タグ: Postgrey

LogwatchのPostfixにPostgreyのログが記載されるのを取り除く

CentOS上のPostfixにスパム対策としてPostgreyを導入しました。
その結果、毎日届くLogwatchにPostgreyが一時的に拒否した際のログが記載されるようになりました。

NOQUEUE: reject: RCPT from unknown[WWW.XXX.YYY.ZZZ]: 450 4.2.0 <foo@example.jp>: Recipient address rejected: Greylisted, see http://postgrey.schweikert.ch/help/example.jp.html; from=<spam@example.com> to=<foo@example.jp> proto=SMTP helo=<ip-AAA-BBB-CCC-DDD.example.com>

結構な量のため、減らす方法がないかと調べたところ、

#441145 – logwatch: Patch for Postgrey summary – Debian Bug report logs

を参考に、処理スクリプトである

/usr/share/logwatch/scripts/services/postfix

を変更することで対応できました。

環境は以下の通り

  • postgrey-1.34-1.el5.rf
  • logwatch-7.3-10.el5
  • postfix-2.3.3-6.el5

編集内容は以下の通り

cp /usr/share/logwatch/scripts/services/postfix /usr/share/logwatch/scripts/services/postfix.ori
vi /usr/share/logwatch/scripts/services/postfix

/usr/share/logwatch/scripts/services/postfixファイル

--- /usr/share/logwatch/scripts/services/postfix.ori    2013-07-11 14:24:53.000000000 +0900
+++ /usr/share/logwatch/scripts/services/postfix        2013-07-11 14:26:25.000000000 +0900
@@ -158,6 +158,9 @@
 $RejectUnknownClients   = 0;
 $Undeliverable          = 0;
 $Deliverable            = 0;
+$PostgreyReceived       = 0;
+$GreyListSent           = 0;
+

 while (defined($ThisLine = <STDIN>)) {
    if (
@@ -235,6 +238,10 @@
          $Temp = "To " . $Dest . " Msg=\"" . $Msg . "\"";
          $ForeignBounce{$Temp}++;
       }
+   } elsif ($ThisLine =~ /reject: RCPT from .*: Recipient address rejected: Greylisted, see/) {
+      $PostgreyReceived++;
+   } elsif ($ThisLine =~ /status=deferred.*Recipient address rejected: .*[Gg]reylist/) {
+      $GreyListSent++;
    } elsif ( ($Relay,$Dest) = ($ThisLine =~ m/reject: RCPT from ([^ ]*): [0-9]+ (?:[0-9]\.[0-9]\.[0-9] )?<([^ ]*)>.* Relay access denied.* to=([^ ]*)/) ) {
       # print "reject: " . $ThisLine . "\n";
       # print "Relay :" . $Relay . " to " . $Dest . "\n";
@@ -435,6 +442,14 @@
    print "\n$RemovedFromQueue messages removed from queue";
 }

+if ($PostgreyReceived > 0) {
+   print "\n$PostgreyReceived messages temporarily deferred on receipt by Postgrey";
+}
+
+if ($GreyListSent > 0) {
+   print "\n$GreyListSent transmitted messages temporarily deferred by remote Greylisting";
+}
+
 if ($QueueSizeExceeded > 0) {
    print "\n$QueueSizeExceeded messages exceeded queue or message file size limit and removed";
 }

結果、上記のログはなくなり、変わって

702 messages temporarily deferred on receipt by Postgrey

のような出力が生成されました。

広告