GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  POSTGREYREPORT (1)

.ds Aq ’

NAME

postgreyreport - Fatal report for Postfix Greylisting Policy Server

CONTENTS

SYNOPSIS

postgreyreport [options...]



 -h, --help                   display this help and exit
     --version                display version and exit

     --user=USER              run as USER (default: postgrey)
     --dbdir=PATH             find db files in PATH (default: /var/db/postgrey)
     --delay=N                report triplets that did not try again after N seconds (default: 300)
     --greylist-text=TXT      text to match on for greylist maillog lines

     --skip_pool              Skip report for subscriber pools ( last 2 octets of IP found in PTR name )
     --skip_dnsbl=RBL         RBL server to query and skip reporting for any listed hosts (SLOW!!)
     --skip_clients=FILE      PTR or IP or REGEXP of clients to skip in report       
     --match_clients=FILE     *ONLY* report if fatal *AND* PTR/IP of client matches
    
     --show_tries             display the number of attempts failed triplets made in first column
     --show_time              show entry time in maillog (single line only)
     --tab                    use tabs as separators for easy cut(1)ting

     --nosingle_line          display sender/recipients grouped by ptr - ip
     --separate_by_subnet=TXT display TXT for every new /24 (ex: "=================\n" )
     --separate_by_ip=TXT     display TXT for every new IP  (ex: "\n")
     --check_sender=LIST      one or more of: mx,mx/24,a,a/24
                              does DNS/A lookups for sender @domain and compares sending IP
                              if match displays "MX" "A" or "MX/24" or "A/24" depending on LIST
 
   Note that --(skip|match)_clients can be specified multiple times and there are no default files.
   Same rules apply as postgreys --whitelist-clients, see postgrey doc for more info.

   --skip_dnsbl can also be specified multiple times to query multiple DNSBL servers.



DESCRIPTION

postgreyreport opens postgrey.db as read-only; reads a maillog via STDIN, extracts the triplets for any Greylisted lines and looks them up in postgrey.db. if the difference in first and last time seen is less than --delay=N then the triplet is considered fatal and displayed to STDOUT

The report sorts by client IP address

    Note:

unless you are using --lookup_by_subnet or excluding all known MTA pools you will likely have false fatal reports for BigISPs. A message that was tried from every IP in SMTP pool before making it through will show up in the report for all of the attempted source IPs

    USAGE

It is best to run postgreyreport against a maillog that is at least several hours old (yesterdays?) ( you be the judge on how old is acceptable ). if you run the report against a live maillog you are not giving legit MTA’s enough time to try again and you will have lots of inaccurate information.
o Ex usage:



        zcat /var/log/maillog.0.gz | ./postgreyreport [options] > postgreyreport.log

        or
       
        zcat /var/log/maillog.0.gz | \
        ./postgreyreport --nosingle_line --check_sender=mx,a \
        --separate_by_subnet=":==================\n"
        # 94 "=" total, some were omitted for clarity



o Ex Output: ( POD wrapping will mess this up, view source )



 :============================================================================================
 unknown                 4.29.43.31
                    marissa_mcclendonuu@abit.com.tw                      user1@recipient1.com
                            jake_meyerdt@ali.com.tw                      user2@recipient1.com
                        jenny_banks_sh@translate.ru                      user1@recipient2.com
                              rvazquezpo@ali.com.tw                      user3@recipient1.com
                                 aep@notimexico.com                      user2@recipient1.com 
                    brittneystanley_ei@cetra.org.tw                      user2@recipient1.com 
                            brendasheehan_cw@lib.ru                      user2@recipient1.com 
 :============================================================================================
 lsanca1-ar5-127-189.biz.dsl.gtei.net      4.33.127.189
    A      fokkensr@lsanca1-ar5-127-189.biz.dsl.gtei.net                 user2@recipient1.com
                      
                       cyxlfrfwciercu@publicist.com                      user3@recipient4.com 
 :============================================================================================
 smtpout.mac.com       17.250.248.83
                             do_not_reply@apple.com                      user4@recipient5.com

 smtpout.mac.com       17.250.248.88
   MX                             legituser@mac.com                      user6@recipient7.com
 :============================================================================================



HISTORY

1.14.3 20100321



  Some additions, Leonard den Ottolander <leonard.den.ottolander.nl>
  New option: --tab   Use tabs as separator in single line mode
  New option: --show_time   Show entry time in maillog in single line mode



1.14.2 20040715



  BUGFIX: (automatic) lookup-by-subnet support was broken, fixed.
  BUGFIX: corrected a few spelling errors
  new Option: --skip_pool   Skip report for subscriber pools



1.14.1 20040712



  Changed --return-string to --greylist-text to match postgrey
  new Option: --skip_clients=FILE
  new Option: --match_clients=FILE
  new Option: --skip_dnsbl=RBL.DNS.NAME
  All 3 of the new options can be specified multiple times.
  Updated do_*_subsititions again to match postgrey



1.11.1 20040701



  missing keys from DB are considered fatal triplets and included in report
  Changed --delay testing from "greater than" to "greater than or equal to"
  Fixed --help and --man switches
  Removed setuid Notice



1.6.4 20040618



  Initial Public Version (postgrey/contrib)



AUTHOR

Tom Baker <tbaker@bakerfl.org>
Search for    or go to Top of page |  Section 1 |  Main Index


perl v5.20.3 POSTGREYREPORT (1) 2016-04-04

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.