Solved

Help with Postfix+Nagios Setup - CentOS

Posted on 2010-11-19
7
1,841 Views
Last Modified: 2012-06-27
Currently rolling-out Nagios for an internal business unit, and I've got the lion-share of the setup completed, except for outbound notifications working. I've yum installed postfix, ran through setup steps over at server-world.info/en.  I also modified the commands.cfg file per this URL:

http://www.infosecprojects.net/en/linuxtutorials/nagios-sendmail.html

setup info

postfix-2.3.3-2.1.el5_2
2.6.18-194.26.1.el5
CentOS 5.5


here is output from postconf -n

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
body_checks = regexp:/etc/postfix/body_checks
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
header_checks = regexp:/etc/postfix/header_checks
html_directory = no
inet_interfaces = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
mydomain = example.com
myhostname = nagios.example.com
mynetworks = 10.0.101.0/24, 127.0.0.0/8
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
sample_directory = /usr/share/doc/postfix-2.3.3/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
unknown_local_recipient_reject_code = 550

Open in new window


tail on /var/log/maillog:

Nov 19 04:20:46 pov postfix/smtpd[22095]: fatal: open database /etc/aliases.db: No such file or directory
Nov 19 04:20:47 pov postfix/master[21874]: warning: process /usr/libexec/postfix/smtpd pid 22095 exit status 1
Nov 19 04:20:47 pov postfix/master[21874]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling

Open in new window


tail /var/log/messages

 
nagios: Warning: Attempting to execute the command "/usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: PROBLEM\nHost: monitoredbox\nState: DOWN\nAddress: 10.0.101.221\nInfo: CRITICAL - Host Unreachable (10.0.101.221)\n\nDate/Time: Fri Nov 19 04:24:44 PST 2010\n" | /bin/mail -s "** PROBLEM Host Alert: zimbra is DOWN **" 5555555555@tmomail.net" resulted in a return code of 127.  Make sure the script or binary you are trying to execute actually exists...
Nov 19 04:41:04 pov nagios: Auto-save of retention data completed successfully.

Open in new window


postfix is running:

ps -ef | grep postfix
root     21874     1  0 04:06 ?        00:00:00 /usr/libexec/postfix/master
postfix  21876 21874  0 04:06 ?        00:00:00 pickup -l -t fifo -u
postfix  21877 21874  0 04:06 ?        00:00:00 qmgr -l -t fifo -u
root     22172 21934  0 04:26 pts/0    00:00:00 grep postfix

Open in new window


I can also telnet to the localhost via 25, and to the public IP from my workstation, but each time I telnet, it says connected, but EHLO, HELO commands generate no response from the server. I'm focusing on researching the maillog errors right now, if anyone could lend a hand that'd be great
0
Comment
Question by:kapshure
  • 4
  • 3
7 Comments
 
LVL 8

Accepted Solution

by:
LunarNRG earned 250 total points
ID: 34176692
Regarding 'fatal: open database /etc/aliases.db: No such file or directory', confirm you have the file /etc/aliases, then run 'newaliases', and then 'services postfix reload' or '/etc/init.d/postfix reload'.

Regarding the nagios warning from /var/log/messages, you probably need to install a package that provides /bin/mail. On a CentOS box I have access to, /bin/mail is provided by the mailx package ('yum install mailx')
0
 
LVL 8

Expert Comment

by:LunarNRG
ID: 34176754
The newaliases command creates /etc/aliases.db from the contents of /etc/aliases. Without a /etc/aliases.db file present, postfix will exhibit the other behavior you mentioned (no response to HELO or EHLO) - btw.
0
 

Author Comment

by:kapshure
ID: 34176762
@LunarNRG

you're right, mailx wasn't installed; so I've done that.

I had already done the newaliases command, but I did it again.

Now I've got this in maillog:

lost connection after EHLO from firewall.hostcompany.com[12.34.56.78] < our office IP
postfix/smtpd[23150]: disconnect from firewall.hostcompany.com[12.34.56.78] < our office IP

Open in new window

0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 8

Expert Comment

by:LunarNRG
ID: 34176798
Are you running your telnet test from localhost? For example,

[user@host ~] telnet localhost 25

Open in new window

0
 

Author Comment

by:kapshure
ID: 34176898
seems that the mailx and newaliases fixed the problem. I just got an alert from nagios to my phone :)

Now want to see a few more alerts come through and looks like maybe my setup for notifications is complete!

one question I have.

I had sendmail.postfix configured as the only MTA, so how come mailx was required? Could I have changed nagios.cfg to sync up w/ postfix instead of mailx?

thanks again.
0
 
LVL 8

Expert Comment

by:LunarNRG
ID: 34177107
No problem, glad to hear it.

You're right you don't really need mailx, but the nagios defaults for host-notify-by-email, service-notify-by-email, etc. all use /usr/bin/mail, I believe.  You could use /usr/sbin/sendmail for the same purpose, but you'd have to create your own macros.

Nagios just calls the command you specify in config, and in your case /usr/bin/mail was used, as in (from the previous warning):
/usr/bin/printf "%b" "***** Nagios *****
<snip>
Date/Time: Fri Nov 19 04:24:44 PST 2010\n" | /bin/mail -s "** PROBLEM Host Alert: zimbra is DOWN **" 5555555555@tmomail.net" resulted in a return code of 127

Open in new window


I just now noticed that you mentioned following these instructions change the nagios default:
  http://www.infosecprojects.net/en/linuxtutorials/nagios-sendmail.html

... so it would seem your modification did not take, you may wish to review your settings and make sure they match the tutorial. Perhaps you need to restart the nagios service? Not sure. If you convince nagios to use /usr/sbin/sendmail then you can remove the mailx package.

HTH,
Marty
0
 

Author Comment

by:kapshure
ID: 34177135
I'm getting the alerts now; just not as timely as they should be. seems that the UP alert comes back way faster than the DOWN. Or sometimes vice versa. May need to tweak some time-thresholds in nagios.

seems like for now though, that the mail part is working, as we're getting service alerts to (2) phones now, and to an email on a different mail server in a different domain.

Thanks again!
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

MS outlook is a premier email client that enable you to send and receive the e-mails with various file formats of attachments such as document files, media file, and many others formats. There is some scenario occurs when a receiver of an e-mail mes…
Workplace bullying has increased with the use of email and social media. Retain evidence of this with email archiving to protect your employees.
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now