Difference between revisions of "Newsletter:8/Why is it Hard to Write a Postfix ZenPack"

From Zenoss Wiki
Jump to: navigation, search
 
Line 2: Line 2:
 
|Title=Why is it Hard to Write a Postfix ZenPack?
 
|Title=Why is it Hard to Write a Postfix ZenPack?
 
|Author=trelane
 
|Author=trelane
|Abstract=After an account on one of my mail servers was compromised, and was used to send spam, I looked, and found there were lots of Nagios plugins for Postfix.  I wasn’t impressed with any of them, so I wrote a ZenPack to fix the problem.  It quickly became apparent as I did this that the problem wasn’t Nagios, and wasn’t the plugin authors, it was Postfix itself.  I’ll discuss the issues I found, and how they should be fixed.  Of course, I’ll also provide a link and guide for setting up the ZenPack.
+
|Abstract=After an account on one of my mail servers was compromised, and was used to send spam, I found there were lots of Nagios plugins for Postfix.  I wasn’t impressed with any of them, so I wrote a ZenPack to fix the problem.  It quickly became apparent as I did this that the problem wasn’t Nagios, and wasn’t the plugin authors, it was Postfix itself.  I’ll discuss the issues I found, and how they should be fixed.  Of course, I’ll also provide a link and guide for setting up the ZenPack.
 
|Cover image=Postfix_logo.gif
 
|Cover image=Postfix_logo.gif
 
}}
 
}}
The Postfix mail server (aka MTA) is nearly ubiquitous.  It is the default MTA in CentOS/RHEL, Ubuntu, and SuSE.  After an account on one of my mail servers was compromised, and was used to send spam, I looked, and found there were lots of Nagios plugins for Postfix.  I wasn’t impressed with any of them, so I wrote a ZenPack to fix the problem.  It quickly became apparent as I did this that the problem wasn’t Nagios, and wasn’t the plugin authors, it was Postfix itself.  I’ll discuss the issues I found, and how they should be fixed.  Of course, I’ll also provide a link and guide for setting up the ZenPack.
+
The Postfix mail server (aka MTA) is nearly ubiquitous.  It is the default MTA in CentOS/RHEL, Ubuntu, and SuSE.  After an account on one of my mail servers was compromised, and was used to send spam, I found there were lots of Nagios plugins for Postfix.  I wasn’t impressed with any of them, so I wrote a ZenPack to fix the problem.  It quickly became apparent as I did this that the problem wasn’t Nagios, and wasn’t the plugin authors, it was Postfix itself.  I’ll discuss the issues I found, and how they should be fixed.  Of course, I’ll also provide a link and guide for setting up the ZenPack.
 
==Why Postfix is Difficult to Monitor==
 
==Why Postfix is Difficult to Monitor==
Postfix lacks built in command line or SNMP access to metrics.  Mail servers are pretty simple, and it’s sad to see that the only metric you can get directly from Postfix is the unsent queue length.  Most mail servers send mail to the internet, receive mail for local delivery, or mark it as spam.  Collecting these metrics was difficult and required writing a log parser.  Log parsers, especially remote ones can become very bandwidth, disk, and CPU intensive.  This means you have to be very selective about how you parse, and how much you transfer via SSH.  
+
Postfix lacks built-in command line or SNMP access to metrics.  Mail servers are pretty simple, and it’s sad to see that the only metric you can get directly from Postfix is the unsent queue length.  Most mail servers send mail to the internet, receive mail for local delivery, or mark it as spam.  Collecting these metrics was difficult and required writing a log parser.  Log parsers, especially remote ones can become very bandwidth, disk, and CPU intensive.  This means you have to be very selective about how you parse, and how much you transfer via SSH.  
 
==How Postfix Could Do it Better==
 
==How Postfix Could Do it Better==
Postfix, and many other basic Linux/Unix daemons would be well advised to follow Apache/NGINX’s lead by providing, either through the app, or via command line, statistics on the application’s performance that are easily queried, and parsed.  I picked 4 metrics, queue length, number of e-mails sent, number of e-mails received, and number of e-mails marked as spam.  These are essentially a guess because I don’t know what else might be important inside Postfix.  By providing useful metrics, a daemon author can help to clear up confusion and expose additional metrics which might save their users time in determining what when wrong when things go wrong.
+
Postfix, and many other basic Linux/Unix daemons would be well advised to follow Apache/NGINX’s lead by providing, either through the app, or via command line, statistics on the application’s performance that are easily queried and parsed.  I picked 4 metrics: queue length, number of e-mails sent, number of e-mails received, and number of e-mails marked as spam.  These are essentially a guess because I don’t know what else might be important inside Postfix.  By providing useful metrics, a daemon author can help to clear up confusion and expose additional metrics that might save their users time in determining what when wrong when things go wrong.
 
==Getting the ZenPack==
 
==Getting the ZenPack==
The ZenPack is available via our ZenPack directory.  You can find it here. (http://wiki.zenoss.org/ZenPack:ZenPack.trelane.Postfix)
+
The Postfix ZenPack is available via our ZenPack directory.  You can find it here. (http://wiki.zenoss.org/ZenPack:ZenPack.trelane.Postfix)
 
I expect that I’ll get some feedback after this article is published.  I’m looking forward to the feedback, but be ready for several quick patches/iterations to occur as I respond to feedback.  Instructions for leaving feedback are on the ZenPack’s directory page above.
 
I expect that I’ll get some feedback after this article is published.  I’m looking forward to the feedback, but be ready for several quick patches/iterations to occur as I respond to feedback.  Instructions for leaving feedback are on the ZenPack’s directory page above.
 
==Using the New Postfix ZenPack==
 
==Using the New Postfix ZenPack==
The new Postfix ZenPack utilizes SSH (passwordless keys) to parse the remote maillog, and will collect metrics for mail sent, mail received, and spam.  Included is a basic template which receives and graphs the data points, as well as a reasonable threshold for the Postfix queue (note that this may need to be increased on higher traffic servers).  This ZenPack is not officially supported by Zenoss but I’ll gladly accept feature requests, and bugs.
+
The new Postfix ZenPack utilizes SSH (passwordless keys) to parse the remote maillog, and will collect metrics for mail sent, mail received, and spam.  Included is a basic template which receives and graphs the data points, as well as a reasonable threshold for the Postfix queue (note that this may need to be increased on higher traffic servers).  This ZenPack is not officially supported by Zenoss but I’ll gladly accept feature requests and bugs.
 
==Conclusion==
 
==Conclusion==
I hope you enjoy the ZenPack, it’s much needed.  I also hope that those authoring daemons such as Postfix will be more cognizant that the modern IT Ops department needs metrics from those daemons, and make getting those metrics easier.
+
I hope you enjoy the ZenPack, it’s much needed.  I also hope that those authoring daemons such as Postfix will be more cognizant that the modern IT Ops department needs metrics from those daemons, and will make getting those metrics easier.
 
{{ArticleFooter}}
 
{{ArticleFooter}}

Latest revision as of 18:03, 1 June 2015

Community-header.jpg

Why is it Hard to Write a Postfix ZenPack?

After an account on one of my mail servers was compromised, and was used to send spam, I found there were lots of Nagios plugins for Postfix. I wasn’t impressed with any of them, so I wrote a ZenPack to fix the problem. It quickly became apparent as I did this that the problem wasn’t Nagios, and wasn’t the plugin authors, it was Postfix itself. I’ll discuss the issues I found, and how they should be fixed. Of course, I’ll also provide a link and guide for setting up the ZenPack.
Postfix logo.gif

The Postfix mail server (aka MTA) is nearly ubiquitous. It is the default MTA in CentOS/RHEL, Ubuntu, and SuSE. After an account on one of my mail servers was compromised, and was used to send spam, I found there were lots of Nagios plugins for Postfix. I wasn’t impressed with any of them, so I wrote a ZenPack to fix the problem. It quickly became apparent as I did this that the problem wasn’t Nagios, and wasn’t the plugin authors, it was Postfix itself. I’ll discuss the issues I found, and how they should be fixed. Of course, I’ll also provide a link and guide for setting up the ZenPack.

Why Postfix is Difficult to Monitor

Postfix lacks built-in command line or SNMP access to metrics. Mail servers are pretty simple, and it’s sad to see that the only metric you can get directly from Postfix is the unsent queue length. Most mail servers send mail to the internet, receive mail for local delivery, or mark it as spam. Collecting these metrics was difficult and required writing a log parser. Log parsers, especially remote ones can become very bandwidth, disk, and CPU intensive. This means you have to be very selective about how you parse, and how much you transfer via SSH.

How Postfix Could Do it Better

Postfix, and many other basic Linux/Unix daemons would be well advised to follow Apache/NGINX’s lead by providing, either through the app, or via command line, statistics on the application’s performance that are easily queried and parsed. I picked 4 metrics: queue length, number of e-mails sent, number of e-mails received, and number of e-mails marked as spam. These are essentially a guess because I don’t know what else might be important inside Postfix. By providing useful metrics, a daemon author can help to clear up confusion and expose additional metrics that might save their users time in determining what when wrong when things go wrong.

Getting the ZenPack

The Postfix ZenPack is available via our ZenPack directory. You can find it here. (http://wiki.zenoss.org/ZenPack:ZenPack.trelane.Postfix) I expect that I’ll get some feedback after this article is published. I’m looking forward to the feedback, but be ready for several quick patches/iterations to occur as I respond to feedback. Instructions for leaving feedback are on the ZenPack’s directory page above.

Using the New Postfix ZenPack

The new Postfix ZenPack utilizes SSH (passwordless keys) to parse the remote maillog, and will collect metrics for mail sent, mail received, and spam. Included is a basic template which receives and graphs the data points, as well as a reasonable threshold for the Postfix queue (note that this may need to be increased on higher traffic servers). This ZenPack is not officially supported by Zenoss but I’ll gladly accept feature requests and bugs.

Conclusion

I hope you enjoy the ZenPack, it’s much needed. I also hope that those authoring daemons such as Postfix will be more cognizant that the modern IT Ops department needs metrics from those daemons, and will make getting those metrics easier.