cschantz/Linux-Server-Management-Toolkit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix email diagnostics to search multiple log files for comprehensive results

Browse Source 
The script now searches:
- /var/log/exim_mainlog (Exim delivery logs)
- /var/log/maillog (Dovecot auth + delivery)
- /var/log/messages (fallback)

This fixes the issue where only auth logs were found but actual
email deliveries were missed because they were in different log files.
Now properly separates delivery events from authentication events
across all log sources.
This commit is contained in:
cschantz
2025-12-31 19:09:10 -05:00
parent 1127888a66
commit d2e5d3f940
1 changed files with 25 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/email/email-diagnostics.sh
+25 -7
View File
@@ -90,16 +90,34 @@ fi
TEMP_MATCHES="/tmp/email_diag_$$.txt"
TEMP_AUTH="/tmp/email_auth_$$.txt"
TEMP_ALL="/tmp/email_all_$$.txt"
# Get ALL matches for this email/domain
grep -i "$search_pattern" "$MAIL_LOG" > "$TEMP_MATCHES" 2>/dev/null
# Search multiple log files for comprehensive results
# Check Exim logs (email delivery)
if [ -f "/var/log/exim_mainlog" ]; then
grep -i "$search_pattern" /var/log/exim_mainlog >> "$TEMP_ALL" 2>/dev/null || true
fi
# Check maillog (Dovecot auth + some delivery)
if [ -f "/var/log/maillog" ]; then
grep -i "$search_pattern" /var/log/maillog >> "$TEMP_ALL" 2>/dev/null || true
fi
# Check messages log (fallback)
if [ -f "/var/log/messages" ]; then
grep -i "$search_pattern" /var/log/messages >> "$TEMP_ALL" 2>/dev/null || true
fi
# If we found nothing, fall back to the detected mail log
if [ ! -s "$TEMP_ALL" ]; then
grep -i "$search_pattern" "$MAIL_LOG" > "$TEMP_ALL" 2>/dev/null || true
fi
# Separate authentication events (IMAP/POP3 logins)
grep -E "imap-login|pop3-login|dovecot.*Login|Logged in|Disconnected" "$TEMP_MATCHES" > "$TEMP_AUTH" 2>/dev/null || true
grep -E "imap-login|pop3-login|dovecot.*Login|Logged in|Disconnected" "$TEMP_ALL" > "$TEMP_AUTH" 2>/dev/null || true
# Get only email delivery events (exclude auth logs)
grep -v "imap-login\|pop3-login\|dovecot.*Login\|Logged in\|Disconnected" "$TEMP_MATCHES" > "$TEMP_MATCHES.delivery" 2>/dev/null || true
mv "$TEMP_MATCHES.delivery" "$TEMP_MATCHES"
grep -v "imap-login\|pop3-login\|dovecot.*Login\|Logged in\|Disconnected" "$TEMP_ALL" > "$TEMP_MATCHES" 2>/dev/null || true
if [ ! -s "$TEMP_MATCHES" ]; then
print_error "NO EMAIL ACTIVITY FOUND for $check_label"
@@ -124,7 +142,7 @@ if [ ! -s "$TEMP_MATCHES" ]; then
fi
fi
rm -f "$TEMP_MATCHES"
rm -f "$TEMP_MATCHES" "$TEMP_AUTH" "$TEMP_ALL"
exit 0
fi
@@ -633,4 +651,4 @@ print_info "Full log saved to: $REPORT_FILE"
echo ""
# Cleanup
rm -f "$TEMP_MATCHES" "$TEMP_AUTH"
rm -f "$TEMP_MATCHES" "$TEMP_AUTH" "$TEMP_ALL"