diff options
| author | Paul Buetow <paul@buetow.org> | 2026-01-17 21:08:37 +0200 |
|---|---|---|
| committer | Paul Buetow <paul@buetow.org> | 2026-01-17 21:08:37 +0200 |
| commit | 19defb02691f020470b7e28d81ae331b8d8f9bd9 (patch) | |
| tree | d145999e69eb80d8b5320cef044197db3f9cf7c0 | |
| parent | 7a996ed2f657562dd05dee2548db15d044f4fdeb (diff) | |
adjust monitoring checks
| -rw-r--r-- | frontends/Rexfile | 11 | ||||
| -rw-r--r-- | frontends/etc/gogios.json.tpl | 6 | ||||
| -rw-r--r-- | frontends/etc/mail/smtpd.conf.tpl | 11 |
3 files changed, 25 insertions, 3 deletions
diff --git a/frontends/Rexfile b/frontends/Rexfile index c59bb58..971e162 100644 --- a/frontends/Rexfile +++ b/frontends/Rexfile @@ -344,6 +344,17 @@ task 'smtpd', mode => '644', on_change => sub { service 'smtpd' => 'restart' }; + # Reject lists for blocking unwanted senders/domains/recipients + Rex::Logger::info('Dealing with mail reject lists'); + for my $reject_list (qw/reject-senders reject-domains reject-recipients/) { + file "/etc/mail/$reject_list", + source => "./etc/mail/$reject_list", + owner => 'root', + group => 'wheel', + mode => '644', + on_change => sub { service 'smtpd' => 'restart' }; + } + Rex::Logger::info('Dealing with smtpd.conf'); file '/etc/mail/smtpd.conf', content => template('./etc/mail/smtpd.conf.tpl'), diff --git a/frontends/etc/gogios.json.tpl b/frontends/etc/gogios.json.tpl index 49221c5..8e4bcdb 100644 --- a/frontends/etc/gogios.json.tpl +++ b/frontends/etc/gogios.json.tpl @@ -23,9 +23,9 @@ <% for my $proto (4, 6) { -%> "Check Ping<%= $proto %> <%= $host %>.wg0.wan.buetow.org": { "Plugin": "<%= $plugin_dir %>/check_ping", - "Args": ["-H", "<%= $host %>.wg0.wan.buetow.org", "-<%= $proto %>", "-w", "100,10%", "-c", "200,15%"], + "Args": ["-H", "<%= $host %>.wg0.wan.buetow.org", "-<%= $proto %>", "-w", "100,20%", "-c", "200,30%"], "RandomSpread": 10, - "Retries": 3, + "Retries": 5, "RetryInterval": 3 }, <% } -%> @@ -117,7 +117,7 @@ "Plugin": "<%= $plugin_dir %>/check_procs", "RandomSpread": 10, "RunInterval": 300, - "Args": ["-w", "80", "-c", "100"] + "Args": ["-w", "100", "-c", "150"] }, "Check Disk <%= $hostname %>": { "Plugin": "<%= $plugin_dir %>/check_disk", diff --git a/frontends/etc/mail/smtpd.conf.tpl b/frontends/etc/mail/smtpd.conf.tpl index 7764b34..b43302d 100644 --- a/frontends/etc/mail/smtpd.conf.tpl +++ b/frontends/etc/mail/smtpd.conf.tpl @@ -10,6 +10,11 @@ table aliases file:/etc/mail/aliases table virtualdomains file:/etc/mail/virtualdomains table virtualusers file:/etc/mail/virtualusers +# Reject lists for blocking unwanted senders/domains/recipients +table reject-senders file:/etc/mail/reject-senders +table reject-domains file:/etc/mail/reject-domains +table reject-recipients file:/etc/mail/reject-recipients + listen on socket listen on all tls pki "buetow_org_tls" hostname "<%= "$hostname.$domain" %>" #listen on all @@ -18,6 +23,12 @@ action localmail mbox alias <aliases> action receive mbox virtual <virtualusers> action outbound relay +# Reject rules (processed before accept rules) +# reject-senders: full addresses, reject-domains: patterns like *@domain.com +match from any mail-from <reject-senders> reject +match from any mail-from <reject-domains> reject +match from any for rcpt-to <reject-recipients> reject + match from any for domain <virtualdomains> action receive match from local for local action localmail match from local for any action outbound |