Newsletter:8/Why is it Hard to Write a Postfix ZenPack
Why is it Hard to Write a Postfix ZenPack?
The Postfix mail server (aka MTA) is nearly ubiquitous. It is the default MTA in CentOS/RHEL, Ubuntu, and SuSE. After an account on one of my mail servers was compromised, and was used to send spam, I found there were lots of Nagios plugins for Postfix. I wasn’t impressed with any of them, so I wrote a ZenPack to fix the problem. It quickly became apparent as I did this that the problem wasn’t Nagios, and wasn’t the plugin authors, it was Postfix itself. I’ll discuss the issues I found, and how they should be fixed. Of course, I’ll also provide a link and guide for setting up the ZenPack.
Why Postfix is Difficult to Monitor
Postfix lacks built-in command line or SNMP access to metrics. Mail servers are pretty simple, and it’s sad to see that the only metric you can get directly from Postfix is the unsent queue length. Most mail servers send mail to the internet, receive mail for local delivery, or mark it as spam. Collecting these metrics was difficult and required writing a log parser. Log parsers, especially remote ones can become very bandwidth, disk, and CPU intensive. This means you have to be very selective about how you parse, and how much you transfer via SSH.
How Postfix Could Do it Better
Postfix, and many other basic Linux/Unix daemons would be well advised to follow Apache/NGINX’s lead by providing, either through the app, or via command line, statistics on the application’s performance that are easily queried and parsed. I picked 4 metrics: queue length, number of e-mails sent, number of e-mails received, and number of e-mails marked as spam. These are essentially a guess because I don’t know what else might be important inside Postfix. By providing useful metrics, a daemon author can help to clear up confusion and expose additional metrics that might save their users time in determining what when wrong when things go wrong.
Getting the ZenPack
The Postfix ZenPack is available via our ZenPack directory. You can find it here. (http://wiki.zenoss.org/ZenPack:ZenPack.trelane.Postfix) I expect that I’ll get some feedback after this article is published. I’m looking forward to the feedback, but be ready for several quick patches/iterations to occur as I respond to feedback. Instructions for leaving feedback are on the ZenPack’s directory page above.
Using the New Postfix ZenPack
The new Postfix ZenPack utilizes SSH (passwordless keys) to parse the remote maillog, and will collect metrics for mail sent, mail received, and spam. Included is a basic template which receives and graphs the data points, as well as a reasonable threshold for the Postfix queue (note that this may need to be increased on higher traffic servers). This ZenPack is not officially supported by Zenoss but I’ll gladly accept feature requests and bugs.
I hope you enjoy the ZenPack, it’s much needed. I also hope that those authoring daemons such as Postfix will be more cognizant that the modern IT Ops department needs metrics from those daemons, and will make getting those metrics easier.