Re: spamd

Daniel Hartmeier Sat, 15 Mar 2003 07:58:46 -0800

On Sat, Mar 15, 2003 at 10:43:07AM -0500, Michael Anuzis wrote:

> Any advice on how to get syslogd working with spamd? Do I have it set up
> correctly and I'm just not catching anything or ..?


I'm running spamd with the small patch below and have in /etc/syslog.conf

!spamd
*.warn              /var/log/spamd

which produces logs like

Mar 10 01:18:04 insomnia spamd[30793]: listening for incoming connections.
Mar 15 02:27:45 insomnia spamd[30793]: 216.228.41.28: <[EMAIL PROTECTED]> -> <[EMAIL 
PROTECTED]>
Mar 15 02:30:08 insomnia spamd[30793]: 216.228.41.28 connected for 424 seconds.

And I get about a dozen hits per hour, mostly due to some poor spammers
that try to deliver for several days ;>

Daniel


Index: spamd.c
===================================================================
RCS file: /cvs/src/libexec/spamd/spamd.c,v
retrieving revision 1.25
diff -u -r1.25 spamd.c
--- spamd.c     13 Mar 2003 21:20:42 -0000      1.25
+++ spamd.c     15 Mar 2003 15:46:54 -0000
@@ -510,12 +510,13 @@
 void
 closecon(struct con *cp)
 {
-       if (debug > 0) {
-               time_t t;
+       time_t t;
 
-               time(&t);
+       time(&t);
+       syslog_r(LOG_WARNING, &sdata, "%s connected for %d seconds.",
+           cp->addr, t - cp->s);
+       if (debug > 0)
                printf("%s connected for %d seconds.\n", cp->addr, t - cp->s);
-       }
        if (cp->osize > 0 && cp->obufalloc) {
                free(cp->obuf);
                cp->obuf = NULL;
@@ -609,7 +610,7 @@
 
        spam:
        case 50:
-               syslog_r(LOG_INFO, &sdata, "%s: %s -> %s",
+               syslog_r(LOG_WARNING, &sdata, "%s: %s -> %s",
                    cp->addr, cp->mail, cp->rcpt);
                doreply(cp);
                cp->op = cp->obuf;
@@ -830,6 +831,7 @@
                        err(1, "fork");
        } else
                printf("listening for incoming connections.\n");
+       syslog_r(LOG_WARNING, &sdata, "listening for incoming connections.");
 
        while (1) {
                struct timeval tv, *tvp;

Re: spamd

Reply via email to