Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
POSTGREYREPORT(1)     User Contributed Perl Documentation    POSTGREYREPORT(1)

NAME
       postgreyreport -	Fatal report for Postfix Greylisting Policy Server

SYNOPSIS
       postgreyreport [options...]

	-h, --help		     display this help and exit
	    --version		     display version and exit

	    --user=USER		     run as USER (default: postgrey)
	    --dbdir=PATH	     find db files in PATH (default: /var/db/postgrey)
	    --delay=N		     report triplets that did not try again after N seconds (default: 300)
	    --greylist-text=TXT	     text to match on for greylist maillog lines

	    --skip_pool		     Skip report for 'subscriber pools'	( last 2 octets	of IP found in PTR name	)
	    --skip_dnsbl=RBL	     RBL server	to query and skip reporting for	any listed hosts (SLOW!!)
	    --skip_clients=FILE	     PTR or IP or REGEXP of clients to skip in report
	    --match_clients=FILE     *ONLY* report if fatal *AND* PTR/IP of client matches

	    --show_tries	     display the number	of attempts failed triplets made in first column
	    --show_time		     show entry	time in	maillog	(single	line only)
	    --tab		     use tabs as separators for	easy cut(1)ting

	    --nosingle_line	     display sender/recipients grouped by ptr -	ip
	    --separate_by_subnet=TXT display TXT for every new /24 (ex:	"=================\n" )
	    --separate_by_ip=TXT     display TXT for every new IP  (ex:	"\n")
	    --check_sender=LIST	     one or more of: mx,mx/24,a,a/24
				     does DNS/A	lookups	for sender @domain and compares	sending	IP
				     if	match displays "MX" "A"	or "MX/24" or "A/24" depending on LIST

	  Note that --(skip|match)_clients can be specified multiple times and there are no default files.
	  Same rules apply as postgrey's --whitelist-clients, see postgrey doc for more	info.

	  --skip_dnsbl can also	be specified multiple times to query multiple DNSBL servers.

DESCRIPTION
       postgreyreport opens postgrey.db	as read-only; reads a maillog via
       STDIN, extracts the triplets for	any Greylisted lines and looks them up
       in postgrey.db.	if the difference in first and last time seen is less
       than --delay=N then the triplet is considered fatal and displayed to
       STDOUT

       The report sorts	by client IP address

   Note:
       unless you are using --lookup_by_subnet or excluding all	known MTA
       pools you will likely have false	fatal reports for "BigISPs". A message
       that was	tried from every IP in SMTP pool before	making it through will
       show up in the report for all of	the attempted source IPs

   USAGE
       It is best to run postgreyreport	against	a maillog that is at least
       several hours old (yesterdays?)	( you be the judge on how old is
       acceptable ). if	you run	the report against a live maillog you are not
       giving legit MTA's enough time to try again and you will	have lots of
       inaccurate information.

       o   Ex usage:

		   zcat	/var/log/maillog.0.gz |	./postgreyreport [options] > postgreyreport.log

		   or

		   zcat	/var/log/maillog.0.gz |	\
		   ./postgreyreport --nosingle_line --check_sender=mx,a	\
		   --separate_by_subnet=":==================\n"
		   # 94	"=" total, some	were omitted for clarity

       o   Ex Output: (	POD wrapping will mess this up,	view source )

	    :============================================================================================
	    unknown		    4.29.43.31
			       marissa_mcclendonuu@abit.com.tw			    user1@recipient1.com
				       jake_meyerdt@ali.com.tw			    user2@recipient1.com
				   jenny_banks_sh@translate.ru			    user1@recipient2.com
					 rvazquezpo@ali.com.tw			    user3@recipient1.com
					    aep@notimexico.com			    user2@recipient1.com
			       brittneystanley_ei@cetra.org.tw			    user2@recipient1.com
				       brendasheehan_cw@lib.ru			    user2@recipient1.com
	    :============================================================================================
	    lsanca1-ar5-127-189.biz.dsl.gtei.net      4.33.127.189
	       A      fokkensr@lsanca1-ar5-127-189.biz.dsl.gtei.net		    user2@recipient1.com

				  cyxlfrfwciercu@publicist.com			    user3@recipient4.com
	    :============================================================================================
	    smtpout.mac.com	  17.250.248.83
					do_not_reply@apple.com			    user4@recipient5.com

	    smtpout.mac.com	  17.250.248.88
	      MX			     legituser@mac.com			    user6@recipient7.com
	    :============================================================================================

HISTORY
       1.14.3  20100321

	 Some additions, Leonard den Ottolander	<leonard.den.ottolander.nl>
	 New option: --tab   Use tabs as separator in single line mode
	 New option: --show_time   Show	entry time in maillog in single	line mode

       1.14.2  20040715

	 BUGFIX: (automatic) lookup-by-subnet support was broken, fixed.
	 BUGFIX: corrected a few spelling errors
	 new Option: --skip_pool   Skip	report for 'subscriber pools'

       1.14.1  20040712

	 Changed --return-string to --greylist-text to match postgrey
	 new Option: --skip_clients=FILE
	 new Option: --match_clients=FILE
	 new Option: --skip_dnsbl=RBL.DNS.NAME
	 All 3 of the new options can be specified multiple times.
	 Updated do_*_subsititions again to match postgrey

       1.11.1 20040701

	 missing keys from DB are considered fatal triplets and	included in report
	 Changed --delay testing from "greater than" to	"greater than or equal to"
	 Fixed --help and --man	switches
	 Removed setuid	Notice

       1.6.4  20040618

	 Initial Public	Version	(postgrey/contrib)

AUTHOR
       Tom Baker <tbaker@bakerfl.org>

perl v5.32.0			  2020-08-17		     POSTGREYREPORT(1)

NAME | SYNOPSIS | DESCRIPTION | HISTORY | AUTHOR

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=postgreyreport&sektion=1&manpath=FreeBSD+12.2-RELEASE+and+Ports>

home | help