Postfix 日志文件在哪里?

tag-icon tag-icon postfix
Postfix 日志文件在哪里?

我知道这个问题已经被问了一百遍了。但我在 Google 上搜索了很多次,但都没有成功。我的问题是:我想记录我的 Postfix 服务器的每一个活动。默认文件/var/log/mail和任何其他相关mail文件都不postfix存在。

  1. /etc/postfx/main.cf要启用日志记录,应将哪个字符串放入配置文件中?
  2. 在哪里可以看到 Postfix 使用的配置文件?(根据我下面的提示)

谢谢您的回答。

提示:我将 postfix 与 dovecot 一起使用。几个月前我安装了 meta 包。

输出postconf -n

    alias_database = hash:/etc/aliases
    alias_maps = hash:/etc/aliases
    append_dot_mydomain = no
    biff = no
    broken_sasl_auth_clients = yes
    config_directory = /etc/postfix
    home_mailbox = Maildir/
    inet_interfaces = all
    mailbox_command = /usr/lib/dovecot/deliver -c /etc/dovecot/conf.d/01-dovecot-postfix.conf -n -m "${EXTENSION}"
    mailbox_size_limit = 0
    mydestination = mydomain.de localhost
    myhostname = mydomain.de
    mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
    myorigin = /etc/mailname
    readme_directory = no
    recipient_delimiter = +
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
    smtp_use_tls = yes
    smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
    smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_authenticated_header = yes
    smtpd_sasl_local_domain = $myhostname
    smtpd_sasl_path = private/dovecot-auth
    smtpd_sasl_security_options = noanonymous
    smtpd_sasl_type = dovecot
    smtpd_sender_restrictions = reject_unknown_sender_domain
    smtpd_tls_auth_only = yes
    smtpd_tls_cert_file = /etc/ssl/certs/ssl-mail.pem
    smtpd_tls_key_file = /etc/ssl/private/ssl-mail.key
    smtpd_tls_mandatory_ciphers = medium
    smtpd_tls_mandatory_protocols = SSLv3, TLSv1
    smtpd_tls_received_header = yes
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtpd_use_tls = yes
    tls_random_source = dev:/dev/urandom
    virtual_alias_maps = hash:/etc/postfix/virtual
    virtual_gid_maps = static:5000
    virtual_mailbox_base = /var/mail/vhosts
    virtual_mailbox_domains = mydomain2.de
    virtual_mailbox_maps = hash:/etc/postfix/vmailbox
    virtual_minimum_uid = 100
    virtual_uid_maps = static:5000

Output for /etc/syslog.conf

#  /etc/syslog.conf Configuration file for syslogd.
#
#           For more information see syslog.conf(5)
#           manpage.

#
# First some standard logfiles.  Log by facility.
#

auth,authpriv.*      -/var/log/auth.log
*.*;auth,authpriv.none;local0.none;local1.none      -/var/log/syslog
#cron.*          -/var/log/cron.log
daemon.*            -/var/log/daemon.log
kern.*              -/var/log/kern.log
lpr.*               -/var/log/lpr.log
user.*              -/var/log/user.log

#
# Logging for the mail system.  Split it up so that
# it is easy to write scripts to parse these files.
#

# Logging for INN news system
#
news.crit        -/var/log/news/news.crit
news.err         -/var/log/news/news.err
news.notice         -/var/log/news/news.notice

#
# Some `catch-all' logfiles.
#
*.=debug;\
    auth,authpriv.none;\
    news.none   -/var/log/debug
*.=info;*.=notice;*.=warning;\
    auth,authpriv.none;\
    cron,daemon.none;\
    mail,news.none      -/var/log/messages

#
# Emergencies are sent to everybody logged in.
#
*.emerg             *

#
# I like to have messages displayed on the console, but only on a virtual
# console I usually leave idle.
#
#daemon,mail.*;\
#   news.=crit;news.=err;news.=notice;\
#   *.=debug;*.=info;\
#   *.=notice;*.=warning    /dev/tty8

# The named pipe /dev/xconsole is for the `xconsole' utility.  To use it,
# you must invoke `xconsole' with the `-file' option:
# 
#    $ xconsole -file /dev/xconsole [...]
#
# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
#      busy site..
#
daemon.*;mail.*;\
    news.err;\
    *.=debug;*.=info;\
    *.=notice;*.=warning    |/dev/xconsole

答案1

它们应该在 中/var/log/mail.log。但是,您的 syslog 设施配置似乎已被您(或您的提供商)更改。使用普通的 syslogd 代替 rsyslogd 是完全有可能的,但您可以预料到事情会与您的预期有所不同。

正如评论中提到的,通过安装rsyslog,文件重新出现。

答案2

在 Ubuntu 16.04 上,我发现 postfix 日志位于/var/log/syslog

grep postfix /var/log/syslog

您可以查看 postfix 日志流:

tail -f /var/log/syslog | grep postfix

答案3

我必须使用journalctl -t postfix/smtpd -t postfix/smtp查找电子邮件日志,其中

  • smtpd用于接收电子邮件(d 代表守护进程与客户交谈)
  • smtp用于发送邮件,以及
  • 通过指定两者,您可以在组合日志视图中看到两者。

您还可以使用journalctl不带参数来查看所有日志,而无需筛选主题。

现在/var/log有一个 README 文件,提示停止在那里寻找基于 systemd 的系统。

答案4

明确地说:postfix 记录到系统日志并使用mailsyslog 功能。

您必须检查您运行的是哪个 syslog 服务器,但 Ubuntu 中直到当前 20.04 LTS 版本中的默认服务器都是rsyslogd。如果您更改 syslog 守护程序,则需要对其进行配置以使用mailsyslog 功能。

mail通过搜索mail.(没有任何前面的注释/哈希字符)检查是否记录到任何特定文件还包括所有“捕获所有规则” *.

grep -E "^[^#]*(mail|\*)\." /etc/rsyslog.conf /etc/rsyslog.d/*.conf

Ubuntu 20.04 的示例输出

# We see that "/etc/rsyslog.conf" includes files from "/etc/rsyslog.d"
/etc/rsyslog.conf:$IncludeConfig /etc/rsyslog.d/*.conf

# "*.*" means that _all_ events _except_ "authpriv" is logged to /var/log/syslog
/etc/rsyslog.d/50-default.conf:*.*;auth,authpriv.none -/var/log/syslog

# Here goes "mail"
/etc/rsyslog.d/50-default.conf:mail.*                 -/var/log/mail.log

# In _addition_ "mail.err" goes here
/etc/rsyslog.d/50-default.conf:mail.err                /var/log/mail.err

# And in the event of an "emerg" priority message..
/etc/rsyslog.d/50-default.conf:*.emerg                 :omusrmsg:*

Rsyslog 读取配置文件为了, 和全部事件(日志行)穿过所有配置项除非任何配置都会丢弃或过滤掉该事件。

另一个例子mail.*抑制进入通用messages文件,然后发送到文件和外部 UDP 系统日志服务器:

*.info;mail.none;authpriv.none;cron.none  /var/log/messages
mail.*                                   -/var/log/maillog
mail.*                                    @127.0.0.1:50514

因此,当您更改内容(数字或字符排序)时,请注意文件的顺序,并使用目录,rsyslog.d而不是弄乱rsyslog.conf

相关内容