Monitor Postfix outgoing mail delivery

Question

I'm using GNU Mailman with Postfix to run a mailing list, and would like to monitor the delivery of outgoing mail, that is: for each mail sent from the list, check whether a 250 (OK) message was answered, and if not, report back to me.

For now, I'm doing a quick-and-dirty:

# cat /var/log/syslog | grep "smtp.*to=.*" | grep -v 250

Is there a clean way to monitor smtpd's output?

Surely this must be a [useless use of `cat`](https://en.wikipedia.org/wiki/Cat_%28Unix%29#Useless_use_of_cat)? At the very least you can do `grep "smtp.*to=.*" /var/log/syslog | grep -v 250` — user, Jan 21 '14 at 13:36
Personally I find that crusade a bit pedantic in most contexts and prefer the OP's more readable, modular format — jchook, Nov 02 '19 at 20:18

score 8 · Accepted Answer · edited Apr 21 '15 at 13:41

8

There is no way to monitor the sent mails in a clean way. You can only grep the details from the maillog of postfix.

Here is an example:

log='logfile of postfix'
grep "status=sent" $log | \
egrep -ve 'postfix/(cleanup|pickup|master|qmgr|smtpd|local|pipe)'

And also avoid the logs for dkim etc. If you need the count of mails then pipe on wc -l at the end.

edited Apr 21 '15 at 13:41

rm-vanda

230
2
13

answered Jan 21 '14 at 13:20

mailer

216
1
3

score 3 · Answer 2 · answered Apr 26 '14 at 04:53

3

How about:

multitail -eX "smtp.*to=<(.*)>.*sent.*250" './bin/received' -f /var/log/maillog

./bin/received is a shell script that gets the destination email address as a parameter and does something with it.

answered Apr 26 '14 at 04:53

Guillermo Payet

31
1

score 1 · Answer 3 · edited Aug 03 '17 at 17:51

1

try this

cat /var/log/maillog |grep -v "relay=local" |grep "relay=" |grep "status=sent"

you will find very helpful info here http://en.redinskala.com/postfix-maillog-interpretation/

edited Aug 03 '17 at 17:51

Community

1

answered Oct 19 '16 at 16:16

Christoforos

111
5

Why are you using smart quotes? They won't work. – DavidPostill Oct 19 '16 at 16:53

score 1 · Answer 4 · answered May 09 '23 at 11:57

You can use pflogsumm to get an overview of entries in the logs:

cat /var/log/mail.log | pflogsumm 

Grand Totals
------------
messages

     26   received
     25   delivered
      0   forwarded
      0   deferred
      2   bounced
      0   rejected (0%)
      0   reject warnings
      0   held
      0   discarded (0%)

    752k  bytes received
    751k  bytes delivered
     14   senders
      7   sending hosts/domains
      3   recipients
      3   recipient hosts/domains


Per-Day Traffic Summary
-----------------------
    date          received  delivered   deferred    bounced     rejected
    --------------------------------------------------------------------
    May  7 2023         7          7 
    May  8 2023        11         10          0          2 
    May  9 2023         8          8

Another option is Lightmeter which is able to notify you when something happens, although I cannot recommend it.

score 0 · Answer 5 · answered Jul 26 '19 at 17:19

0

I am watching who sends email through my server with this:

tail -f /var/log/mail.log | grep 'sasl'

It shows who the authenticated user is who's sending.

answered Jul 26 '19 at 17:19

user1182988

162
1
1
8

score 0 · Answer 6 · answered Mar 04 '21 at 10:27

Note that other information than the 250 can still be relevant to what constituted a successful delivery.

For example a successfully sent message that was marked as spam could have a message looking like this:

... status=sent (250 2.0.0 OK DMARC:Quarantine ...)

Monitor Postfix outgoing mail delivery

6 Answers6