diff --git a/roles/icinga2_master/templates/zones.d/global-templates/commands.conf.j2 b/roles/icinga2_master/templates/zones.d/global-templates/commands.conf.j2
index 6d43a90..476246a 100644
--- a/roles/icinga2_master/templates/zones.d/global-templates/commands.conf.j2
+++ b/roles/icinga2_master/templates/zones.d/global-templates/commands.conf.j2
@@ -5,6 +5,11 @@ object CheckCommand "sudo_pgsql" {
     command = [ "sudo", "-u", "postgres" ] + command
 }
 
+object CheckCommand "sudo_logfiles" {
+    import "logfiles"
+    command = [ "sudo" ] + command
+}
+
 # the original "systemd" CheckCommand uses /check_systemd.py as executable
 object CheckCommand "check_systemd" {
     import "systemd"
diff --git a/roles/mailserver_monitoring/tasks/main.yml b/roles/mailserver_monitoring/tasks/main.yml
index a89fe54..0839938 100644
--- a/roles/mailserver_monitoring/tasks/main.yml
+++ b/roles/mailserver_monitoring/tasks/main.yml
@@ -11,7 +11,7 @@
     mode: 0644
   notify: Reload icinga2 service
 
-- name: Copy sudoers file for nagios as postgres
+- name: Copy sudoers file for nagios as postgres (for check_pgsql)
   become: true
   ansible.builtin.copy:
     content: 'nagios ALL=(postgres) NOPASSWD:/usr/lib/nagios/plugins/check_pgsql'
@@ -20,3 +20,18 @@
     group: root
     mode: 0440
     validate: 'visudo -cf %s'
+
+- name: Install packages
+  become: true
+  ansible.builtin.apt:
+    name: monitoring-plugins-check-logfiles
+
+- name: Copy sudoers file for nagios as root (for check_logfiles)
+  become: true
+  ansible.builtin.copy:
+    content: 'nagios ALL=(root) NOPASSWD:/usr/lib/nagios/plugins/check_logfiles'
+    dest: /etc/sudoers.d/nagios-logfiles
+    owner: root
+    group: root
+    mode: 0440
+    validate: 'visudo -cf %s'
diff --git a/roles/mailserver_monitoring/templates/zones.d/master/services/mailserver.conf.j2 b/roles/mailserver_monitoring/templates/zones.d/master/services/mailserver.conf.j2
index e3ede46..c02ac60 100644
--- a/roles/mailserver_monitoring/templates/zones.d/master/services/mailserver.conf.j2
+++ b/roles/mailserver_monitoring/templates/zones.d/master/services/mailserver.conf.j2
@@ -35,3 +35,15 @@ apply Service "mailserver-pgsql" {
     vars.pgsql_hostname = "/run/postgresql"
     vars.pgsql_database = "mailserver"
 }
+
+apply Service "mail-activity" {
+    import "generic-service"
+    check_command = "sudo_logfiles"
+    check_interval = 30m
+    command_endpoint = host.name
+    assign where host.name == "{{ inventory_hostname }}"
+    vars.logfiles_logfile = "/var/log/mail.log"
+    vars.logfiles_tag = "mail_active"
+    vars.logfiles_rotation = "mail.log.*"
+    vars.logfiles_critical_pattern = "!relay="
+}