Hi, i have install greylist with this doc (https://www.howtoforge.com/greylisting_postfix_postgrey). it seems it work. i hope i grep the right part. Code: Feb 12 03:15:58 host postgrey[9335]: Process Backgrounded Feb 12 03:15:58 host postgrey[9335]: 2019/02/12-03:15:58 postgrey (type Net::Server::Multiplex) starting! pid(9335) Feb 12 03:15:58 host postgrey[9335]: Binding to TCP port 10023 on host 127.0.0.1 with IPv4 Feb 12 03:15:58 host postgrey[9335]: Setting gid to "114 114" Feb 12 03:15:58 host postgrey[9335]: Setting uid to "110" Feb 12 03:19:14 host postgrey[9335]: action=pass, reason=triplet found, client_name=mail.DOMAIN.com, client_address=212.149.xx.xxx, [email protected], recipient=EMPFAENGER Feb 12 03:19:16 host postgrey[9335]: action=greylist, reason=new, client_name=mail1.DOMAIN.com, client_address=212.149.xx.xxx, [email protected], recipient=EMPFAENGER Feb 12 03:19:16 host postfix/smtpd[7395]: NOQUEUE: reject: RCPT from mail1.DOMAIN.com[212.149.xx.xxx]: 450 4.2.0 <EMPFAENGER>: Recipient address rejected: Please try again later (postgrey); from=<[email protected]> to=<EMPFAENGER> proto=ESMTP helo=<mail1.DOMAIN.com> on a other site i found statistic script. Code: cat /var/log/mail.log | postgreyreport --nosingle_line --check_sender=mx,a --show_tries --separate_by_subnet=":===============================================================================================\n" but i dont get a output. Code: root@host:~# cat /var/log/mail.log | postgreyreport --nosingle_line --check_sender=mx,a --show_tries --separate_by_subnet=":===============================================================================================\n" root@host:~# even without options it does not work. not with another maillog. Code: root@host:~# cat /var/log/mail.log | postgreyreport root@host:~# cat /var/log/mail.info | postgreyreport root@host:~# I'm just a bit wondering what my problem is. Someone else an idea? Thanks & Greetings
Is postgreyreport installed and does it work? test e.g. with: postgreyreport --help if it has a help switch. And please post in English or use the German forum
hi, I'm sorry. yes "postgreyreport --help" works. Code: root@host:~# postgreyreport --help Usage: postgreyreport [*options*...] -h, --help display this help and exit --version display version and exit --user=USER run as USER (default: postgrey) --dbdir=PATH find db files in PATH (default: /var/lib/postgrey) --delay=N report triplets that did not try again after N seconds (default: 300) --greylist-text=TXT text to match on for greylist maillog lines --skip_pool Skip report for 'subscriber pools' ( last 2 octets of IP found in PTR name ) --skip_dnsbl=RBL RBL server to query and skip reporting for any listed hosts (SLOW!!) --skip_clients=FILE PTR or IP or REGEXP of clients to skip in report --match_clients=FILE *ONLY* report if fatal *AND* PTR/IP of client matches --show_tries display the number of attempts failed triplets made in first column --show_time show entry time in maillog (single line only) --tab use tabs as separators for easy cut(1)ting --nosingle_line display sender/recipients grouped by ptr - ip --separate_by_subnet=TXT display TXT for every new /24 (ex: "=================\n" ) --separate_by_ip=TXT display TXT for every new IP (ex: "\n") --check_sender=LIST one or more of: mx,mx/24,a,a/24 does DNS/A lookups for sender @domain and compares sending IP if match displays "MX" "A" or "MX/24" or "A/24" depending on LIST Note that --(skip|match)_clients can be specified multiple times and there are no default files. Same rules apply as postgrey's --whitelist-clients, see postgrey doc for more info. --skip_dnsbl can also be specified multiple times to query multiple DNSBL servers.