> -----Original Message----- > From: owner-postfix-us...@postfix.org [mailto:owner-postfix- > us...@postfix.org] On Behalf Of Stan Hoeppner > Sent: Sunday, August 01, 2010 12:26 AM > To: postfix-users@postfix.org > Subject: Re: Log file checking > > Mark Scholten put forth on 7/31/2010 11:00 AM: > > > Any ideas if there are ready to use scripts for this part? > > If you give us your exact requirement, instead of the vague "I want to > get > certain information", one of us might be able to hack up a simple shell > script, or even a single bash line, to do what you want. Keep in mind > however, that you're probably not going to get "everything" on a single > line. > If you do it won't be legible.
To be as clear as possible: I want the following information (per day or per hour, it should be possible to exclude email addresses or to only get information for certain email addresses): - Number of email attempts made by other systems - Number of messages blocked based on the HELO requirements (I have a few regexp lines with blocked HELOs (botnets/spammers)) - Number of connections greylisted (we use postgrey) - Number of attempts for an invalid recipient - Number of messages blocked based on blacklists - Number of messages blocked by content filter (not really important) - Number of messages accepted (not blocked at any stage) I now have a few commands that I use to get something like this (however based on the actual numbers I think something is wrong). Currently used commands: cat /var/log/mail.log | grep -v "double-bou...@spamfilter01.streamservice.nl" | grep -v 127.0.0.1 | grep "Jul 31" | grep "Helo command rejected" | wc -l cat /var/log/mail.log | grep -v "double-bou...@spamfilter01.streamservice.nl" | grep -v 127.0.0.1 | grep "Jul 31" | grep -v "Helo command rejected" | grep "action=greylist" | wc -l cat /var/log/mail.log | grep -v "double-bou...@spamfilter01.streamservice.nl" | grep -v 127.0.0.1 | grep "Jul 31" | grep -v "Helo command rejected" | grep -v "action=greylist" | grep 550 | grep -i "recipient address rejected" | wc -l cat /var/log/mail.log | grep -v "double-bou...@spamfilter01.streamservice.nl" | grep -v 127.0.0.1 | grep "Jul 31" | grep -v "Helo command rejected" | grep -v "action=greylist" | grep -vi "recipient address rejected" | grep 550 | grep -i "Your MTA is listed in too many DNSBLs" | wc -l cat /var/log/mail.log | grep -v "double-bou...@spamfilter01.streamservice.nl" | grep "Jul 31" | grep "relay=127.0.0.1\[127.0.0.1\]\:10024" | grep -v SPAM | wc -l cat /var/log/mail.log | grep -v "double-bou...@spamfilter01.streamservice.nl" | grep "Jul 31" | grep "relay=127.0.0.1\[127.0.0.1\]\:10024" | grep SPAM | wc -l There is probably a better/faster way to get this information I guess. These lines probably have a few mistakes in it (at least I guess they have). > > In the mean time, take a look at pflogsumm, a simple log summary > generator for > Postfix: > http://jimsun.linxnet.com/postfix_contrib.html I did check pflogsumm, however most information isn't provided by pflogsumm (same for awstats). At least not with the package debian provides. > > Debian distros have a pflogsumm package, other distros may as well. > > -- > Stan -- Mark
