This guide is intended to show you How to get Postfix Mail Statistics from Logs on your mail server. I assume you have the logs on the local Postfix server. If the mail logs are on a different server, then the tool to be used will need to be installed on that server.

How to get Postfix Mail Statistics from Logs

There is an awesome tool already in existence that we can use for this task, the name is Pflogsumm.

Pflogsumm is a log analyzer/summarizer for the Postfix MTA. It is
designed to provide an overview of Postfix activity, with just enough
detail to give the administrator a “heads up” for potential trouble
spots and fixing any SMTP and email related issues.

Pflogsumm generates summaries and, in some cases, detailed reports of
mail server traffic volumes rejected and bounced email and server
warnings, errors, and panics.

Installing Pflogsumm on Postfix SMTP Server

The installation of Pflogsumm is just a matter of downloading the script and placing it under location on your $PATH. Specific commands to use for installation are:

wget https://jimsun.linxnet.com/downloads/pflogsumm-1.1.3.tar.gz
tar xvf pflogsumm-1.1.3.tar.gz 
cd pflogsumm-1.1.3/
sudo cp pflogsumm.pl /usr/local/bin/pflogsumm

To use the script, you just have to type the command pflogsumm instead of an absolute path to the pflogsumm.pl script.

Note that Pflogsumm.pl requires the Date::Calc module, which can be obtained here.

Using Pflogsumm to get Postfix statistics

Now that you have Pflogsumm.pl script installed, let’s look at how you’ll use the script.

The script will work for both rotated postfix logs are normal logs that have not been rotated. For compressed logs, you need to use commands like zcat and pipe the output to the pflogsumm command.

# cat /var/log/maillog | pflogsumm | more

Grand Totals
------------
messages

999 received
1693 delivered
0 forwarded
54 deferred (970 deferrals)
28 bounced
2120 rejected (55%)
0 reject warnings
0 held
0 discarded (0%)

266311k bytes received
644m bytes delivered
138 senders
85 sending hosts/domains
411 recipients
141 recipient hosts/domains
.....

For compressed, use zcat instead of cat command.

# zcat /var/log/maillog-20230318.gz | pflogsummm|more
Grand Totals
------------
messages

65214 received
 162517 delivered
 0 forwarded
 5996 deferred (59578 deferrals)
 11444 bounced
 43661 rejected (21%)
 0 reject warnings
 0 held
 0 discarded (0%)

15001m bytes received
 25240m bytes delivered
 3684 senders
 975 sending hosts/domains
 71464 recipients
 11128 recipient hosts/domains
....

There will be a slight delay, unlike the cat command. Remove the last more command to get all the data printed to stdout.

The pflogsumm.pl script provides:

  • The total number of:
    • Messages received, delivered, forwarded, deferred, bounced and rejected
    • Bytes in messages received and delivered
    • Sending and Recipient Hosts/Domains
    • Senders and Recipients
    • Optional SMTPD totals for the number of connections, number of hosts/domains connecting, average connect time and total connect time
  • Per-Day Traffic Summary (for multi-day logs)
  • Per-Hour Traffic (daily average for multi-day logs)
  • Optional Per-Hour and Per-Day SMTPD connection summaries
  • Sorted in descending order:
    • Recipient Hosts/Domains by message count, including:
      • Number of messages sent to recipient host/domain
      • Number of bytes in messages
      • Number of defers
      • Average delivery delay
      • Maximum delivery delay
    • Sending Hosts/Domains by the message and byte count
    • Optional Hosts/Domains SMTPD connection summary
    • Senders by message count
    • Recipients by message count
    • Senders by message size
    • Recipients by message size

    with an option to limit these reports to the top nn.

  • A Semi-Detailed Summary of:
    • Messages deferred
    • Messages bounced
    • Messages rejected
  • Summaries of warnings, fatal errors, and panics
  • Summary of master daemon messages
  • Optional detail of messages received, sorted by domain, then sender-in-domain, with a list of recipients-per-message.
  • The optional output of “mailq” run

Recommended Linux Books  to read:

RELATED ARTICLESMORE FROM AUTHOR

2 COMMENTS

  1. Great article, thank you. One small quibble, the sentence “Remove the last “more” command to get all the data printed to stdout.” is misplaced. The screen with the “cat” command has the last “more” command, whereas the “zcat” screen does not.

LEAVE A REPLY

Please enter your comment!
Please enter your name here