Mail Reports

 MAIL Server - Log Reports - pflogsumm

[root@mail ~]# yum -y install postfix-pflogsumm

                      dnf install postfix-perl-scripts -y ->Centos8

# generate log summary for yesterday

[root@mail ~]#  perl /usr/sbin/pflogsumm -d today /var/log/maillog

                         perl /usr/sbin/pflogsumm -d yesterday /var/log/maillog

# /usr/sbin/pflogsumm /var/log/maillog

TAR File

https://jimsun.linxnet.com/downloads/pflogsumm-1.1.5.tar.gz

https://jimsun.linxnet.com/downloads/pflogsumm-1.1.3.tar.gz

yum -y install perl-Date-Calc

cd /usr/local/

curl -O http://jimsun.linxnet.com/downloads/pflogsumm-1.1.3.tar.gz

tar -xzf pflogsumm-1.1.3.tar.gz

mv pflogsumm-1.1.3 pflogsumm

chmod +x pflogsumm/pflogsumm.pl

                            ----------------X-------OR-----------X-------------

yum -y install perl-Date-Calc

cd /usr/local/

curl -O http://jimsun.linxnet.com/downloads/pflogsumm-1.1.5.tar.gz

tar -xzf pflogsumm-1.1.5.tar.gz

mv pflogsumm-1.1.5 pflogsumm

chmod +x pflogsumm/pflogsumm.pl

                                           ------------------------------------------------------

Postfix is blocking my pflogsumm emails

### allow pflogsumm reports through postfix (body_checks file) ### /^ {6,11}[[:digit:]]{1,6}[ km] /    OK

## Skip pflogsumm report lines

/^ {6,11}\d{1,6}[ km] / OK

/^[A-Za-z0-9+\/=]{4,76}$/ OK

/^ {4}blocked using / OK

#################################################################################################################

perl /usr/sbin/pflogsumm -d today /var/log/maillog --problems-first

perl /usr/sbin/pflogsumm -d today /var/log/maillog --rej-add-from

perl /usr/sbin/pflogsumm -d today /var/log/maillog --rej-add-from --verbose-msg-detail

crontab -e

0 4 * * * /usr/sbin/pflogsumm -d yesterday /var/log/mail.log --problems-first --rej-add-from --verbose-msg-detail -q | mutt -s "Postfix log summary" you@example.com

dnf install mutt -y

Postfix Log Report

Pflogsumm is a great tool to create a summary of Postfix logs. Install it on Ubuntu with:

sudo apt install pflogsumm

Use the following command to generate a report for today.

sudo pflogsumm -d today /var/log/mail.log

Generate a report for yesterday.

sudo pflogsumm -d yesterday /var/log/mail.log

If you like to generate a report for this week.

sudo pflogsumm /var/log/mail.log

To emit “problem” reports (bounces, defers, warnings, rejects) before “normal” stats, use --problems-first flag.

sudo pflogsumm -d today /var/log/mail.log --problems-first

To append the email from address to each listing in the reject report, use --rej-add-from flag.

sudo pflogsumm -d today /var/log/mail.log --rej-add-from

To show the full reason in reject summaries, use --verbose-msg-detail flag.

sudo pflogsumm -d today /var/log/mail.log --rej-add-from --verbose-msg-detail

You can add a cron job to make pflogsumm to send a report to your email address every day.

sudo crontab -e

Add the following line, which will generate a report every day at 4:00 AM.

0 4 * * * /usr/sbin/pflogsumm -d yesterday /var/log/mail.log --problems-first --rej-add-from --verbose-msg-detail -q

To receive the report via email, add the following line above all cron jobs.

MAILTO="your-email-address"

You should pay attention to the message reject detail section, where you can see for what reason those emails are rejected and if there’s any false positives. Greylisting rejections are safe to ignore.

If the MAILTO variable has already been set but you want Postfix log summary sent to a different email address, you can put the following line in your Cron job.

0 4 * * * /usr/sbin/pflogsumm -d yesterday /var/log/mail.log --problems-first --rej-add-from --verbose-msg-detail -q | mutt -s "Postfix log summary"  your-email-address

------------------------------------------------------------------------------------------------------------------------------------------------

o install pflogsumm in your Ubuntu, open your terminal with CTRL+ALT+T and type as

sudo apt-get install pflogsumm 

Configuration:

We want pflogsumm to be run by a cron job each day and send the report to postmaster@example.com. Therefore we must configure our system that it writes one mail log file for 24 hours, and afterwards starts the next mail log so that we can feed the old mail log to pflogsumm. Therefore we configure logrotate (that's the program that rotates our system's log files) like this: open /etc/logrotate.conf and append the following stanza to it, after the line # system-specific logs may be configured here:

in terminal do as

sudo -i  nano /etc/logrotate.conf 

then

/var/log/mail.log {     missingok     daily     rotate 7     create     compress     start 0 }

There's a logrotate script in /etc/cron.daily. This script is called everyday between 06:00h and 07:00h. With the configuration we just made, it will copy the current Postfix log /var/log/mail.log to /var/log/mail.log.0 and compress it, and the compressed file will be /var/log/mail.log.0.gz. It will also create a new, empty /var/log/mail.log to which Postfix can log for the next 24 hours.

Now we create the script /usr/local/sbin/postfix_report.sh which invokes pflogsumm and makes it send the report to postmaster@example.com:

nano /usr/local/sbin/postfix_report.sh

script as

#!/bin/sh PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin gunzip /var/log/mail.log.0.gz  pflogsumm /var/log/mail.log.0 | formail -c -I"Subject: Mail Statistics" -I"From: pflogsumm@localhost" -I"To: postmaster@example.com" -I"Received: from www.example.com ([192.168.0.100])" | sendmail postmaster@example.com  gzip /var/log/mail.log.0 exit 0 

We must make this script executable:

chmod 755 /usr/local/sbin/postfix_report.sh

Then we create a cron job which calls the script everyday at 07:00h:

crontab -e

then

0 7 * * * /usr/local/sbin/postfix_report.sh &> /dev/null

This will send the report to postmaster@example.com. It looks like this in an email client:

############################

3 pflogsumm

To install pflogsumm, we run

aptitude install pflogsumm

We want pflogsumm to be run by a cron job each day and send the report to postmaster@example.com. Therefore we must configure our system that it writes one mail log file for 24 hours, and afterwards starts the next mail log so that we can feed the old mail log to pflogsumm. Therefore we configure logrotate (that's the program that rotates our system's log files) like this: open /etc/logrotate.conf and append the following stanza to it, after the line # system-specific logs may be configured here:

vi /etc/logrotate.conf

There's a logrotate script in /etc/cron.daily. This script is called every day between 06:00h and 07:00h. With the configuration we just made, it will copy the current Postfix log /var/log/mail.log to /var/log/mail.log.0 and compress it, and the compressed file will be /var/log/mail.log.0.gz. It will also create a new, empty /var/log/mail.log to which Postfix can log for the next 24 hours.

Now we create the script /usr/local/sbin/postfix_report.sh which invokes pflogsumm and makes it send the report to postmaster@example.com:

vi /usr/local/sbin/postfix_report.sh

#!/bin/sh PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin gunzip /var/log/mail.log.0.gz  pflogsumm /var/log/mail.log.0 | formail -c -I"Subject: Mail Statistics" -I"From: pflogsumm@localhost" -I"To: postmaster@example.com" -I"Received: from www.example.com ([192.168.0.100])" | sendmail postmaster@example.com  gzip /var/log/mail.log.0 exit 0

We must make this script executable:

chmod 755 /usr/local/sbin/postfix_report.sh

Then we create a cron job which calls the script everyday at 07:00h:

crontab -e

This will send the report to postmaster@example.com. It looks like this in an email client:

4 Links

----