Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Q: Is missing documentation for a shipping feature a 'bug' or an 'enhancement'?

  1. #1
    Join Date
    Oct 2012
    Posts
    20
    Rep Power
    3

    Exclamation Q: Is missing documentation for a shipping feature a 'bug' or an 'enhancement'?

    For features that ship with ZCS, are missing official TechDocs (install, config, etc) considered a 'bug' or an 'enhancement' by @Zimbra?

    Specifically, when WE file @bugzilla about the missing docs, what 'Severity' should be selected?

    Here's one example -- missing cbpolicyd documentation (https://bugzilla.zimbra.com/show_bug.cgi?id=70376) -- that:

    (1) was filed over a year ago (2012-02-21) as an 'enhancement' to v7.1.4
    (2) hasn't been completed in/by 8.0.4
    (3) can't get any attention/response from the "Assigned To"
    (4) won't allow users to modigy "Version Found" or "Severity"

  2. #2
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    Quote Originally Posted by dvirt View Post
    For features that ship with ZCS, are missing official TechDocs (install, config, etc) considered a 'bug' or an 'enhancement' by @Zimbra?

    Specifically, when WE file @bugzilla about the missing docs, what 'Severity' should be selected?

    Here's one example -- missing cbpolicyd documentation (https://bugzilla.zimbra.com/show_bug.cgi?id=70376) -- that:

    (1) was filed over a year ago (2012-02-21) as an 'enhancement' to v7.1.4
    (2) hasn't been completed in/by 8.0.4
    (3) can't get any attention/response from the "Assigned To"
    (4) won't allow users to modigy "Version Found" or "Severity"
    In the bug report you mention there is a link to the 'official' Zimbra Certified cbpolicyd documentation on the wiki, did you read that? Does that not tell you what you need to know? If it's missing some content then file an RFE for that. FWIW, you won't necessarily get any immediate response to comments you add to that bug report and you won't have the authority to modify the status and product version in that bug report.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    Join Date
    Oct 2012
    Posts
    20
    Rep Power
    3

    Default

    Quote Originally Posted by phoenix View Post
    you mention there is a link to the 'official' Zimbra Certified cbpolicyd documentation on the wiki
    Actually, no, I don't. I refer specifically (https://bugzilla.zimbra.com/show_bug.cgi?id=70376#c13) to "unofficial, work-in-progress" @ the wiki.

    A quick search @ the Wiki, it states clearly "This article is a Work in Progress, and may be unfinished or missing sections."

    Quote Originally Posted by phoenix View Post
    did you read that?
    Yes

    Quote Originally Posted by phoenix View Post
    Does that not tell you what you need to know?
    No

    Quote Originally Posted by phoenix View Post
    If it's missing some content
    It is. The 1st post of the already existing RFE identifies some of the issues.

    The other bug (https://bugzilla.zimbra.com/show_bug.cgi?id=39093), identifies additional unaddressed request for doc'ing the admin UI.

    Neither of the official Admin Guides

    http://files.zimbra.com/website/docs...uide_8.0.4.pdf

    nor

    http://files.zimbra.com/website/docs...uide_8.0.4.pdf

    address any install or configuration.

    Simply, there's no thorough, step-by-step example, with Zimbra-specific recommendations if/as required, of either cbpolicyd server or adminUI install, configuration, or usage w.r.t. "Quota" (its oft-default use case), or "Greylisting" (its very-frequent use case).

    Quote Originally Posted by phoenix View Post
    then file an RFE for that.
    I did (https://bugzilla.zimbra.com/show_bug.cgi?id=81268). It was closed, and merged into the bug referenced here, in this post (https://bugzilla.zimbra.com/show_bug.cgi?id=70376), which is an 'enhancement', and has not been addressed. That's the point of this forum question.

  4. #4
    Join Date
    May 2007
    Location
    Zimbra
    Posts
    1,285
    Rep Power
    10

    Default

    I have been actively updating Postfix Policyd - Zimbra :: Wiki as I have time. There were a number of issues with policyd in 8.0.0 through 8.0.3. 8.0.4 is better, except it doesn't add in the new accounting & amavis schema by default. There's a bug to do that on the 8.0.5 upgrade, or you can do it manually yourself if you like (if you have need of either).

    --Quanah
    Quanah Gibson-Mount
    Server Architect
    Zimbra, Inc
    --------------------
    Zimbra :: the leader in open source messaging and collaboration

  5. #5
    Join Date
    Oct 2012
    Posts
    20
    Rep Power
    3

    Default

    Quote Originally Posted by quanah View Post
    I have been actively updating Postfix Policyd - Zimbra :: Wiki as I have time.
    It would probably be useful to both posters & users to consolidate/organize the various policyd-related pages into one.

    Still would like to know whether missing docs are considered a 'bug' or 'enhancement' request.

    In any case, it'd be helpful to see the DOC REQUEST actually promoted to @pm.zimbra.

  6. #6
    Join Date
    May 2007
    Location
    Zimbra
    Posts
    1,285
    Rep Power
    10

    Default

    I've been consolidating them as I have time. Eventually there will be only one.
    Quanah Gibson-Mount
    Server Architect
    Zimbra, Inc
    --------------------
    Zimbra :: the leader in open source messaging and collaboration

  7. #7
    Join Date
    Sep 2012
    Posts
    11
    Rep Power
    3

    Default

    I had been running zcs v7 (on Ubuntu 8.04 32bit) for a year at home on an ESX VM. I had cbpolicyd and the webui working.
    I recently updated my architecture to zcs v8.0.4 (on Ubuntu 12 64bit) running as a VM on XenServer 6.2 (Open Sourced!).
    I'm scratching my head and pulling my hair out trying to get cbpolicyd working on 8.0.4.
    I've followed this Wiki Postfix Policyd - Zimbra :: Wiki but have not been able to get it to work.
    Apparently I had some activity in the cbpolicyd.log.2.gz 2 days ago that I wasn't even aware of and now no activity in he cbpolicyd.log file. The log sits there and cbpolicyd does nothing as messages come in.
    I was not able to get the webui to work in v8.0.4, so I've exported the sqlite3 tables to Excel so I can try to figure out what is needed (with updates & inserts - I'm ok with SQL).
    I did not insert the "Zimbra CBPolicyd Policies" policy group because I don't understand why I would do that. Is Zimbra coded to act on this policy group id?
    Even after I'd thought I had enabled it (sans the policy above) the PolicyD checkbox in Servers -> <mydomain> -> Services is disabled. Is this normal behavior?
    I don't need greylisting, or accounting. I'm an individual person with a personal domain name, and 2 accounts, myself and my wife, and a distribution list for my dog.
    I want to block as much real spam as I can, I even have pfsense blocking whole country blocks of IP addresses, but that isn't enough.
    I am trying to get header checks for helo, localhost/localdomain blocked, allow internal IPs/networks out, and amavis integration if that even buys me anything.
    Any installation guides or examples of what is working for users out there would be most helpful.
    So I second the sentiment that the documentation is lacking in this area and it would be most welcome. I am running out of hair.
    Daniel

  8. #8
    Join Date
    Sep 2012
    Posts
    11
    Rep Power
    3

    Default

    After much conflaguration I have cbpolicyd working the way I want in ZCS 8.0.4.

    I am not interested in greylisting or quotas but I have HELO and SPF checks working so this is specific to that.

    From the Wiki here How-to for cbpolicyd - Zimbra :: Wiki

    zmprov ms <mta server> +zimbraServiceEnabled cbpolicyd

    And that is all!

    I did not import the Zimbra policy group because I am not doing greylisting or quotas.

    My small server config...

    su - zimbra -c"zmlocalconfig | grep cbpolicyd"

    cbpolicyd_bind_port = 10031
    cbpolicyd_bypass_mode = tempfail
    cbpolicyd_bypass_timeout = 30
    cbpolicyd_cache_file = ${zimbra_home}/data/cache
    cbpolicyd_db_file = ${zimbra_home}/data/cbpolicyd/db/cbpolicyd.sqlitedb
    cbpolicyd_log_detail = tracking,policies,modules,protocols,cache,bizanga
    cbpolicyd_log_file = ${zimbra_log_directory}/cbpolicyd.log
    cbpolicyd_log_level = 4
    cbpolicyd_log_mail = main
    cbpolicyd_max_requests = 500
    cbpolicyd_max_servers = 10
    cbpolicyd_max_spare_servers = 4
    cbpolicyd_min_servers = 2
    cbpolicyd_min_spare_servers = 2
    cbpolicyd_module_accesscontrol = 0
    cbpolicyd_module_accounting = 0
    cbpolicyd_module_amavis = 0
    cbpolicyd_module_checkhelo = 1
    cbpolicyd_module_checkspf = 1
    cbpolicyd_module_greylisting = 0
    cbpolicyd_module_quotas = 0
    cbpolicyd_pid_file = ${zimbra_log_directory}/cbpolicyd.pid
    cbpolicyd_timeout_busy = 120
    cbpolicyd_timeout_idle = 1020

    Set yours accordingly.

    Set the sqlite db to use the default inbound policy only.

    sqlite /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb

    # delete the test policy - not used
    delete from policies where id = 5;

    # disable the unused policies
    update policies set Disabled = 1 where id in (2,4);

    # ensure the default inbound is enabled
    update policies set Disabled = 0 where id = 3;

    # update the Internal IPs policy group members to your LAN network
    update policy_group_members set Member = '192.168.1.0/24', Disabled = 0 where id = 1;

    # update the Internal domain policy group members to your LAN network
    update policy_group_members set Member = '*@yourdomain.com', Disabled = 0 where id = 2;

    # ensure the policy groups are enabled
    update policy_groups set Disabled = 0 where id in (1,2);

    # ensure the policy member for inbound traffic is enabled
    update policy_members set Disabled = 0 where id = 3;

    # set the other policy members to disabled if not used
    update policy_members set Disabled = 1 where id in (2,4);

    # ensure checkhelo is connected to the default inbound policy #3
    insert into checkhelo (PolicyID, Name, UseBlackList, BlacklistPeriod, UseHRP, HRPPeriod, HRPLimit, RejectInvalid, RejectIP, RejectUnresolvable, Disabled) select 3, 'Reject Unknown', 1 ,2419200, 1, 2419200, 5, 1, 1, 1, 0;

    # checkhelo_blacklist should already have 4 members in it. If not, add them.
    ID Helo Comment Disabled
    1 127.0.0.1 Blacklist hosts claiming to be 127.0.0.1 0
    2 [127.0.0.1] Blacklist hosts claiming to be [127.0.0.1] 0
    3 localhost Blacklist hosts claiming to be localhost 0
    4 localhost.localdomain Blacklist hosts claiming to be localhost.localdomain 0

    # checkhelo_whitelist should have these entries in it, adjust for your own LAN segment
    ID Source Comment Disabled
    1 SenderIP:192.168.1.0/24 LAN 0
    2 SenderIP:127.0.0.1/8 Localhost 0

    You'll start seeing SPF checks in the /opt/zimbra/log/cbpolidyd.log and HELO rejections in /var/log/zimbra.log if everything is working.

    I hope this helps.

    Daniel

  9. #9
    Join Date
    Sep 2012
    Posts
    11
    Rep Power
    3

    Default

    Actually, SPF was NOT working until I inserted a record into checkspf table and tied it to the default inbound policy (3)...

    INSERT INTO "checkspf" (PolicyID,Name,UseSPF,RejectFailedSPF,AddSPFHeader ,Comment,Disabled) VALUES (3,"SPF Policy",1,0,1,"CheckSPF Policy",0);

    I also had to adjust the checkhelo to not reject when the helo hostname if it was not resolvable, because lots of legitimate mail comes from helo hostnames that do not.

    update checkhelo set RejectUnresolvable=0 where id = 1;

    This appears to be working however I am getting some errors in cbpolicyd.log like...

    [2013/08/20-13:31:47 - 24186] [CHECKSPF] DEBUG: SPF result: m4.madmimi.com: 75.127.76.235 is authorized to use 'mailman@m4.madmimi.com' in 'mfrom' identity (mechanism 'ip4:75.127.76.224/27' matched)
    [2013/08/20-13:31:47 - 24186] [CORE] INFO: module=CheckSPF, action=pass, host=75.127.76.235, helo=m4.madmimi.com, from=mailman@m4.madmimi.com, to=me@mydomain.com, reason=spf_pass
    Use of uninitialized value $response_data in concatenation (.) or string at /opt/zimbra/cbpolicyd/lib/policyd-2.1/cbp/protocols/Postfix.pm line 136.
    [2013/08/20-13:31:47 - 24186] [PROTOCOL/Postfix] DEBUG: Received PROTO_PASS with response 'DUNNO':''

    Is this something missing in the policy?

  10. #10
    Join Date
    May 2007
    Location
    Zimbra
    Posts
    1,285
    Rep Power
    10

    Default

    Inserting into the checkspf policy is clearly documented:

    Postfix Policyd - Zimbra :: Wiki

    I do not receive any errors.

    Unless you are going to reject though, I don't see much point in doing SPF checking with cbpolicyd, as SA already does this..
    Quanah Gibson-Mount
    Server Architect
    Zimbra, Inc
    --------------------
    Zimbra :: the leader in open source messaging and collaboration

Similar Threads

  1. Missing documentation?
    By emiro in forum Administrators
    Replies: 3
    Last Post: 02-05-2010, 08:12 AM
  2. Missing Import/Export Feature in 5.0.9
    By f4lexluder in forum Migration
    Replies: 1
    Last Post: 02-20-2009, 02:54 PM
  3. Cosmetic 'bug' in the folderview
    By JOlsen in forum Error Reports
    Replies: 1
    Last Post: 08-21-2008, 01:16 AM
  4. iSync - where is feature set description / documentation?
    By glawrie in forum CalDAV / CardDAV / iSync
    Replies: 4
    Last Post: 10-04-2006, 12:06 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •