Debugging and Tracing In Postfix

Turn up logging for individual clients

A really nice feature Postfix has is this ability to debug individually-specified hosts and this is how you do that.  Just add this to your main.cf:

# Debug individually-specified hosts
debug_peer_level=3
debug_peer_list=regexp:/etc/postfix/debug_peers

In this case I have set the debug level to 3.  The default level is 2.  Also I am using a map file.  You don’t have to use a map file; you could instead list the IPs or domains of the clients like so:

debug_peer_list=203.0.113.2,example.com

The regex approach let’s you catch multiple, similar IPs and domains.  Here is an example regex file I used:

# This is a list disguised as a key-value hash. The right-hand fields are only useful for testing.
# For some bizarre reason, Postfix regex doesn't support "\d" ala:
# /185\.234\.219\.\d{1,3}/ A

/185\.234\.219\.[0-9]{1,3}/ A
/[0-9]{4}\.com/ B
/193\.169\.255\.146/ C

Note this is just a listing & not an actual map, but Postfix uses the same parsing code for these so you have to present it as a map file.  So the right-hand fields ( I have A, B, and C ) – they don’t mean anything. They’re just placeholders.  But, they are still useful for testing matching patterns.

Of course when you set up your map file, you’re going to want to run postmap on it:

sudo postmap debug_peers

and let Postfix munge on it and tell you if there’s any errors. Also you can run “postmap -q” to test your mapping:

% sudo postmap -q "185.234.219.12" regexp:debug_peers
A

This is especially helpful with regex since regex gets kind of messy sometimes. In this way, you can make sure you’ve got your mapping set up the way you want it.

Besides regex – you can do a straight hash which is just a key value pair map; you can do pcre which is like the Perl version of regex; and you can do CIDR. When your run the “postconf -m” command, it’ll show you what all your Postfix was compiled with ( that type of maps ) that you can use:

% sudo postconf -m
btree
cidr
environ
fail
hash
inline
internal
memcache
nis
pipemap
proxy
randmap
regexp
socketmap
sqlite
static
tcp
texthash
unionmap
unix

Verbosity!

You can also set up verbosity on the entire Postfix SMTP service just by adding a “-v” in the master.cf file like so:

smtp      inet  n       -       y       -       -       smtpd -v

Reload your Postfix:

sudo systemctl reload postfix

and you’ll see huge amounts of data in there but it could be quite useful sometimes.   You can do the same for other Postfix slave processes like eg, anvil.

Be sure to check out the Postfix debug docs if you need more details.

Sharing is caring!

Leave a Comment

Your email address will not be published. Required fields are marked *


Notice: Undefined index: total_count_position in /var/www/wordpress/wp-content/plugins/social-pug/inc/functions-frontend.php on line 46
shares