On Fri, 14 May 2004 16:24:20 +0200, Jerome Tytgat wrote: > And I like to inform [EMAIL PROTECTED] that "IP" is infected but I'm > must have an accurate information,
Then your really need to analyze the actual mail yourself, not log lines from MIMEDefang or *any* other application. Not only can received lines be faked, they can also be in a number of different (and sometimes conflicting) formats wich makes automagical parsing unreliable. > I've already made a script that > parse MDLOG entries in syslog and tried hard to alert the abuse > email of the range IP, but I realize that they are not so accurate Actually, MIMEDefang's log lines are very accurate, but you were searching for information that MIMEDefang doesn't even know about. /Jonas -- Jonas Eckerman, [EMAIL PROTECTED] http://www.fsdb.org/ _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
