Using Logwatch Alongside Kerio Connect on Linux
Another problem that was driving me nuts. On the one hand, Logwatch absolutely refuses to send from any other address than
root. No matter which setting you change. It needs to run as
root to get access to all log files. On the other hand, Kerio Connect quite eloquently denies this with
550 5.1.3 Bad address syntax.
What I did is change the way the report gets created and sent.
Open the Logwatch cronjob.
Change the default
logwatch command to the commands below.
/usr/sbin/logwatch --output file --filename /tmp/logwatch --detail high cat /etc/logwatch/header /tmp/logwatch | /opt/kerio/mailserver/sendmail -i -t rm /tmp/logwatch
Writing to /tmp is insecure and only done here because the server is not accessible via SSH for anyone but me. You most certainly want to create a separate folder for the temp file and secure it properly.
Create the header file
/etc/logwatch/header with a simple email header part.
From: email@example.com To: firstname.lastname@example.org Subject: Logwatch for host.example.com (Linux)
Make sure both email addresses are local and active in Kerio. An alias is sufficient for this. This is because unauthenticated clients are not allowed to relay mail, which is a good thing. Also, make sure to leave an empty line at the end.
/etc/cron/etc/cron.daily/00logwatch and check your email.