This guide is intended to show you How to get Postfix Mail Statistics from Logs on your mail server. I assume you have the logs on the local Postfix server. If the mail logs are on a different server, then the tool to be used will need to be installed on that server.
How to get Postfix Mail Statistics from Logs
There is an awesome tool already in existence that we can use for this task, the name is Pflogsumm.
Pflogsumm is a log analyzer/summarizer for the Postfix MTA. It is
designed to provide an overview of Postfix activity, with just enough
detail to give the administrator a “heads up” for potential trouble
spots and fixing any SMTP and email related issues.
Pflogsumm generates summaries and, in some cases, detailed reports of
mail server traffic volumes rejected and bounced email and server
warnings, errors, and panics.
Installing Pflogsumm on Postfix SMTP Server
The installation of Pflogsumm is just a matter of downloading the script and placing it under location on your $PATH. Specific commands to use for installation are:
# wget https://jimsun.linxnet.com/downloads/pflogsumm-1.1.3.tar.gz # tar xvf pflogsumm-1.1.3.tar.gz # cd pflogsumm-1.1.3/ # cp pflogsumm.pl /usr/local/bin/pflogsumm
To use the script, you just have to type the command pflogsumm instead of an absolute path to the pflogsumm.pl script.
Note that Pflogsumm.pl requires the Date::Calc module, which can be obtained here.
Using Pflogsumm to get Postfix statistics
Now that you have Pflogsumm.pl script installed, let’s look at how you’ll use the script.
The script will work for both rotated postfix logs are normal logs that have not been rotated. For compressed logs, you need to use commands like zcat and pipe the output to the pflogsumm command.
# cat /var/log/maillog | pflogsumm | more Grand Totals ------------ messages 999 received 1693 delivered 0 forwarded 54 deferred (970 deferrals) 28 bounced 2120 rejected (55%) 0 reject warnings 0 held 0 discarded (0%) 266311k bytes received 644m bytes delivered 138 senders 85 sending hosts/domains 411 recipients 141 recipient hosts/domains .....
For compressed, use zcat instead of cat command.
# zcat /var/log/maillog-20180318.gz | pflogsumm Grand Totals ------------ messages 65214 received 162517 delivered 0 forwarded 5996 deferred (59578 deferrals) 11444 bounced 43661 rejected (21%) 0 reject warnings 0 held 0 discarded (0%) 15001m bytes received 25240m bytes delivered 3684 senders 975 sending hosts/domains 71464 recipients 11128 recipient hosts/domains ....
There will be a slight delay, unlike the cat command. Remove the last more command to get all the data printed to stdout.
The pflogsumm.pl script provides:
- The total number of:
- Messages received, delivered, forwarded, deferred, bounced and rejected
- Bytes in messages received and delivered
- Sending and Recipient Hosts/Domains
- Senders and Recipients
- Optional SMTPD totals for the number of connections, number of hosts/domains connecting, average connect time and total connect time
- Per-Day Traffic Summary (for multi-day logs)
- Per-Hour Traffic (daily average for multi-day logs)
- Optional Per-Hour and Per-Day SMTPD connection summaries
- Sorted in descending order:
- Recipient Hosts/Domains by message count, including:
- Number of messages sent to recipient host/domain
- Number of bytes in messages
- Number of defers
- Average delivery delay
- Maximum delivery delay
- Sending Hosts/Domains by the message and byte count
- Optional Hosts/Domains SMTPD connection summary
- Senders by message count
- Recipients by message count
- Senders by message size
- Recipients by message size
with an option to limit these reports to the top nn.
- Recipient Hosts/Domains by message count, including:
- A Semi-Detailed Summary of:
- Messages deferred
- Messages bounced
- Messages rejected
- Summaries of warnings, fatal errors, and panics
- Summary of master daemon messages
- Optional detail of messages received, sorted by domain, then sender-in-domain, with a list of recipients-per-message.
- The optional output of “mailq” run
