Hi, sorry about the confusion, this is the right patch:
Regards, Paul > On 23. Apr 2018, at 11:58, Paul Hecker <[email protected]> wrote: > > Hi, > >> On 19. Apr 2018, at 19:09, Jeremy Harris via Exim-users <[email protected] >> <mailto:[email protected]>> wrote: >> >> On 19/04/18 16:38, Paul Hecker via Exim-users wrote: >>> Hi Jeremy, >>> >>> >>>> On 19. Apr 2018, at 17:23, Jeremy Harris via Exim-users >>>> <[email protected] <mailto:[email protected]>> wrote: >>>> >>>> On 19/04/18 15:59, Paul Hecker via Exim-users wrote: >>>>> it seems that the eximstats script is not up to date with the current >>>>> logging of Exim 4.91. In my case it does not catch temporary rejects (for >>>>> grey listing) of the following form >>>>> >>>>> 2018-04-19 14:38:21 1f9AYC-0000P7-Ev H=from.mail.example.com >>>>> <http://from.mail.example.com/> [123.128.22.119] >>>>> X=TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256 CV=no F=<[email protected] >>>>> <mailto:[email protected]>> temporarily rejected after DATA: Please try again >>>>> later >>>> >>>> I don't see the words "Please try" (with the capital) nor >>>> "again later" in the source code. This might be your >>>> configuration. >>> >>> its the word “after” before “DATA” that breaks the regex. The rest of the >>> logging (in my case “Please try again later”) does not matter. >>> >> >> >> Hmm. Do you use cutthrough routing? There's a "after" in that path. > > no, I do not use cutthrough routing. But I have found the source, where the > “after” is added to the log. It's in smtp_handle_acl_fail() (smtp_in.c:3175). > > After some more investigation, the regex should catch the following log lines: > > 2018-04-19 14:38:21 1f9AYC-0000P7-Ev H=from.mail.example.com > <http://from.mail.example.com/> [123.128.22.119] > X=TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256 CV=no F=<[email protected] > <mailto:[email protected]>> temporarily rejected during MIME ACL checks: Please try > again later > 2018-04-19 14:38:21 1f9AYC-0000P7-Ev H=from.mail.example.com > <http://from.mail.example.com/> [123.128.22.119] > X=TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256 CV=no F=<[email protected] > <mailto:[email protected]>> temporarily rejected DATA: Please try again later > 2018-04-19 14:38:21 1f9AYC-0000P7-Ev H=from.mail.example.com > <http://from.mail.example.com/> [123.128.22.119] > X=TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256 CV=no F=<[email protected] > <mailto:[email protected]>> temporarily rejected after DATA: Please try again later > 2018-04-19 14:38:21 1f9AYC-0000P7-Ev H=from.mail.example.com > <http://from.mail.example.com/> [123.128.22.119] > X=TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256 CV=no F=<[email protected] > <mailto:[email protected]>> temporarily rejected after DATA PRDR: Please try again > later > > I have improved the code so that all these cases are caught. See the attached > patch. > >> >> The larger picture is: log-parsing is fragile. The Exim log is >> intended for humans, not for automatic parsing. The eximstats >> script, or any other parsing, is pretty much certain to get >> out-of-date; the logging is not regarded as a stable interface. >> >> You'd be better-off writing stats into a database with explicit >> ACL actions. > > I see. I just use the script for some minor monitoring (ACL and DB would be a > bit over the top for my case). > > You can decide whether you want to apply my patch or not. At least it is > working for me again ;-) > >> -- >> Cheers, >> Jeremy > > Thanks, > Paul > > <eximstats.patch> > >> >> >> >> -- >> ## List details at https://lists.exim.org/mailman/listinfo/exim-users >> <https://lists.exim.org/mailman/listinfo/exim-users> >> ## Exim details at http://www.exim.org/ <http://www.exim.org/> >> ## Please use the Wiki with this list - http://wiki.exim.org/ >> <http://wiki.exim.org/>
smime.p7s
Description: S/MIME cryptographic signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
