|
Being able to monitor the flow of e-mail messages in and out of a specific server, via the SNMP protocol can be desirable for many reasons, including service functionality monitoring, early detection of mis-/abuse etc.
This page describes a small script, written in Perl, for exporting this information from the Postfix MTA, over SNMP, by means of the Net-SNMP agent.
Requirements:
The software described below needs to be installed and configured on the system that you wish to use this script on:
The script is currently in use on Tru64, Solaris, NetBSD and Linux, but should work on any platform that supports the software mentioned above. (Please e-mail me your (un-)success stories!)
Installation and configuration:
Download and install:
The script can be downloaded here. You will probably need to update the first line in the script to reflect where the Perl interpreter on your system resides. (Unless, of course, you are using NetBSD, or the Tru64-port of pkgsrc).
The other thing that needs tweaking is the $MINRESET variable. This variable specifies how long (in seconds) calculated values will be cached. This serves two purposes: Performance and accuracy. Should packet loss occur on the returning SNMP response, the remote SNMP client (MRTG for instance) would issue a new request, and since counters would be reset each time they are polled, not caching would return incorrect results in this case. Hence, this value should be set to slightly less than the estimated polling interval.
Postfix:
No special configuration required. Just make sure that syslog is logging the mail channel at info or lower.
Net-SNMP:
Net-SNMP can be configured to pass SNMP requests for certain OIDs on to external monitoring scripts, which is exactly what we'll do next. First you will have to decide where to mount this MIB subtree. For testing, you can mount it under UCD-SNMP-MIB::ucdavis.255, but before actually deploying it you probably should make up some other place to put it.
Example configuration line for Net-SNMP:
pass .1.3.6.1.4.1.2021.255 /usr/local/sbin/fetch_mail_statistics.pl \
/var/log/mail.log /var/db/mailstats.db .1.3.6.1.4.1.2021.255
Where /usr/local/sbin/fetch_mail_statistics.pl is the full path to the script, /var/log/mail.log is the full path to the system Postfix mail log (This is typically /var/log/maillog, /var/adm/syslog.dated/current/mail.log or /var/log/mail.log). /var/db/mailstats.db is the file where this script stores the cached information, and other things it needs (The unix user Net-SNMP is running as needs to have write access to this file and possibly create access in the directory in case the file doesn't already exist). .1.3.6.1.4.1.2021.255 is where to mount the subtree. (UCD-SNMP-MIB::ucdavis.255)
MRTG / RRDTool
Since the setup of monitoring / statistics tools such as MRTG or RRDTool is site-specific, no provisions are made on this page to provide a complete usage example. A minimal example for RRDTool: (ksh-compatible shell)
#! /bin/ksh
STR="`snmpwalk -OvQ -r 10 -t 5 -v 2c -c publicommunity hostname.site.com \
UCD-SNMP-MIB::ucdavis.255 | perl -ne 's/^/:/;s/\n//;print'`"
rrdtool update /path/to/rr-database.rrd -t received:sent N${STR}
(This of course implies that we have an round robin database with the two DS:s `received' and `sent'.)
This minimal script would then be scheduled to run periodically, for instance from cron.
Example output:
Below is an example of this script in use with Tobi Oetiker's RRDtool.
The server is a low volume secondary mail exchanger for a number of corporate domains:
![[Typical low volume secondary MX]](example_postfixstat.gif)
|
