>Can you send me 4tuple
at end of smtpd_recipient_restriions =
warn_if_reject check_helo_access pcre:/etc/postfix/helo_world.regexp,
permit
the file contains:
/.*/ 554 4tuple_capturing_of_non-rejected_message
here are two reports for it:
/usr/local/bin/4tuple_unk.sh
#! /bin/sh
DATENOW=`date "+%y%m%d_%H%M"`
WORKPATH="/var/tmp"
TAG="4tuple_unk"
MAILTO="[EMAIL PROTECTED]"
egrep -i "4tuple" /var/log/maillog |\
egrep -i "from unknown\[" |\
awk '{print $10, $(NF-3), $(NF-2), $NF}' |\
sort -t[ -k2 \
> /var/tmp/$TAG.rpt
exit 0
/usr/bin/zip $WORKPATH/$TAG_$DATENOW.zip $WORKPATH/$TAG.rpt
for m in $MAILTO ; do
/usr/bin/mpack -s "`hostname` $TAG Report" $WORKPATH/$TAG_$DATENOW.zip $m
done
rm $WORKPATH/$TAG_$DATENOW.zip
exit 0
and
/usr/local/bin/4tuple_ptr.sh
#! /bin/sh
DATENOW=`date "+%y%m%d_%H%M"`
WORKPATH="/var/tmp"
TAG="4tuple_ptr"
MAILTO="[EMAIL PROTECTED]"
egrep -i "4tuple" /var/log/maillog |\
egrep -iv "from unknown\[" |\
awk '{print $10, $(NF-3), $(NF-2), $NF}' |\
sort -t[ -k2 \
> /var/tmp/$TAG.rpt
exit 0
/usr/bin/zip $WORKPATH/$TAG_$DATENOW.zip $WORKPATH/$TAG.rpt
for m in $MAILTO ; do
/usr/bin/mpack -s "`hostname` $TAG Report" $WORKPATH/$TAG_$DATENOW.zip $m
done
rm $WORKPATH/$TAG_$DATENOW.zip
exit 0
