postfix: анализировать журналы, используя pflogsumm

by itisgood

pflogsumm – отличный инструмент для быстрого анализа файлов журнала Postfix.

Чтобы установить его:

// Debian based distros
# apt get install pflogsumm

Вы также можете это сделать непосредственно от создателя скрипта, просто зайдите в http://jimsun.linxnet.com/postfix_contrib.html и скачайте

Он очень прост в использовании, просто выполните скрипт и передайте в качестве аргумента файл журнала, который вы хотите проанализировать:

# pflogsumm /var/log/mail.log.1

Grand Totals
------------
messages

      4   received
      4   delivered
      0   forwarded
      0   deferred
      0   bounced
      2   rejected (33%)
      0   reject warnings
      0   held
      0   discarded (0%)

  46247   bytes received
  46247   bytes delivered
      4   senders
      4   sending hosts/domains
      2   recipients
      2   recipient hosts/domains


Per-Hour Traffic Summary
------------------------
    time          received  delivered   deferred    bounced     rejected
    --------------------------------------------------------------------
    0000-0100           0          0          0          0          0
    0100-0200           0          0          0          0          0
    0200-0300           0          0          0          0          0
    0300-0400           0          0          0          0          0
    0400-0500           0          0          0          0          0
    0500-0600           0          0          0          0          0
    0600-0700           0          0          0          0          0
    0700-0800           0          0          0          0          0
    0800-0900           2          2          0          0          2
    0900-1000           1          1          0          0          0
    1000-1100           1          1          0          0          0
    1100-1200           0          0          0          0          0
    1200-1300           0          0          0          0          0
    1300-1400           0          0          0          0          0
    1400-1500           0          0          0          0          0
    1500-1600           0          0          0          0          0
    1600-1700           0          0          0          0          0
    1700-1800           0          0          0          0          0
    1800-1900           0          0          0          0          0
    1900-2000           0          0          0          0          0
    2000-2100           0          0          0          0          0
    2100-2200           0          0          0          0          0
    2200-2300           0          0          0          0          0
    2300-2400           0          0          0          0          0

Host/Domain Summary: Message Delivery
--------------------------------------
 sent cnt  bytes   defers   avg dly max dly host/domain
 -------- -------  -------  ------- ------- -----------
      3    23755        0     1.5 s    1.9 s  fakeemailserver.com.uy
      1    22492        0     1.4 s    1.4 s  fakeemailserver.biz

Host/Domain Summary: Messages Received
---------------------------------------
 msg cnt   bytes   host/domain
 -------- -------  -----------
      1     9644   restoreehearinggspam.us
      1     7621   giiftcardsspam.us
      1     6490   fixedloanupspam.us

Senders by message count
------------------------
      2   LendingTreePartners@fixedloanupspam.us
      1   HolidayGiftIdeas@giiftcardsforyouspam.us
      1   NavajoHearingSystem@restoreehearinggspam.us

Recipients by message count
---------------------------
      3   test1@fakeemailserver.com.uy
      1   test2@fakeemailserver.biz

Senders by message size
-----------------------
   9644   NavajoHearingSystem@restoreehearinggspam.us
   7621   HolidayGiftIdeas@giiftcardsforyouspam.us
   6490   LendingTreePartners@fixedloanupspam.us

Recipients by message size
--------------------------
  23755   test1@fakeemailserver.com.uy
  22492   test2@fakeemailserver.biz

message deferral detail: none

message bounce detail (by relay): none

message reject detail
---------------------
  RCPT
    blocked using cbl.abuseat.org (total: 2)
           1   49.248.143.218
           1   27.20.196.44

message reject warning detail: none

message hold detail: none

message discard detail: none

smtp delivery failures: none

Warnings
--------
  smtpd (total: 182)
        86   hostname dedic858.hidehost.net does not resolve to address 91.2...
        18   unknown[91.200.13.18]: SASL LOGIN authentication failed: UGFzc3...
        18   unknown[91.200.13.21]: SASL LOGIN authentication failed: UGFzc3...
        18   unknown[91.200.13.6]: SASL LOGIN authentication failed: UGFzc3d...
        16   unknown[91.200.13.20]: SASL LOGIN authentication failed: UGFzc3...
        16   unknown[91.200.13.5]: SASL LOGIN authentication failed: UGFzc3d...
         2   unknown[176.120.37.13]: SASL LOGIN authentication failed: UGFzc...
         2   unknown[46.183.221.136]: SASL LOGIN authentication failed: UGFz...
         2   hostname ip-13-37-120-176.corp.langate.ua does not resolve to a...
         2   hostname ip-221-136.dataclub.biz does not resolve to address 46...
         1   unknown[189.126.214.34]: SASL LOGIN authentication failed: VXNl...
         1   hostname smtp.ttml.co.in does not resolve to address 49.248.143...

Fatal Errors: none

Panics: none

Master daemon messages: none

You may also like

Leave a Comment