summaryrefslogtreecommitdiffstats
path: root/roles/common/files/etc
diff options
context:
space:
mode:
Diffstat (limited to 'roles/common/files/etc')
-rw-r--r--roles/common/files/etc/logrotate.d/fripost-mail17
-rw-r--r--roles/common/files/etc/rsyslog.conf130
2 files changed, 147 insertions, 0 deletions
diff --git a/roles/common/files/etc/logrotate.d/fripost-mail b/roles/common/files/etc/logrotate.d/fripost-mail
index 9ed2617..4fc1a85 100644
--- a/roles/common/files/etc/logrotate.d/fripost-mail
+++ b/roles/common/files/etc/logrotate.d/fripost-mail
@@ -15,3 +15,20 @@
invoke-rc.d rsyslog rotate > /dev/null
endscript
}
+
+# Keep a mapping Postfix's message ID -> SASL username for a month, to
+# find authors of potential abuse emails (if we are shown the header of
+# such emails.)
+/var/log/mail.sasl
+{
+ rotate 4
+ weekly
+ missingok
+ notifempty
+ compress
+ delaycompress
+ sharedscripts
+ postrotate
+ invoke-rc.d rsyslog rotate > /dev/null
+ endscript
+}
diff --git a/roles/common/files/etc/rsyslog.conf b/roles/common/files/etc/rsyslog.conf
new file mode 100644
index 0000000..4f07d9b
--- /dev/null
+++ b/roles/common/files/etc/rsyslog.conf
@@ -0,0 +1,130 @@
+# /etc/rsyslog.conf Configuration file for rsyslog.
+#
+# For more information see
+# /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html
+
+
+#################
+#### MODULES ####
+#################
+
+$ModLoad imuxsock # provides support for local system logging
+$ModLoad imklog # provides kernel logging support
+#$ModLoad immark # provides --MARK-- message capability
+
+# provides UDP syslog reception
+#$ModLoad imudp
+#$UDPServerRun 514
+
+# provides TCP syslog reception
+#$ModLoad imtcp
+#$InputTCPServerRun 514
+
+
+###########################
+#### GLOBAL DIRECTIVES ####
+###########################
+
+#
+# Use traditional timestamp format.
+# To enable high precision timestamps, comment out the following line.
+#
+$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
+
+#
+# Set the default permissions for all log files.
+#
+$FileOwner root
+$FileGroup adm
+$FileCreateMode 0640
+$DirCreateMode 0755
+$Umask 0022
+
+#
+# Where to place spool and state files
+#
+$WorkDirectory /var/spool/rsyslog
+
+#
+# Include all config files in /etc/rsyslog.d/
+#
+$IncludeConfig /etc/rsyslog.d/*.conf
+
+
+###############
+#### RULES ####
+###############
+
+#
+# Logging for the mail system. Split it up so that
+# it is easy to write scripts to parse these files.
+#
+
+mail.* -/var/log/mail.log
+mail.info -/var/log/mail.info
+mail.warn -/var/log/mail.warn
+mail.err /var/log/mail.err
+
+# To preserve the privacy of our users, we stop processing relevant log
+# entries (eg, we don't put them into /var/log/syslog) that are of
+# severity info and lower. Those lines are put into mail.log and
+# mail.info for troubleshooting, but those files are rotated frequently.
+# XXX: we should improve that: we shouldn't log envelopes and IPs unless
+# the mail is bounced, for instance.
+if ($programname startswith 'postfix-' or $programname == 'dovecot') and $syslogfacility-text == 'mail' and $syslogseverity >= 6 then ~
+
+#
+# Some standard log files. Log by facility.
+#
+auth,authpriv.* /var/log/auth.log
+*.*;auth,authpriv.none -/var/log/syslog
+#cron.* /var/log/cron.log
+daemon.* -/var/log/daemon.log
+kern.* -/var/log/kern.log
+lpr.* -/var/log/lpr.log
+user.* -/var/log/user.log
+
+#
+# Logging for INN news system.
+#
+news.crit /var/log/news/news.crit
+news.err /var/log/news/news.err
+news.notice -/var/log/news/news.notice
+
+#
+# Some "catch-all" log files.
+#
+*.=debug;\
+ auth,authpriv.none;\
+ news.none;mail.none -/var/log/debug
+*.=info;*.=notice;*.=warn;\
+ auth,authpriv.none;\
+ cron,daemon.none;\
+ mail,news.none -/var/log/messages
+
+#
+# Emergencies are sent to everybody logged in.
+#
+*.emerg :omusrmsg:*
+
+#
+# I like to have messages displayed on the console, but only on a virtual
+# console I usually leave idle.
+#
+#daemon,mail.*;\
+# news.=crit;news.=err;news.=notice;\
+# *.=debug;*.=info;\
+# *.=notice;*.=warn /dev/tty8
+
+# The named pipe /dev/xconsole is for the `xconsole' utility. To use it,
+# you must invoke `xconsole' with the `-file' option:
+#
+# $ xconsole -file /dev/xconsole [...]
+#
+# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
+# busy site..
+#
+#daemon.*;mail.*;\
+# news.err;\
+# *.=debug;*.=info;\
+# *.=notice;*.=warn |/dev/xconsole