How to Read Postfix Log ?
Open a new terminal and read the log continuously:
sudo tail -f /var/log/mail.logWhile reading the log file, open a new terminal on the SMTP server and send a test mail:
swaks --to user1@example1.com --server localhostIf all works as expected your mail.log will show a lot of technical information about the email delivery:
postfix/smtpd[29225]: connect from localhost.localdomain[127.0.0.1]Postfix receives an incoming SMTP connection.postfix/smtpd[29225]: *8BA46A0A3A*: client=localhost.localdomain[127.0.0.1]Postfix assigns a unique identifier (8BA46A0A3A) to this connection so that you see which log lines belong together. This is especially important with busy mail servers where multiple mails are handled in parallel.postfix/cleanup[29233]: 8BA46A0A3A: message-id=20191126153053.029243@example1.com
Swaks created a unique message id to the email which helps you identify specific mails in the log file.
postfix/qmgr[13667]: 8BA46A0A3A: from=root@webmail.example.org, size=485, nrcpt=1 (queue active)The sender wasroot@example.org. This is logged after swaks sent theMAIL FROMline during the SMTP dialog.postfix/smtpd[29225]: disconnect from localhost.localdomain[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5The SMTP communication ends. Postfix has now received and queued the email.dovecot: lmtp(29237): Connect from localPostfix connects to Dovecot to hand over the email via the LMTP interface.dovecot: lmtp(user1@example.com)<29237><2PJTIh033V01cgAARGEcaw>: sieve: msgid=20191126153053.029243@example.org: stored mail into mailbox 'INBOX.test'Dovecot received the email and even evaluated User1’s sieve rule which made the email get stored to thetestfolder of his mailbox.dovecot: lmtp(29237): Disconnect from local: Client has quit the connection (state=READY)The LMTP connection between Postfix and Dovecot is closed.postfix/lmtp[29236]: 8BA46A0A3A: to=user1@example.com, relay=example.com[private/dovecot-lmtp], delay=0.01, delays=0/0/0/0.01, dsn=2.0.0, status=sent (250 2.0.0 user1@example1.com 2PJTIh033V01cgAARGEcaw Saved)This tells you what happened with a certain email. In this case it says that it was handed over todovecot-lmtpand that the delivery was successful (status=sent). The status codes like2.0.0are defined in RFC 3463 and work similar to status codes in HTTP. Codes beginning with "2" are good. Those with "4" are temporary errors. And "5" stands for a permanent failure.
Postfix Log Report
Pflogsumm is a great tool to create a summary of Postfix logs. Install it:
sudo apt install pflogsummGenerate a report for this week:
sudo pflogsumm /var/log/mail.log| Parameter | Description |
|---|---|
-d today | Generate a report for today |
-d yesterday | Generate a report for yesterday |
--problems-first | Add problem reports (bounces, defers, warnings, rejects) before normal stats use |
--rej-add-from | Append the email from address to each listing in the reject report |
--verbose-msg-detail | Show the full reason in reject summaries |
You can add a cron job to make pflogsumm to send a report to your email address every day:
sudo crontab -eAdd the following line, which will generate a report every day at 4:00 am and send it to your email address:
0 4 * * * /usr/sbin/pflogsumm -d yesterday /var/log/mail.log --problems-first --rej-add-from --verbose-msg-detail -q MAILTO="your-email-address"CAREFUL: Make sure to replace your-email-address with your real email address