b2fec3f7e81a617a6b21b884fcec7bf7af7f7318
📬 Postfix Mail Summary Script
A hardened, production-ready Bash script for analyzing Postfix mail logs with a clean, readable output format.
Designed with security, performance, and portability in mind.
🚀 Features
- 📊 Clean, formatted output (with optional colors)
- 🔍 Filter by:
- Sender (
--from) - Recipient (
--to) - Queue ID (
--id) - Date (
--date)
- Sender (
- ⚡ Optimized log reading (avoids full log parsing when possible)
- 🛡️ Hardened against:
- Command injection
- Regex/ReDoS attacks
- Memory leaks
- Log-based DoS
- 🧠 Smart parsing of Postfix logs (including
NOQUEUErejects) - 🎯 Portable across Linux distributions
📦 Requirements
- Bash (>= 4.x recommended)
- Standard Linux utilities:
awkgrepsedtailfindzcat
⚙️ Installation
git clone https://git.robott.sk/robott/mail-status.git
cd mail-status
chmod +x mail-status.sh
▶️ Usage
sudo ./mail-status.sh [OPTIONS]
📖 Options
Option Description
-h, --help Show help message
-l, --list NUMBER Show last X records (default: 10, max: 1000)
-f, --from Filter by sender (substring match)
-t, --to Filter by recipient (substring match)
-i, --id Filter by Queue ID
-d, --date "MMM DD" Filter by date (e.g. "Mar 27")
Search across all logs for a specific user:
sudo ./mail-status.sh -f user@example.com -d ""
Or search for a specific date:
sudo ./mail-status.sh -f user@example.com -d "Mar 23"
📌 Examples
Show last 10 records
sudo ./mail-status.sh
Show last 50 records
sudo ./mail-status.sh -l 50
Filter by sender
sudo ./mail-status.sh -f gmail.com
Filter by recipient
sudo ./mail-status.sh -t example.com
Filter by Queue ID
sudo ./mail-status.sh -i 3F2A12345
Filter by date
sudo ./mail-status.sh -d "Mar 27"
🖥️ Output Example
DATE-TIME ID CLIENT_IP SENDER RECIPIENT STATUS REASON
Mar-27-12:00:01 3F2A12345 192.168.1.10 user@gmail.com admin@example.com sent [OK]
Mar-27-12:01:05 NOQUEUE 45.12.34.56 spam@bad.com user@example.com REJECT [Policy]
🔐 Security Design
This script is designed with security-first principles:
✅ Protected Against:
Command injection
AWK injection
Regex-based DoS (ReDoS)
Malicious filenames
Memory exhaustion
Log flooding
🔒 Key Techniques:
Input length limiting
Substring matching (index() instead of regex)
Safe file handling (find -print0, arrays)
Temporary file isolation (mktemp)
Automatic cleanup (trap)
No use of eval
⚡ Performance Optimizations
Reads only last 50,000 lines by default
Full log scan only when necessary (--date, --id)
Avoids unnecessary process spawning
Efficient AWK parsing with memory cleanup
🎨 Color Output
Automatically enabled when running in a terminal
Disabled when piping output (e.g., | less, | grep)
⚠️ Notes
Must be run as root (required for log access)
Works with standard Postfix logs:
/var/log/maillog
Rotated logs (maillog.*, .gz)
🛠️ Future Improvements (Optional)
Real-time monitoring (tail -f)
JSON export for SIEM tools (ELK, Splunk)
Fail2ban integration (auto-block IPs)
Spam pattern detection
📄 License
MIT License
👨💻 Author
robott GitHub: https://github.com/robott
Powered by Gitea
Description
Languages
Shell
100%