Quick ?s
Cheat Sheets
Man Pages
The Lynx
Software
 
POSTGREYREPORT(1)     User Contributed Perl Documentation    POSTGREYREPORT(1)



NAME
       postgreyreport - Fatal report for Postfix Greylisting Policy Server

SYNOPSIS
       postgreyreport [options...]

	-h, --help		     display this help and exit
	    --version		     display version and exit

	    --user=USER 	     run as USER (default: postgrey)
	    --dbdir=PATH	     find db files in PATH (default: /var/lib/postgrey)
	    --delay=N		     report triplets that did not try again after N seconds (default: 300)
	    --greylist-text=TXT      text to match on for greylist maillog lines

	    --skip_pool 	     Skip report for 'subscriber pools' ( last 2 octets of IP found in PTR name )
	    --skip_dnsbl=RBL	     RBL server to query and skip reporting for any listed hosts (SLOW!!)
	    --skip_clients=FILE      PTR or IP or REGEXP of clients to skip in report
	    --match_clients=FILE     *ONLY* report if fatal *AND* PTR/IP of client matches

	    --show_tries	     display the number of attempts failed triplets made in first column

	    --nosingle_line	     display sender/recipients grouped by ptr - ip
	    --separate_by_subnet=TXT display TXT for every new /24 (ex: "=================\n" )
	    --separate_by_ip=TXT     display TXT for every new IP  (ex: "\n")
	    --check_sender=LIST      one or more of: mx,mx/24,a,a/24
				     does DNS/A lookups for sender @domain and compares sending IP
				     if match displays "MX" "A" or "MX/24" or "A/24" depending on LIST

	  Note that --(skip|match)_clients can be specified multiple times and there are no default files.
	  Same rules apply as postgrey's --whitelist-clients, see postgrey doc for more info.

	  --skip_dnsbl can also be specified multiple times to query multiple DNSBL servers.

DESCRIPTION
       postgreyreport opens postgrey.db as read-only; reads a maillog via
       STDIN, extracts the triplets for any Greylisted lines and looks them up
       in postgrey.db.	if the difference in first and last time seen is less
       than --delay=N then the triplet is considered fatal and displayed to
       STDOUT

       The report sorts by client IP address

       Note:

       unless you are using --lookup_by_subnet or excluding all known MTA
       pools you will likely have false fatal reports for "BigISPs". A message
       that was tried from every IP in SMTP pool before making it through will
       show up in the report for all of the attempted source IPs

       USAGE

       It is best to run postgreyreport against a maillog that is at least
       several hours old (yesterdays?)	( you be the judge on how old is
       acceptable ). if you run the report against a live maillog you are not
       giving legit MTAs enough time to try again and you will have lots of
       inaccurate information.

	  Ex usage:

		   zcat /var/log/maillog.0.gz | ./postgreyreport [options] > postgreyreport.log

		   or

		   zcat /var/log/maillog.0.gz | \
		   ./postgreyreport --nosingle_line --check_sender=mx,a \
		   --separate_by_subnet=":==================\n"
		   # 94 "=" total, some were omitted for clarity

	  Ex Output: ( POD wrapping will mess this up, view source )

	    :============================================================================================
	    unknown		    4.29.43.31
			       marissa_mcclendonuu@abit.com.tw			    user1@recipient1.com
				       jake_meyerdt@ali.com.tw			    user2@recipient1.com
				   jenny_banks_sh@translate.ru			    user1@recipient2.com
					 rvazquezpo@ali.com.tw			    user3@recipient1.com
					    aep@notimexico.com			    user2@recipient1.com
			       brittneystanley_ei@cetra.org.tw			    user2@recipient1.com
				       brendasheehan_cw@lib.ru			    user2@recipient1.com
	    :============================================================================================
	    lsanca1-ar5-127-189.biz.dsl.gtei.net      4.33.127.189
	       A      fokkensr@lsanca1-ar5-127-189.biz.dsl.gtei.net		    user2@recipient1.com

				  cyxlfrfwciercu@publicist.com			    user3@recipient4.com
	    :============================================================================================
	    smtpout.mac.com	  17.250.248.83
					do_not_reply@apple.com			    user4@recipient5.com

	    smtpout.mac.com	  17.250.248.88
	      MX			     legituser@mac.com			    user6@recipient7.com
	    :============================================================================================

HISTORY
       1.14.2  20040715

	 BUGFIX: (automatic) lookup-by-subnet support was broken, fixed.
	 BUGFIX: corrected a few spelling errors
	 new Option: --skip_pool   Skip report for 'subscriber pools'

       1.14.1  20040712

	 Changed --return-string to --greylist-text to match postgrey
	 new Option: --skip_clients=FILE
	 new Option: --match_clients=FILE
	 new Option: --skip_dnsbl=RBL.DNS.NAME
	 All 3 of the new options can be specified multiple times.
	 Updated do_*_subsititions again to match postgrey

       1.11.1 20040701

	 missing keys from DB are considered fatal triplets and included in report
	 Changed --delay testing from "greater than" to "greater than or equal to"
	 Fixed --help and --man switches
	 Removed setuid Notice

       1.6.4  20040618

	 Initial Public Version (postgrey/contrib)

AUTHOR
       Tom Baker 

POD ERRORS
       Hey! The above document had some coding errors, which are explained
       below:

       Around line 632:
	   =item outside of any =over

       Around line 668:
	   You forgot a =back before =head1



perl v5.10.0			  2005-03-07		     POSTGREYREPORT(1)

Yals.net is © 1999-2009 Crescendo Communications
Sharing tech info on the web for more than a decade!
This page was generated Thu Apr 30 17:05:21 2009