We have worked with logs from the Apache HTTP web server. The reality is that we can apply the same ideals and methodology to any log file. We will take a look at Postfix mail logs. The mail log holds all activity from the SMTP server and we can then see who has been sending e-mails to whom. The log file is usually located at /var/log/mail.log. I will access this on my Ubuntu 15.10 server that has a local e-mail delivery. All this means is that the STMP server is listening only to the localhost interface of 127.0.0.1.

The log format will change a little depending on the type of message. For example, $7 will contain from logs on outbound message, whereas inbound messages will contain to.

If we want to list all the inbound ...