Following on from the basics of SNMP I did previously, this article now adds the next set of SNMP extension scripts, config, and Cacti templates to monitor a Postfix mail server. This includes monitoring spf (Sender Policy Framework, clamav-milter (anti-virus/anti-malware), dkim-milter (Domain Keys Identified Mail), and spamass-milter (SpamAssassin).

Update: Also see my recent article about basic Postfix configuration  which works with these templates.

Major Update 20110707 onwards: With the release of my Universal Log Analyser, this article has been updated to only provide a plugin and you will have to configure the Universal Log Analyser to use the plugin. This is also a major update to graphs etc. and it may be easiest to purge any old versions of the templates and start fresh with such a major change.

Postfix Stats

Postfix produces a minimum of statistics it's self, but as is common in Unix, it does produce comprehensive logs of activity which provides plenty of material for generating statistics from.

There are already a load of logfile analysers around, but for the purposes of this monitoring, I decided the best thing was to write my own and then it would be easy to make it work exactly how I wanted for producing stats.

We rely on my Universal Log Analyser to use the plugins provided here. Please refer to that article and get that working first and then continue configuration for this article.

There are 4 plugins in this case: postfix.pm, dkim.pm, clamav.pm and spamd.pm

These are in the tarball (see later). Place the plugins in the plugin directory (default is /etc/snmp/uloganalyser-plugin)

One feature I have built into the plugin is that it outputs any lines that it does not completely understand. Cron will email this back to the administrator. This means that over time the script can be enhanced to extract more information from the logs. If you want to ignore this then just send all the output to /dev/null in the cron job.

Update on DKIM

This article goes back many years and this DKIM plugin here is really outdated and no longer being maintained. Since then I've written up Cacti stats on Open DKIM which is where the effort is now going.

Getting Postfix stats over SNMP

Like discussed previously, Postfix logfiles require root privilege to access, and snmpd runs as a low privilege user. What I do is have a CRON job that reads this data and stores it in files for snmpd to access via extension scripts.

If you are using the same config I described previously, then simply add the lines to your /etc/snmp/local-snmp-cronjob file to make it look something like this (may have other content for other tasks):

#!/bin/sh

# run postfix stats
/etc/snmp/uloganalyser \
    /var/log/mail.log.1 \
    /var/log/mail.log \
    /var/local/snmp/mail \
    postfix dkim clamav spamd

This is fully compatible with my dovecot stats plugin and you can just add "dovecot" on the end to add those stats into the same file and analyse the logs in one shot. Likewise, plugins you don't use may be left off.

From there, I have a load of small scripts for each aspect of the stats I monitor. One thing to consider when writing these scripts is to ensure that if more parameters are added to them, they are all added to the ends of the scripts to ensure that the order of the data given to snmpd does not change.

These scripts are in the tarball (see later) and are all named postfix-stats-*, clamav-stats or dkim-stats. I place these scripts (make them executable first: chmod +x postfix-stats-*) in /etc/snmp

In /etc/snmp/snmpd.conf add the following lines (or others if you want to monitor them):

extend postfixlocal     /etc/snmp/postfix-stats-local
extend postfixlmtp      /etc/snmp/postfix-stats-lmtp
extend postfixpickup /etc/snmp/postfix-stats-pickup
extend postfixqueue /etc/snmp/postfix-stats-queue
extend postfixsmtp      /etc/snmp/postfix-stats-smtp-connect
extend postfixsmtpstatus        /etc/snmp/postfix-stats-smtp-status
extend postfixsmtptls   /etc/snmp/postfix-stats-smtp-tls
extend postfixsmtpwarn  /etc/snmp/postfix-stats-smtp-warning
extend postfixsmtpd     /etc/snmp/postfix-stats-smtpd-connect
extend postfixsmtpdnq   /etc/snmp/postfix-stats-smtpd-noqueue
extend postfixsmtpdnqrec        /etc/snmp/postfix-stats-smtpd-noqueue-recipient
extend postfixsmtpdnqrel        /etc/snmp/postfix-stats-smtpd-noqueue-relay
extend postfixsmtpdnqsnd        /etc/snmp/postfix-stats-smtpd-noqueue-sender
extend postfixsmtpdnqclnt       /etc/snmp/postfix-stats-smtpd-noqueue-client
extend postfixsmtpdqd   /etc/snmp/postfix-stats-smtpd-queued
extend postfixsmtpdtls  /etc/snmp/postfix-stats-smtpd-tls
extend postfixsmtpdwarn /etc/snmp/postfix-stats-smtpd-warning
extend postfixcleanup   /etc/snmp/postfix-stats-cleanup
extend postfixpolicy /etc/snmp/postfix-stats-policy
extend postfixip /etc/snmp/postfix-stats-connect-ip
extend clamav /etc/snmp/clamav-stats
extend dkim /etc/snmp/dkim-stats
extend spamd /etc/snmp/spamd-stats

Once you have added all this in you can test these scripts by running them from the command line, and via SNMP by appending the appropriate SNMP OID to the "snmpwalk" commands shown previously.

Cacti Templates

I have generated some basic Cacti Templates for these Postfix stats which is in the tarball (see later).

Simply import this template, and add the graphs you want to the appropriate device graphs in Cacti. It should just work if your SNMP is working correctly for that device (ensure other SNMP parameters are working for that device).

All in one

Download: Universal Log Analyser, Postsfix stats plugin and Cacti templates are all on GitHub

This contains all the goodies needed for this article and extracts into a subdirectory (neat!)

Graph Screen Shots

.... for a very quiet mail server

Changelog (NEW!)

• 20110707 - Major Update
  • Now using universal log analyser and just provides a plugin
  • Expanded peer mail server error messages and other previously unrecognised log content - thanks to those who submitted samples of their unrecognised log lines
  • ClamAV and DKIM are now optional plugins and not part of the main Postfix script
• ..... various minor fixes, enhancements
• 20120420 - Added extra plugin and scripts for spamass-milter (spamd)