View full summary of mail activity from the Exim mail logWritten by Jacob Nicholson
In this article I'm going to teach you how to use the Exim mail log on your VPS (Virtual Private Server) or dedicated server to get a full summary of the mailing activity from a specified time range.
If you happened to have read either of my previous articles on either managing the Exim mail queue via SSH, or how to manage the Exim mail queue in WHM, then you should already know how to view and manage the live Exim mail queue on your server. I've also talked about how to view a summary of the Exim mail queue recently, which allows you to get a full summary of the messages currently in your Exim mail queue.
Now we're going to cover how you can view a summary of all messages that have already left the Exim mail queue and have either been delivered or failed. We're going to take advantage of a built in tool for Exim called eximstats, and I'll also provide you with a small bit of code that will allow you to use that command on just a specified time range instead of your entire Exim mail log.
To be able to follow along with the steps below, you'll need root access to either your VPS or dedicated server so that you have full access to the Exim mail log and the eximstats command that we'll be using.
View summary of Exim mail activity for a specified time range
Using the steps below I'll walk you through what you need to run on your server in order to view a summary of all mail that has gone through your server.
- Login to your server via SSH as the root user.
- Run the following commands to get a summary of all Exim mail activity over the last 5 hours and save it into a file:
- Now you will want to run the following command to get a summary of all the Exim activity from our EXIM_LOG file that we dumped all our data into:
eximstats EXIM_LOG | less
eximstats EXIM_LOG Run the eximstats command on our EXIM_LOG file that we created. less Use the less command so that when we get back the summary from our Exim mail log it doesn't all scroll by at once. Instead we can use the up and down arrows, or page up and page down to navigate through the data. Press q to quit when done reviewing.
There is a ton of information available in the Exim mail log summary, the things you'll be looking through include Grand total summary, Deliveries by transport, Messages received per hour, Deliveries per hour, Time spent on the queue, Relayed messages, Top 50 mail rejection reasons by message count, Top 50 mail temporary rejection reasons by message count, Top 50 sending hosts by message count, Top 50 sending hosts by volume, Top 50 local senders by message count, Top 50 local senders by volume, Top 50 host destinations by message count, Top 50 host destinations by volume, Top 50 local destinations by message count, Top 50 local destinations by volume, Top 50 rejected ips by message count, Top 50 temporarily rejected ips by message count, List of errors, and finally Errors encountered.
- Once you're done reviewing the Exim mail queue summary for the time frame we specified, you'll want to go ahead and remove the EXIM_LOG file we created with the following command:
rm -rf ./EXIM_LOG
If you didn't want to specify any sort of time range, and simply wish to see a full Exim summary of everything in the mail log you can simply run the eximstats command directly on the main Exim log file with this command:eximstats /var/log/exim_mainlog | less
Your entire Exim mail log could be quite large, so attempting to view a summary of the entire log could take some time to complete if you choose to do it this way.
First this command will give you back the format of an Exim time stamp from 5 hours ago:
date --date="5 hours ago" +%Y-%m-%d\ %H2013-01-21 09
Then this command will give you the current hour:
date +%Y-%m-%d\ %H2013-01-21 14
So now we know we're going to be searching between 09:00 - 14:59 for the last 5 hours of data. This next command will do just that and place all the data into a file called EXIM_LOG:
egrep "2013-01-21 09|2013-01-21 10|2013-01-21 11|2013-01-21 12|2013-01-21 13|2013-01-21 14" /var/log/exim_mainlog > EXIM_LOG
|egrep "2013-01-21 09|2013-01-21 10|2013-01-21 11|2013-01-21 12|2013-01-21 13|2013-01-21 14" /var/log/exim_mainlog||Locate any lines in the Exim mail log that contain an hour from our 5 hour range.|
|> EXIM_LOG||Place the data from our search into a file called EXIM_LOG that we'll run further commands on.|
You should now understand how to login to your server and take a look at the full Exim summary of all of your mail activity that has been happening on your server, by using the Exim mail log and the eximstats command.