There is a new version of this tutorial available for Debian 5 (Lenny).

Postfix Monitoring With Mailgraph And pflogsumm - Page 2

This tutorial exists for these OS versions

On this page

  1. 3 Ubuntu Dapper Drake (6.06 LTS)
    1. 3.1 Mailgraph
    2. 3.2 pflogsumm

3 Ubuntu Dapper Drake (6.06 LTS)

 

3.1 Mailgraph

To install Mailgraph, we run

apt-get install rrdtool mailgraph

Ubuntu doesn't ask us questions. Nevertheless, we have to make the differentiation if we use a content filter like amavisd in Postfix or not. Open /etc/default/mailgraph:

vi /etc/default/mailgraph

If you use a content filter like amavisd, the file should have the following contents:

MAIL_LOG=/var/log/mail.log
IGNORE_LOCALHOST=true

If you don't, then it should look like this:

MAIL_LOG=/var/log/mail.log
IGNORE_LOCALHOST=false

Ubuntu doesn't create the system startup links for Mailgraph automatically, so we do it now:

update-rc.d mailgraph defaults

Also, we have to start Mailgraph now:

/etc/init.d/mailgraph start

Now we must copy the mailgraph.cgi script (which draws the graphs and creates the output for our web browsers) to the cgi-bin directory of our www.example.com web site:

cp -p /usr/lib/cgi-bin/mailgraph.cgi /var/www/www.example.com/cgi-bin

The script is already executable, so we don't need to chmod it. If you use suExec for the www.example.com web site, you must chown mailgraph.cgi to the appropriate owner and group.

Now direct your browser to http://www.example.com/cgi-bin/mailgraph.cgi, and you should see some graphs. Of course, there must be some emails going through your system before you see the first results, so be patient.

 

3.2 pflogsumm

The pflogsumm part is exactly the same as for Debian Sarge:

To install pflogsumm, we run

apt-get install pflogsumm 

We want pflogsumm to be run by a cron job each day and send the report to [email protected]. Therefore we must configure our system that it writes one mail log file for 24 hours, and afterwards starts the next mail log so that we can feed the old mail log to pflogsumm. Therefore we configure logrotate (that's the program that rotates our system's log files) like this: open /etc/logrotate.conf and append the following stanza to it, after the line # system-specific logs may be configured here:

vi /etc/logrotate.conf
/var/log/mail.log {
    missingok
    daily
    rotate 7
    create
    compress
    start 0
}

There's a logrotate script in /etc/cron.daily. This script is called everyday between 06:00h and 07:00h. With the configuration we just made, it will copy the current Postfix log /var/log/mail.log to /var/log/mail.log.0 and compress it, and the compressed file will be /var/log/mail.log.0.gz. It will also create a new, empty /var/log/mail.log to which Postfix can log for the next 24 hours.

Now we create the script /usr/local/sbin/postfix_report.sh which invokes pflogsumm and makes it send the report to [email protected]:

vi /usr/local/sbin/postfix_report.sh
#!/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
gunzip /var/log/mail.log.0.gz

pflogsumm /var/log/mail.log.0 | formail -c -I"Subject: Mail Statistics" -I"From: pflogsumm@localhost" -I"To: [email protected]" -I"Received: from www.example.com ([192.168.0.100])" | sendmail [email protected]

gzip /var/log/mail.log.0
exit 0

We must make this script executable:

chmod 755 /usr/local/sbin/postfix_report.sh

Then we create a cron job which calls the script everyday at 07:00h:

crontab -e
0 7 * * * /usr/local/sbin/postfix_report.sh &> /dev/null

This will send the report to [email protected].

Share this page:

2 Comment(s)