Lightweight Postfix authentication watchdog - Monitor failed SASL attempts, get daily email reports, export to database.
- π― What it does
- π Prerequisites
- β‘ Quick Start
- π Sample Output
- π£ Basic Commands
- π Documentation
- π€ Contributing
- β Roadmap
- π License
- π Support
MailLogSentinel monitors your Postfix server for authentication failures in real-time:
- π Tracks failed login attempts with IP geolocation
- π§ Sends daily email summaries with top offenders
- πΎ Stores events in CSV (+ optional SQL export)
- π Runs as lightweight systemd service
Perfect for small to medium mail servers wanting simple, effective monitoring without complex SIEM solutions.
- Linux with systemd and syslog
- Python 3.10+
- Postfix with SASL authentication
sudoaccess for installation
git clone https://github.com/monozoide/MailLogSentinel.git
cd MailLogSentinel
# Install scripts and libraries
chmod +x bin/*.py && chmod +x lib/maillogsentinel/*.py
sudo cp bin/*.py /usr/local/bin/
sudo cp -r lib/maillogsentinel /usr/local/lib/sudo python3 /usr/local/bin/maillogsentinel.py --setup --interactiveThe setup wizard will:
- β Configure paths and email settings
- β Install systemd services
- β Set up daily reporting schedule
- β Initialize geolocation databases
# Check service status
systemctl status maillogsentinel.service
# View live logs
journalctl -fu maillogsentinel.servicepython3 /usr/local/bin/maillogsentinel.py
```bash
### 5. Test email report manually
```bash
python3 /usr/local/bin/maillogsentinel.py --report| Command | Description |
|---|---|
maillogsentinel --report |
Send email report now |
maillogsentinel --reset |
Archive data & restart monitoring |
maillogsentinel --version |
Show version |
maillogsentinel --help |
Show all options |
- Installation Guide - Detailed setup instructions
- Configuration - All config options explained
- Advanced Features - SQL export, log anonymization, custom reports
- Troubleshooting - Common issues and solutions
- API Documentation - For developers
- FAQ - Answers for installation, configuration, usage, troubleshooting, integrations, security, and development.
- Manual pages:
maillogsentinel(8)β overview, usage, options, diagnostics, security notes.ipinfo(1)β command reference and examples.log_anonymizer(1)β usage for redacting sensitive data in logs.
Contributions welcome! Please check our Contributing Guide.
Caution
The use of AI tools is permitted, provided that the contributor uses them in a reasonable manner.
You can follow the MailLogSentinel roadmap on the project page: MailLogSentinel Roadmap
GNU GPL v3 - See LICENSE file.
If you find this useful, consider supporting development:
30% of donations are redistributed to other open source projects.
Quick Links: Issues Β· Wiki Β· Releases
We have no right to believe that freedom can be won without a struggle.
Che Guevara