How to monitor Postfix queue length using an SNMP monitor

Background

It’s essential to monitor email queues if you’re an Internet service provider or email service provider. Any of your 1000s of email users might have chosen an insecure password meaning that a hacker’s script might come and do a brute force password attack on the email account, and in the process unleash 1000s of messages of even 100 000s of messages meaning your email server will be blacklisted. Although it’s recoverable, the quicker you find the problem, the easier it will be to solve. If you leave the problem for more than a few days, you might end up spending days, weeks, and sometimes even months fixing the problem. The fact of the matter is once you have been banned by a couple of high profile spam detection services, delisting is an incredibly hard and arduous process.

Queue monitoring using Postfix and PRTG /  Custom OID Sensors

Postfix is a really popular MTA and often used to send emails. This article covers a method for monitoring the Postfix queue. There are other methods as well, but this method is really straightforward and works if you have also have PRTG installed. The article is the work of a forum contributor at PRTG with some small modifications. If you are not using PRTG as your monitoring software, any SNMP monitoring system normally allows custom OIDs and so you should be okay to proceed.

The Script

cat /etc/postfix/snmp_monitor_postqueue.sh

#!/bin/bash
# 20.06.2011 - JJaritsch @ ANEXIA Internetdienstleistungs GmbH
# jj @ anexia.at

queuelength=`/usr/sbin/postqueue -p | tail -n1 | awk '{print $5}'`
queuecount=`echo $queuelength | grep "[0-9]"`

if [ "$queuecount" == "" ]; then
        echo 0;
else
        echo ${queuelength};
fi
exit 35

Change owner, assign correct permissions, and make executable:

chown postfix:postfix /etc/postfix/snmp_monitor_postqueue.sh
chmod 755 /etc/postfix/snmp_monitor_postqueue.sh
chmod +x /etc/postfix/snmp_monitor_postqueue.sh

Append to /etc/snmp/snmpd.conf  the command below:

Older version (still has /usr/bin/sudo prepended):

echo "exec postqueue /usr/bin/sudo /etc/postfix/snmp_monitor_postqueue.sh" >> /etc/snmp/snmpd.conf

Newer version:

echo "exec postqueue /etc/postfix/snmp_monitor_postqueue.sh" >> /etc/snmp/snmpd.conf

Append to /etc/sudoers the configuration below:

echo "snmp ALL=(ALL) NOPASSWD: /etc/postfix/snmp_monitor_postqueue.sh" >> /etc/sudoers

Restart service

service snmpd restart

SNMP Management System

In PRTG / Add Sensor / SNMP Custom

.1.3.6.1.4.1.2021.8.1.101.1

Testing

To test from the command line:

# snmpwalk -c secret_community -v 2c localhost 1.3.6.1.4.1.2021.8.1.101.1
UCD-SNMP-MIB::extOutput.1 = STRING: 20

Troubleshooting

snmpwalk not working

  • Check the community name
  • If you have IP protection you should have two entries:
# cat /etc/snmp/snmpd.conf
rocommunity secret 1.2.3.4
rocommunity secret 127.0.0.1
exec postqueue /etc/postfix/snmp_monitor_postqueue.sh

SNMP Exception

or

No Such Instance currently exists at this OID

or

# snmpwalk -c public -v 2c localhost .1.3.6.1.4.1.2021.8.1.101.1
iso.3.6.1.4.1.2021.8.1.101.1 = No Such Instance currently exists at this OID
Something is wrong. Check everything.

sudo: a terminal is required to read the password; either use the -S option to read from standard input or configure an askpass helper

Try removing sudo from the exec command.

snmpwalk: command not found

If you get `snmpwalk: command not found`, then on CentOS do this:

yum install net-snmp-utils -y

See also

References

Share this article

Leave a Reply

Your email address will not be published. Required fields are marked *