Suddently, on my CentOS the Logwatch mails are very big, with huge Postfix “**Unmatched Entries**” section, mostly about messages dropped because they were in RBLs, similar to this:
Service unavailable; Client host [x.x.x.x] blocked using zen.spamhaus.org; ...
My logwatch package is up to date. Problem is – the service and configuration for postfix in that package are not.
You need to update postfix filter portion of logwatch.
It can be updated either from: http://www.mikecappella.com/logwatch or from latest version of logwatch at: www.logwatch.org
For me, the first link was better because it had a fresher scripts. I downloaded the package, and only two files are needed for me (do not install or anything).
Just rename (remove -logwatch part of filename) files
postfix-logwatch postfix-logwatch.conf
to
postfix postfix.conf
and copy them to
/etc/logwatch/scripts/services/postfix (The Logwatch postfix filter)
/etc/logwatch/conf/services/postfix.conf (The Logwatch postfix filter configuration file)
Files at this location will override default values. And this should fix the problem.
But, there was a problem with file services/postfix where I had to remove the first line for logwatch to work. Now, when I execute /etc/cron.daily/0logwatch, I do get an reasonable sized email with email statistics.
Colovic, did you have to remove the first line of the file:
#!/usr/bin/perl -T
or the first instruction in the file:
package Logreporters;
I loaded the scripts into the directories you suggested and I am waiting for the results. Thanks for sharing your solution with the rest of us!
Greg