homelab/Mailcow-Zabbix-Monitoring
1
0
Fork 0
mirror of https://github.com/linuser/Mailcow-Zabbix-Monitoring.git synced 2026-03-27 07:22:32 +01:00
Code Issues Projects Releases Packages Wiki Activity
Complete Zabbix monitoring for Mailcow-Dockerized — 246 metrics, 71 triggers, 19 dashboards. Postfix, Dovecot, Rspamd, ClamAV, Docker, TLS, DNS, Security Audit & more. Zero privileges for Zabbix Agent.
5 commits 1 branch 0 tags 127 KiB
  • Python 55%
  • Shell 45%
Find a file
Exact
Alexander Fox 25c314a4b4 Create mailcow-grafana-dashboard.json
2026-02-26 01:12:30 +01:00
Grafana Create mailcow-grafana-dashboard.json 2026-02-26 01:12:30 +01:00
scripts up2 2026-02-18 13:40:38 +01:00
templates bug-dashboards 2026-02-18 22:04:48 +01:00
.gitattributes Initial commit 2026-02-18 10:22:28 +01:00
CHANGELOG.md initial 2026-02-18 12:53:14 +01:00
install.sh up2 2026-02-18 13:40:38 +01:00
LICENSE up2 2026-02-18 13:40:38 +01:00
mailcow-monitor.service initial 2026-02-18 12:53:14 +01:00
mailcow-monitor.timer initial 2026-02-18 12:53:14 +01:00
MAILCOW-MONITORING-DOKU.md up2 2026-02-18 13:40:38 +01:00
mailcow-zabbix.conf up2 2026-02-18 13:40:38 +01:00
README.de.md up2 2026-02-18 13:40:38 +01:00
README.md up2 2026-02-18 13:40:38 +01:00
test-complete.sh up2 2026-02-18 13:40:38 +01:00
uninstall.sh up2 2026-02-18 13:40:38 +01:00

README.md

Mailcow Monitoring v1.0 for Zabbix

Complete monitoring solution for Mailcow-Dockerized with Zabbix Agent 2. 246 metrics, 71 triggers, 19 dashboards — secure by design, installed in 5 minutes.

🇩🇪 Deutsche Version | 🇩🇪 Ausführliche Dokumentation

Architecture

systemd timer (60s) → mailcow-collector.py (root)
  → /var/tmp/mailcow-monitor.json (chmod 644)
    → Zabbix Agent 2 (zabbix user) → mailcow-reader.sh → reads JSON

The collector runs as root (needs Docker/MySQL access) and writes metrics to a world-readable JSON file. The Zabbix Agent only reads that file — no Docker access, no sudo, no UnsafeUserParameters required.

What's Monitored

Module Metrics Description
Postfix 16 Queue, connections, deferred/bounced, SASL failures
Postfix Logs 11 Relay denied, RBL rejects, TLS errors, quota warnings
Postscreen 9 Pass/reject/DNSBL/pregreet (auto-detected)
Dovecot 10 Connections, login failures, IMAP disconnects
Rspamd 14 Spam/ham ratio, reject rate, greylist, actions
Rspamd Bayes 5 Training status: untrained → low → good → excellent
Security 13 Fail2ban, RBL blacklist, DNS records, open relay
Security Audit 6 DANE/TLSA, MTA-STS, TLS-RPT, BIMI — score 0-7
Disk 15 Root, Docker, vmail, log partitions
Mailboxes & Domains 10 Quota usage, top 5 mailboxes
Mailflow 28 Received/delivered/bounced + anomaly detection
ClamAV 8 Signature age, DB version, scan status
Watchdog 18 Health status for all 15 Mailcow services
Docker 7+LLD CPU, RAM, restarts per container
TLS/Certificates 10 HTTPS, IMAPS, Submission — days until expiry
Backup 9 Age, size, count, missing backups
+ 6 more ... SOGo, Quarantine, Queue Age, Sync Jobs, Updates, Aliases

Total: 246 UserParameters · 303 template items · 71 triggers · 19 dashboards

Key Features

Anomaly Detection

Instead of fixed thresholds, 5 baseline triggers use trendavg() to learn what's normal over a week and alert on deviations:

Metric Spike Drop
Received >5× weekly avg <20% weekly avg
Rejected >10× weekly avg
Bounced >5× weekly avg
Deferred >5× weekly avg

Security Audit Score (0-7)

Checks SPF, DKIM, DMARC plus DANE/TLSA, MTA-STS, TLS-RPT and BIMI. Trigger alerts when score drops below 3.

Low-Level Discovery

4 LLD rules automatically discover and monitor all domains, mailboxes, sync jobs and Docker containers individually.

Requirements

  • Mailcow-Dockerized (running)
  • Zabbix Server + Zabbix Agent 2
  • Zabbix 7.0
  • Python 3, git, dig (dnsutils), openssl, netcat
  • pflogsumm (apt install pflogsumm)

Installation

git clone https://github.com/linuser/Mailcow-Zabbix-Monitoring.git
cd Mailcow-Zabbix-Monitoring
sudo ./install.sh

Then in Zabbix:

  1. Data collection → Templates → Import → select templates/mailcow-complete-monitoring.yaml
  2. Link template to your Mailcow host: "Mailcow Complete Monitoring v1.0"
  3. Wait 510 minutes for dashboards to populate

Verify

sudo ./test-complete.sh

Force Immediate Data

systemctl start mailcow-monitor.service    # fresh JSON
systemctl restart zabbix-agent2             # force re-check

File Structure

mailcow-monitoring/
├── install.sh                        # Installer
├── uninstall.sh                      # Uninstaller
├── mailcow-zabbix.conf               # 246 UserParameters
├── test-complete.sh                  # Validation script (246 keys)
├── templates/
│   └── mailcow-complete-monitoring.yaml  # Zabbix 7.0 template
├── scripts/
│   ├── mailcow-collector.py          # Main collector (22 modules)
│   ├── mailcow-reader.sh             # JSON reader
│   ├── check_dns.sh                  # DNS (SPF/DKIM/DMARC)
│   ├── check_tls.sh                  # TLS/certificate checks
│   ├── check_rbl.sh                  # RBL blacklist check
│   ├── check_ptr.sh                  # PTR record check
│   ├── check_open_relay.sh           # Open relay check
│   ├── check_security_audit.sh       # DANE/MTA-STS/TLS-RPT/BIMI
│   ├── dovecot_check.sh              # Dovecot stats
│   ├── sync_jobs_check.sh            # IMAP sync jobs
│   ├── postfix_stats_docker.sh       # Postfix queue stats
│   └── postfix_log_analysis.sh       # Postfix logs + Postscreen
├── mailcow-monitor.service           # systemd oneshot
├── mailcow-monitor.timer             # systemd timer (60s)
├── LICENSE                           # GPLv3
├── CHANGELOG.md
├── MAILCOW-MONITORING-DOKU.md        # Detailed docs (German)
├── README.md                         # This file
└── README.de.md                      # German README

Uninstall

sudo ./uninstall.sh

License

GPLv3 — code must remain open source and the original author must be credited. See LICENSE for details.

© 2026 Alexander Fox | PlaNet Fox — Created with Open Source and ❤