Difference between revisions of "ShanxT-Notes"

(Useful Zimbra One-Liners)
Line 9: Line 9:
  
 
== Useful Zimbra One-Liners ==
 
== Useful Zimbra One-Liners ==
'''To find a spammer'''
+
'''To find a spammer:'''
 
The following will list the user that has authenticated the most, usually being the compromised ID via which spam is being sent. Change the password of the user immediately.
 
The following will list the user that has authenticated the most, usually being the compromised ID via which spam is being sent. Change the password of the user immediately.
 
  grep sasl_user /var/log/maillog | sed 's/.*sasl_username=//g' | sort | uniq -c | sort -nr | head
 
  grep sasl_user /var/log/maillog | sed 's/.*sasl_username=//g' | sort | uniq -c | sort -nr | head
  
'''Get all members of all distribution lists'''
+
'''Get all members of all distribution lists:'''
 
The following will get all the members of all the distribution lists on the server. The first line will be the distribution list ID, followed by the members, followed by a blank line, then the next distribution list ID, and so on.
 
The following will get all the members of all the distribution lists on the server. The first line will be the distribution list ID, followed by the members, followed by a blank line, then the next distribution list ID, and so on.
 
  for i in `zmprov -l gadl`; do echo "$i" ;zmprov gdl $i | grep zimbraMailForwardingAddress: | awk '{print $2}' ; echo ""; done | less
 
  for i in `zmprov -l gadl`; do echo "$i" ;zmprov gdl $i | grep zimbraMailForwardingAddress: | awk '{print $2}' ; echo ""; done | less

Revision as of 19:19, 4 August 2012

Zimbra Log Sorter

Script to sort Zimbra logs. Makes logs more legible, and can also show logs containing certain regexs. Use '--help' to see all options. Use '--examples' to see some examples.

Latest version of the script can be found here:

https://raw.github.com/shanxt/Zimbra-Log-Sorter/master/mtrackZimbra.py

Useful Zimbra One-Liners

To find a spammer: The following will list the user that has authenticated the most, usually being the compromised ID via which spam is being sent. Change the password of the user immediately.

grep sasl_user /var/log/maillog | sed 's/.*sasl_username=//g' | sort | uniq -c | sort -nr | head

Get all members of all distribution lists: The following will get all the members of all the distribution lists on the server. The first line will be the distribution list ID, followed by the members, followed by a blank line, then the next distribution list ID, and so on.

for i in `zmprov -l gadl`; do echo "$i" ;zmprov gdl $i | grep zimbraMailForwardingAddress: | awk '{print $2}' ; echo ""; done | less

Bulk provisioning using CSV in Zimbra 7

Zimbra 7 has removed the ability to add users using the GUI, but this can be done using the following script. The CSV has to be semi-colon separated, NOT comma separated. It has to be in the following format:

"Email ID";"Name";"Company";"Description";"Mobile Number";"Phone Number";"Address";"State";"Country"

Example:

"keyur.shah@example.com";"Keyur Shah";"Acme Inc";"This guy works in engineering";996323418;4216857841;"Valley road, random colony";"New Delhi";"India"

Save your csv as '/tmp/newusers.csv', and run the script. A file '/tmp/zmprovinput' will be created, which can then be analysed and added using the zmprov commmand, as shown:

zmprov < /tmp/zmprovinput

The password for all users will be 'very_secure_password_1831'. This can be changed in the script. Read script for more info.

Latest version of the script can be found here:

https://github.com/shanxt/Zimbra-Scripts/blob/master/zimbraUserAddScript.sh

Set random passwords and force user to change password on login

The following script generates a random password, stores it to a file, and forces the user the change password on first login using the zimbraPasswordMustChange attribute.

The userlist has to be supplied before running the script, and should be stored in the file /tmp/allaccounts. The users should be in the format 'user@example.com'. To change for all users, simply run:

zmprov -l gaa > /tmp/allaccounts

After running the script, two files are created. /tmp/newpasswords.csv contains the list of usernames and passwords in CSV format, whereas /tmp/zmprovPwChange is the file input for zmprov, which after analysis can be run as follows:

zmprov < /tmp/zmprovPwChange

Latest version of the script can be found here:

https://github.com/shanxt/Zimbra-Scripts/blob/master/zimbraRandomPass.sh


Simple archival server for Zimbra OSE

Introduction

This document shows how to create a simple archiving server. If you have a user 'keyur@example.com', all mails sent to and from this email ID will be forwarded to 'keyur@archive.example.com'.

We will need two servers for this. Both will be installed with Zimbra, one being the live mail server 'example.com', and the other the archiving server, 'archive.example.com'. The archiving server should have a much larger HDD drive than the mail server, preferably formatted using LVM, to allow for expansion later.

The installation on each server will be independent, ie, this isn't a multi-server setup. Each server will be a single-server, with the only difference being the domain names.

In this example, let's assume the live server's domain is 'example.com', with IP 192.168.1.5, and the archiving server is 'archive.example.com', with IP 192.168.1.18. Install Zimbra on both as usual.

DNS

The servers will require a local DNS, as we use this to forward the mails. In this example, I will assume that we have set up a caching name server using bind on the live server. Typical entries would be something like this:

example.com.       	IN A            192.0.43.10
mail.example.com.       IN A            192.168.1.5
example.com.            IN MX           10 mail.example.com.

Along with this, we need to add an A and MX record for archive.example.com as well.


archive.example.com.    IN A            192.168.1.18
archive.example.com.    IN MX           10 archive.example.com.

Now all mails addressed to 'archive.example.com' will be forwarded to the archive server.


Postfix

In postfix, we can specify an email address to which all incoming and outgoing mails from a particular email ID will be forwarded to. This is done using 'sender_bcc_maps' and 'recipient_bcc_maps'. All these changes are done only on the main server.

We make the following entries at the end of /opt/zimbra/postfix/conf/main.cf

sender_bcc_maps = hash:/opt/zimbra/postfix/conf/archivelist
recipient_bcc_maps = hash:/opt/zimbra/postfix/conf/archivelist

The file '/opt/zimbra/postfix/conf/archivelist' will have users in the following format: keyur@example.com keyur@archive.example.com

All mails to and from keyur@example.com will be forwarded to keyur@archive.example.com.


Manual addition

Create a user on the main server, and then the corresponding user on the archive server. Then add the users in the format as show above to the file '/opt/zimbra/postfix/conf/archivelist', and then run the postmap command as the zimbra user:

$ postmap /opt/zimbra/postfix/conf/archivelist
$ postfix reload

Script

I wrote the following script to add users automatically on the archive server, and also to the 'archivelist' file. Run this on the main server, and all users will be automatically added. You can place it in the crontab for every half an hour, so that when a new user is created on the main server, he/she will be automatically added to the archive server. SSH using keys (password-less ssh) between the main and archive server is necessary for the script to function.

The latest version of the script can be found here:

https://raw.github.com/shanxt/Zimbra-Scripts/master/zimbraAddUsersToArchive.sh

NOTE: All mails, sent and received, will be stored in the inbox of the archive user.

Verified Against: Zimbra Collaboration Suite 6,7 Date Created: 08/04/2012
Article ID: https://wiki.zimbra.com/index.php?title=ShanxT-Notes Date Modified: 2012-08-04



Try Zimbra

Try Zimbra Collaboration with a 60-day free trial.
Get it now »

Want to get involved?

You can contribute in the Community, Wiki, Code, or development of Zimlets.
Find out more. »

Looking for a Video?

Visit our YouTube channel to get the latest webinars, technology news, product overviews, and so much more.
Go to the YouTube channel »

Jump to: navigation, search