:::: MENU ::::

Find IPs connecting to a postfix server through logs

  • Sep 09 / 2017
  • 0
Linux

Find IPs connecting to a postfix server through logs

There’s no easy way to list all the IPs connecting to your postfix server for sending mail. But you can easily extract them from all your postfix logs.

For our example, we will consider the logs from postfix to be as default and located in /var/log/maillog

Here is what a postfix log look like when a connection is received:

For extracting exclusively the IPs, we will use a combination of commands:

  • grep ” connect from ” /var/log/maillog will extract every lines containing a connection attempt
  • cut -d ‘[‘ -f3 |cut -d ‘]’ -f1 will extract the IP from the line (which is contained between [] )
  • sort -u will sort the output by unique values

Here is what we will get as a result once the command is executed (nothing will appear until it finished):

You can obviously re-use this command for any log file that you want to filter out by updating the filtering.

Share...Share on Google+Tweet about this on TwitterShare on RedditShare on LinkedInShare on FacebookEmail this to someone

Comments are closed.

Question ? Contact