Analyze Postfix Logs with pflogsumm

Postfix mail server activities are stored in a file called “postfix logs.” This file is located in your Linux system at the /var/log/maillog path. This article is intended to guide you on how to obtain and analyze Postfix mail logs on your mail server. Some different tools are available that are used to analyze the Postfix mail log statistics. First, you will need to install these tools on your system, and then you can use these tools to easily analyze the Postfix logs.

There is a useful tool named pflogsumm. This tool is a Postfix logs analyzer or summarizer. The pflogsumm tool provides an overview of each postfix activity with complete details. It gives a complete summary of the logs, and sometimes gives a detailed report of rejected and bounced emails, errors, server warnings, and panics.

This article will show you how to install pflogsumm and give you a few tips on how to analyze Postfix logs using pflogsumm.

Install pflogsumm on Postfix Mail Server

To install pflogsumm, you first need to download the script. Open the terminal by accessing the ‘Activities’ tab, and from the left sidebar, select the ‘Terminal’ application and open it. First, download the script using the following command:

$ wget https://jimsun.linxnet.com/downloads/pflogsumm-1.1.3.tar.gz

Now, extract the files using the tar command, as follows:

$ tar xvf pflogsumm-1.1.3.tar.gz

Navigate to the ‘pflogsumm-1.1.3’ directory and place it under the location in your defined $path.

$ cd pflogsumm-1.1.3/

$ sudo cp pflogsumm.pl /usr/local/bin/pflogsumm

When you use this script, you just need to type ‘pflogsumm,’ instead of giving an absolute path.

Analyze Postfix Logs Using pflogsumm Tool

The pflogsumm tool will work for all types of Postfix logs. To get the statistics of the Postfix logs, type the following command as root user in the terminal:

# cat /var/log/maillog | pflogsumm | more

The following output screen will be displayed on your terminal:

If you have compressed logs, then use the zcat command instead of the cat command. Some output details can be seen in the screenshot below:

Features of pflogsumm Script

The pflogsumm script provides the following details:

All Messages received, delivered, forwarded, deferred, bounced, and rejected during Postfix services.
Messages in bytes total, both received and delivered.
Sender and recipient summary about hosts, domains, etc.

When you run the pflogsumm script, you will get a complete report of the Postfix logs.

General Commands to Analyze Postfix Logs

Using the following commands, you can easily obtain and analyze the Postfix mail server logs:

Realtime Mail Log Analysis

To see real-time logging of Postfix mail services, using the tail -f command, you can view all the relevant information:

$ tail -f /var/log/maillog

You will see the following output in the terminal:

Press Ctrl+c to exit the output.

Using the grep Command to List Sent Email Postfix Log Entries

Using the following grep command, you can view the list of all sent emails, or get emails from a particular email address:

# grep "[email protected]" /var/log/maillog

# grep "status=sent" /var/log/maillog

Counting Postfix Log Entries

Based on the particular information that you need, you can use the terminal commands to display the various sent emails from the Postfix mail server. In the example provided below, using the grep command, you can view the complete statistics of sent mails:

You will see the following output:

Similarly, to check the statistics of all rejected emails, then using the following command, you can check the log statistics:

# grep reject /var/log/maillog

Conclusion

In this article, you learned how to obtain Postfix mail log statistics and analyze the log using different commands and the pflogsumm script. You also learned how to install the pflogsumm script on your CentOS 8 Linux system. Now, using various shell commands, you can easily analyze your Postfix mail server logs.