Read outbound logs effectively

[ravivgolov]

Hello

How I read outbound logs effectively? (bounced/delivered)

[louis-lau]

Depends on where you have zonemta send the logs. Not sure I really understand the question, you can read the logs in whatever way you find effective yourself.

[louis-lau]

If you can provide more context around your question perhaps I can answer it.

[ravivgolov]

Ah You use the api to send the logs to somewhere like elasticsearch? I thought there is a built in logs viewer.

Where you send the logs for further examination?

My IPS are getting block in spamhaus with the reason of css blacklist. Not sure why.

[louis-lau]

You can log GELF to graylog/elasticsearch yes. You can also send log events over udp to zonemta-webadmin which will store some logs into mongodb and you can view them in that interface.

Zonemta itself normally just logs to stdout and you can grep those logs using normal linux command line utilities without anything fancy. Just like any other application. I currently just use this for a small setup, it's fine and doesn't need any extra cpu/ram. But centralized GELF would be good for a larger setup.

Have you looked at the logging config? All options are there. https://github.com/zone-eu/zone-mta/blob/530b495959fdcd2f5585738ddf6e01492754cfa9/config/default.js#L318-L341

[ravivgolov]

I just realized I didn't notice anything about GELF. I'm using zmta admin and I've enabled UDP, but I'm not seeing any outbound logs, only the queue.

Do you have an example of how to use GELF with elastic/grafana?

By the way, I've noticed that some senders are receiving an error message saying "Greylisted, please try again later." Which plugin causes this?

[ravivgolov]

BTW, How do you handle recipient not found/reject/access denied? For sure, it needs to be added to the blacklist and not retried for a few days or more. Are there any existing systems in Zonemta for this?

[louis-lau]

See https://github.com/zone-eu/zone-mta/blob/master/config/bounces.txt, it determines what zone-mta will do. Non-existing recipients aren't added to any blacklist automatically as this is an MTA, not a transactional sending platform.

[ravivgolov]

What should I do in that case? It's a very big problem. I know this is an MTA, but I need some protection for retries in such cases.

If I change the action, let's say to reject, will it simply reject without adding to the built-in blacklist, right? And is there something similar I can do? or to develop a plugin for that case?

[andris9]

ZoneMTA is more like a framework for building custom MTA servers, not a ready-made component like Postfix. So, you would have to build a plugin for anything specific. For example, the ZoneMTA plugin for the WildDuck mail server is a good example of how all application-specific use cases are handled by the plugin.

[louis-lau]

Was writing essentially the same as Andris. With the plugin system you can do almost anything you want, zonemta itself is bare-bones.

You could also look at Postal, which is meant to replace a transactional mailing platform: https://github.com/postalserver/postal

[ravivgolov]

Thank you, that is very good. I didn't know about postal - so which reason do I need ZoneMTA if I am using postal? I still need zoneMTA?

[louis-lau]

If you just need a transactional platform, Postal should work well for you. (I haven't tried it, but it seems to fit your transactional usecase from what I read)

If you need a more general purpose MTA you can completely customize, you'd need something like ZoneMTA. The WildDuck mail server wouldn't really work with Postal for example ;)

They're different tools for different purposes, but both deliver email and have overlapping functionality.

[ravivgolov]

Yeah, I just found Zonemta to be the best for me. I just need to make some customizations. Do you know any developers familiar with Zonemta? It will save me a lot of time, as I've had issues with a Node.js developer who needs to learn and might not do the job well :).

BTW, are bounces also counted when RSPAMD rejects or clamd?