Portal:Cloud VPS/Admin/Email

From Wikitech
Jump to navigation Jump to search

This page contains information on the email setup and how to manage it inside Cloud VPS.

Servers

The general outgoing SMTP servers are hosted in the cloudinfra project. At the time of this writing the instances in use are:

  • mx-out01.cloudinfra.eqiad.wmflabs
  • mx-out02.cloudinfra.eqiad.wmflabs

Each servers uses a floating IP so we can reference the servers in SPF records. Additionally, each floating IP is referenced by a public FQDN:

  • mx-out01.wmflabs.org --- 185.15.56.18
  • mx-out02.wmflabs.org --- 185.15.56.19

Servers use the puppet role role::mail::smarthost::wmcs plus some hiera config:

profile::mail::smarthost::cert_name: mx-out01.wmflabs.org
profile::mail::smarthost::cert_subjects: mx-out01.wmflabs.org
profile::mail::smarthost::exim_primary_hostname: mx-out01.wmflabs.org
profile::standard::has_default_mail_relay: false
standard::has_default_mail_relay: false

SPF

TODO: put here some info.

Toolforge

The Toolforge email setup also uses Exim, but a bit different setup than the general Cloud VPS servers.

Email server use the puppet role role::wmcs::toolforge::mailrelay and hiera config:

profile::standard::has_default_mail_relay: false
profile::toolforge::active_mail_relay: tools-mail-02.tools.eqiad.wmflabs
profile::toolforge::base::is_mail_relay: true
profile::toolforge::mailrelay::external_hostname: mail.tools.wmflabs.org

Operations

Some information on administrative tasks, specifically related to how to handle Exim.

A few pointers:

Total count for queue

$ sudo -i exim -bpc
286

Count for the queue per user

$ sudo -i exim -bp | grep '<' | awk '{print $4}' | sort | uniq -c |sort -n
      1 <someuser@some.tld>
    285 <>

Stats

$ sudo -i exim -bp | exiqsumm

Count  Volume  Oldest  Newest  Domain
-----  ------  ------  ------  ------

    1   106KB     28h     28h  A.tld
    1    4198      2h      2h  B.tld
    1   106KB      7h      7h  C.tld
    1   106KB     30h     30h  D.tld
    1   106KB     27h     27h  E.tld
    1   106KB     29h     29h  F.tld
    1   106KB     25h     25h  G.tld
    1   106KB     26h     26h  H.tld
    1   106KB     31h     31h  I.tld
    1   106KB      4h      4h  J.tld
    2    4300     31h     13h  K.tld
  271   629KB     22h      8h  tools.wmflabs.org
    1    87KB      5h      5h  L.tld
    1    57KB     12h     12h  M.tld
    1   106KB     46m     46m  N.tld
---------------------------------------------------------------
  286  1842KB     31h     46m  TOTAL

Blackhole an in-bound address

in /etc/aliases add a new line: <address>: :blackhole:

If this was for Tools exim to blacklist the user 'wiktcapt' we could do:

wiktcapt: :blackhole:

See also