mreport(8)mreport(8)NAMEmreport - Maillog Report Generation Utility
SYNOPSISmreport [options]
-f | -t Summarise by from or to
-i <input file> Mail Log File (default: /var/log/maillog)
-o <output file> Output File (default: stdout)
-d <domain> Append <domain> to addresses without one
-p <string> Only addresses with <string>
-l <string> Only addresses with <string> in domain
-x <string> Exclude addresses containing <string>
-r Order by number of messages, not by size
-e Order by email address
-b <number> Flag messages greater than <number> bytes
-n <number> Nice (priority)
-m <number> Show only <number> records
-s Short form (Statistics only)
-a Show error summary
-y Don't show summary information
-v Version
-h Help
DESCRIPTIONmreport reads the specified input file (default is /var/log/maillog),
and writes a report of mail usage to the output file (default stdout).
Usage can be summarised by size, number of email messages, or by email
addresses. At present, mreport only works with sendmail logfiles.
-f
Group information by the "from=" flag. Can't be used with -t.
-t
Group information by the "to=" flag. Can't be used with -f.
-i <input file>
Read <input file> as the maillog. Default is /var/log/maillog.
-o <output file>
Write output to <output file>. Default is to stdout.
-d <domain>
If an email record doesn't have a domain suffix, append this suffix to
the record. Example: mreport-d my.domain.com will result in all
records for joe@my.domain.com and for joe being grouped together under
joe@my.domain.com. An exception to this is records which include a
'|' character, which won't have the domain appended to them.
-p <string>
Only include records which have <string> in the email address.
-l <string>
Only include records which have <string> in the domain part of the
email address (after the @).
-x <string>
Exclude any records which contain <string> in the email address.
-r
Sort the report by number of emails, not by size (default).
-e
Sort the report by email address, not by size (default).
-b <number>
Flag records which are greater than this size in bytes. The record
will have a '*' prepended to it. Default is 500 000 bytes.
-n <number>
Set the priority of the process to <number>. Only root can set a nega‐
tive priority. Numbers should be between -20 and 20.
-m <number>
Show only the first <number> of records.
-s
Show only statistical information. This will exclude summaries and
only output number of emails, sizes and email addresses.
-a
Show an error summary.
-y
Suppress summary information.
-v
Version information.
-h
Help
OUTPUT FORMAT
Without arguments, mreport will read /var/log/maillog, and produce
ouput similar to the following:
* [ 85] 15345069 micky@domain.com mark@ourcompany.com
* [ 92] 755031 jo@otherplace.com soap@ourcompany.com
[ 31] 493201 blue@red.com mark@ourcompany.com
.
.
The '*' in the first column indicates that the number of emails
from micky@domain.com to mark@ourcompany.com totalled more than
500 000 bytes (or greater than the number of bytes used with the
-b flag). The second column indicates the number of emails, the
third their total size, the next column is who the email is from
and the final column is who it is to.
If used with the -f flag, only one column of email addresses
will be shown, which will be the summary of the 'from='
addresses. Similarly, if -t is used, only 'to=' summaries will be
shown.
The last part of the output will summarise the following fields, unless
the -y flag is used:
Total Bytes :
Number of Records :
---------------------
Deferred Messages :
Host Unknown :
User Unknown :
Premature EOM Error :
I/O Error :
Service Unavailable :
We Don't Relay :
---------------------
Host Name :
Input File :
Output File :
First Record :
Last Record :
---------------------
Time Taken :
EXAMPLESmreport-i /var/log/maillog.2
Use /var/log/maillog.2 as the input file.
mreport-o /home/jason/maillog.output
Write output to /home/jason/maillog.output.
mreport-f -b 1000000 -p elvis
Summarise mail 'from', flag records greater than 1 Mb, only
include records which contain 'elvis' in the 'from' email
address.
mreport-t -d datrix.co.za -l datrix.co.za -e -y
Summarise mail 'to', and use the domain suffix datrix.co.za if
the email address does not contain one. Only include records
where the domain section of the 'to' address contains the string
´datrix.co.za´. The -d option is used before the string selec‐
tion. Sort the output by email address. Don't include a sum‐
mary.
mreport-f -x lists.domain.com -r -s -m 10 -i /var/log/maillog.1
Summarise by 'from', exclude 'from' email addresses containing
´lists.domain.com´. Sort by number of messages and produce out‐
put in summarised form. Show only the first ten records. Use
/var/log/maillog.1 as the input file.
ASSUMPTIONSmreport makes some assumptions about the format of the sendmail log
file. Among these are:
1. The first sixteen bytes of each line are the date:
[Dec 5 02:08:49 ]
2. The ID number of the message is placed before the from= field,
and is delineated by colons:
[: CAA04848: from=root,]
3. The to= field ends with a comma, though it tries to handle cases
where this doesn't occur. The end of this field is tested for by
looking for a delay= or a ctladdr= string.
NOTES
1. mreport can be used with the logrotate(8) program to produce
output every time the maillog is rotated. Use within the pre‐
rotate / endscript directives, and pipe the ouput to mail(1).
prerotate
mreport-f | mail -s "[MREPORT] From" root
mreport-t | mail -s "[MREPORT] To" root
endscript
AUTHOR
Jason Armstrong <jason@datrix.co.za>
January 18, 2000 mreport(8)