postfix: analyse logs using pflogsumm
pflogsumm is a great tool to quickly analyse Postfix log files.
To install it:
// Debian based distros # apt get install pflogsumm
You can also it directly from the creator of the script, just go to ttp://jimsun.linxnet.com/postfix_contrib.html and download if from there
It’s very simple to use, just execute the script and pass as argument the log file you want to analyse:
# pflogsumm /var/log/mail.log.1
Grand Totals
------------
messages
4 received
4 delivered
0 forwarded
0 deferred
0 bounced
2 rejected (33%)
0 reject warnings
0 held
0 discarded (0%)
46247 bytes received
46247 bytes delivered
4 senders
4 sending hosts/domains
2 recipients
2 recipient hosts/domains
Per-Hour Traffic Summary
------------------------
time received delivered deferred bounced rejected
--------------------------------------------------------------------
0000-0100 0 0 0 0 0
0100-0200 0 0 0 0 0
0200-0300 0 0 0 0 0
0300-0400 0 0 0 0 0
0400-0500 0 0 0 0 0
0500-0600 0 0 0 0 0
0600-0700 0 0 0 0 0
0700-0800 0 0 0 0 0
0800-0900 2 2 0 0 2
0900-1000 1 1 0 0 0
1000-1100 1 1 0 0 0
1100-1200 0 0 0 0 0
1200-1300 0 0 0 0 0
1300-1400 0 0 0 0 0
1400-1500 0 0 0 0 0
1500-1600 0 0 0 0 0
1600-1700 0 0 0 0 0
1700-1800 0 0 0 0 0
1800-1900 0 0 0 0 0
1900-2000 0 0 0 0 0
2000-2100 0 0 0 0 0
2100-2200 0 0 0 0 0
2200-2300 0 0 0 0 0
2300-2400 0 0 0 0 0
Host/Domain Summary: Message Delivery
--------------------------------------
sent cnt bytes defers avg dly max dly host/domain
-------- ------- ------- ------- ------- -----------
3 23755 0 1.5 s 1.9 s fakeemailserver.com.uy
1 22492 0 1.4 s 1.4 s fakeemailserver.biz
Host/Domain Summary: Messages Received
---------------------------------------
msg cnt bytes host/domain
-------- ------- -----------
1 9644 restoreehearinggspam.us
1 7621 giiftcardsspam.us
1 6490 fixedloanupspam.us
Senders by message count
------------------------
2 LendingTreePartners@fixedloanupspam.us
1 HolidayGiftIdeas@giiftcardsforyouspam.us
1 NavajoHearingSystem@restoreehearinggspam.us
Recipients by message count
---------------------------
3 test1@fakeemailserver.com.uy
1 test2@fakeemailserver.biz
Senders by message size
-----------------------
9644 NavajoHearingSystem@restoreehearinggspam.us
7621 HolidayGiftIdeas@giiftcardsforyouspam.us
6490 LendingTreePartners@fixedloanupspam.us
Recipients by message size
--------------------------
23755 test1@fakeemailserver.com.uy
22492 test2@fakeemailserver.biz
message deferral detail: none
message bounce detail (by relay): none
message reject detail
---------------------
RCPT
blocked using cbl.abuseat.org (total: 2)
1 49.248.143.218
1 27.20.196.44
message reject warning detail: none
message hold detail: none
message discard detail: none
smtp delivery failures: none
Warnings
--------
smtpd (total: 182)
86 hostname dedic858.hidehost.net does not resolve to address 91.2...
18 unknown[91.200.13.18]: SASL LOGIN authentication failed: UGFzc3...
18 unknown[91.200.13.21]: SASL LOGIN authentication failed: UGFzc3...
18 unknown[91.200.13.6]: SASL LOGIN authentication failed: UGFzc3d...
16 unknown[91.200.13.20]: SASL LOGIN authentication failed: UGFzc3...
16 unknown[91.200.13.5]: SASL LOGIN authentication failed: UGFzc3d...
2 unknown[176.120.37.13]: SASL LOGIN authentication failed: UGFzc...
2 unknown[46.183.221.136]: SASL LOGIN authentication failed: UGFz...
2 hostname ip-13-37-120-176.corp.langate.ua does not resolve to a...
2 hostname ip-221-136.dataclub.biz does not resolve to address 46...
1 unknown[189.126.214.34]: SASL LOGIN authentication failed: VXNl...
1 hostname smtp.ttml.co.in does not resolve to address 49.248.143...
Fatal Errors: none
Panics: none
Master daemon messages: none
Leave a Reply