Postfix log analyzer

As requested by several users I would like to be able to offer a webbased login for some users so they can review mail logs. These are all admins, so the privacy consideration is of no concern really. I found really good reviews on Mailwatch with Mailscanner for this, but I think mailscanner would essentially destroy ISPConfig, and that's something I want to avoid. There's also pflogsumm, but that is a but too sparse.

So my question is; Do any of you have good experiences with some kind of postfix smtp log analyzer? If so, which one? I will be using it on a debian 12 server. Is AWstats any good for this?

 

Just push the logs to an ELK Stack and create a Dashboard. Thats what we are doing

 

By far the easiest way to manage spam is using Proxmox Mail Gateway. It's FOSS so it's free. It's also add's considerable redundancy to your email since it will hold your mailq if ISPConfig server goes down.
In the Configuration add Mail Proxy default relay address 'localhost' (and your ISPconfig server address for Relay Domain and Transport.) Give mail proxy lower priority in DNS and That's it.
After that you can add as many users in the proxy panel as you like.

 

That's an false assumption. The mailq is not lost even if i hard reset the mailserver.

This adds alot of heavy weight on a already fully capable and working mailserver which ISPConfig already provides.

 

This is such a weird development I see a lot these days. Adding product upon product upon product. I you're unlucky they'll even add it using python and docker and hyper-vm, as if things were not already perfectly fine just using postfix on an oldschool server config, looking at what THAT can do for you why would I need more? Seriously, proxmox is nice stuff, but not for email.

And by the way, I wasn't looking to manage spam. I was looking for a postfix log viewer/parser. Something like this: https://github.com/drlight17/mta-log-parser

 

Well i don't use it but i'm sure it is not a bad piece of software. But it makes no sense to me stacking two products together that almost 1:1 provide the same solution.

 

If your ISPconfig is down I promise you it's mailq is also down.

 

True but not lost and the same will happen with Proxmox Mail. But it usually is not a problem if your mailserver is down for some time as an sane mailserver will just try to resend the mail again some time later - usually up to 72 hours.

 

You usually make sense but there is a good reason why ppl want a backup (read second) DNS server. Same reason applies to MX server. I don't really think of it as a spam snake. I think of it as a backup MX server that is located somewhere else. Same with our backups. Local Proxmox Backup Server and off-site PBS that clones the local one periodically.

...and I sleep like a baby

 

Couple of years back I worked for a company in Finland that had several super computers and served universities and other government orgs around EU. I kept telling them to switch to Proxmox. Both in virtualization, backups and email delivery. (Every decent sized organization needs something in front of their email servers to correctly route email.) Unfortunately every company that size is burdened with sizable bureau-crazy and they ignored my advice. Soon after that war in Ukraine broke out and voila... their fancy 'ware got hacked (by a rus-vikings probably.) I have worked with all the most common servers in past 24 years and I'm telling you all... switch to Proxmox NOW.
If you have to run WinDoze put it inside KVM/Qemu and only lift the lid ones a year.

 

No they don't. They need to learn how to properly use postfix checks, and amavis, spamassassin or rspamd. I've managed mail for several major organisations and companies since about 1998, one with 85 users working all over the globe (media, journalists etc.). Postfix itself has more than enough options to block spam and properly do MX/MTA with huge mailflows. I work together with these guys, and usually if I'm server-admin for mail, everything is green and A+ with them.

 

What medium2big company have you worked that actually used Postfix? If only. They use ether Exchange or Zimbra because the bureu-crazy's demand paid support.
Big companies are collection of smaller companies many of who have their own collection of different types of email servers. Life without front end is not an option. Usually the email front end even defines user exceptions. What university uses MS and what uses linux? Who's project leader works also for private company? Who has access to modify the routing on the front end? ISPConfig uses DB for auth. But pretty much all bigger entities go with LDAP/AD. Hence my rant about Proxmox. It has several auth options including PAM/LDAP.
etc...

 

You are completly delusinonal if you really belive this. I've worked in 2 companies that provide large mailservices and the other one that provide a medium sized one. Both use Postfix for all E-Mail routing as almost everyone else out there.
No one in their right mind would run Exchange on the internet. We provide a Hosted Exchange solution with 2 big Exchange clusters, but all incoming and outgoing mail is routed through postfix servers and so does any of our competitors.

This is only true for really large companies like google that use their own proprietary software tailored to their needs. Other large providers like Strato here in germany still use postfix for almost all their E-Mail routing.

Postfix is one of the most widely used and respected Mail Transfer Agents (MTAs) in the industry.

//EDIT: Here are some nice stats backing this: https://www.securityspace.com/s_survey/data/man.201806/mxsurvey.html

 

Using Postfix in front of Exchanges servers is indeed a common practice, especially if we are speaking about Exchange on-premise.
Postfix on the otherhand is even used on mailsecurity appliances as the MTA, like those by Trend Micro, or Proxmox Mailgateway, oh and btw also Zimbra, just to name three examples.

None of them reinvent the wheel, they all use OSS and are using them as a foundation for their products!

I also go with the general consens in this thread. Putting Proxmox Mailgateway in front of an ISPConfig server is simply pointless.

 

I can only speak from my own experiences.
The company I worked last (before going my own way again) used to be government owned before we were privatized as non profit company. We served A LOT of universities around EU, government organizations and privatized companies like our own CSC and our own supercomputers. The whole house of cards was huge and old and it did not even use Postfix in front (...think older).
Eventually (when they started to talk about migrating to Exchange again) I got tired of the bureaucracy and set out to try on my own again.
Private email bizz (see my signature links.)
In a perfect world what you say makes sense. Alas babylon. We don't live in such a world.