wiki:PostfixLogTools

Version 17 (modified by Vincent Caron, 10 years ago) (diff)

--

Postfix Log tools

  1. Poststat
  2. Mrejzr

Poststat

A static HTML file (source:/postfix-logtools/html/index.html), with the help of the flotr JS graphing library, prints statistics harvested daily by a Perl script (source:/postfix-logtools/poststat).

package

# echo 'deb http://deb.bearstech.com postfix-logtools/' > /etc/apt/sources.list.d/bearstech-postfix-logtools.list
# aptitude update
# aptitude install poststat

Mrejzr

mrejzr is a simple script that parses postfix logs to look for rejected SMTP connections, and outputs them along with their reasons and occurence numbers.

It is usefull to monitor misconfigured email servers which you reject mails from, (so you may whitelist them to solve the problem), people mistyping email addresses without knowing, DNSBL rejections, etc...

It can outputs in different formats, including your own:

  • XHTML
  • 80 columns-wide formatted text (great as console output)
  • raw space-separated fields
  • your own template

Results can be filtered by domains.

Debian package

# echo 'deb http://deb.bearstech.com postfix-logtools/' > /etc/apt/sources.list.d/postfix-logtools.list
# aptitude update
# aptitude install mrejzr

Output examples

Text format (default or -t text option):

                === Rejected SMTP Connections ===

Note: Domains & emails may be truncated.


Occ. Errortype  Origin               From                      To                 
--------------------------------------------------------------------------------

  11 EIRAD  92.102.xx.xx     tryopenrelay@idontknow.t  someone@somewhere.tld    
   2 ERAR   92.102.xx.xx     guessusernames@idontknow  ghost@correctdomain.tld     


Legend
------
EHHNF   Remote server sent a non-existant domain name with 'Helo' command
EHFQDN  Remote server sent an uncomplete domain name with the 'Helo' command
EHFY    Remote server pretends to be your own mailserver
ERBL    Remote server is blacklisted as a SPAM/HAM server by a DNSBL list
ERAR    Destination email address does not exist
ESAR    Sender email address' domain name does not exist
EIRAD   Remote server tried to relay mails by your server but is not allowed to
EORAD   Local user did not authenticate properly

XHTML with provided template (-t xhtml-standalone):

mrejzr xhtml template

Attachments (2)

Download all attachments as: .zip