Robin Bowes wrote:
.............
Actually, I might as well post it now. this is jsut the hook_deny sub:
sub hook_deny { # dlog
my ( $self, $transaction, $prev_hook, $return, $return_text ) = @_;
# mail sender (if present)
my $sender = '';
if ( defined( $transaction->sender ) ) {
$sender = $transaction->sender->format;
}
# mail recipients, if any
my $recipients = '';
if ( defined( $transaction->recipients ) ) {
my $recipients = join ';', $transaction->recipients;
}
# message size, if > 0
my $mail_size = $transaction->body_size || 0;
# relay client?
my $relay_client = (
( $transaction->{_relaying} || defined( $ENV{RELAYCLIENT} ) )
? 'yes'
: 'no'
);
# auth method, if any
my $auth_method = $self->qp->connection->notes('authmethod') || '';
# authenticated user, if any
my $auth_user = $self->qp->connection->notes('authuser') || '';
# PID: ${$}
# Plugin: $prev_hook
# Denial Code: $return
# Denial Text $return_text
# Sender: $sender
# Recipients: $recipients
# Message size: $mail_size
# Remote Host: $self->qp->connection->remote_host
# Remote IP: $self->qp->connection->remote_ip
# Relay Client: $relay_client
# Auth method: $auth_method
# Auth user: $auth_user;
warn( $self->{_rejectprefix} . ' ' .
join ",",
${$},
$prev_hook,
$return,
$return_text,
$sender,
$recipients,
$mail_size,
$self->qp->connection->remote_host,
$self->qp->connection->remote_ip,
$relay_client,
$auth_method,
$auth_user
. "\n"
);
$self->{_denied} = 1;
}
Fairly simple stuff, really.
All thoughts appreciated.
R.
After John Peacock explained that multilog("man multilog")
will run any designated script when it rotates "current" into
saved(@*.s) log files, at a threshold size of "current" which
is also configurable in log/run, and keeping a configurable
number of saved(@*.s) log files.
I wrote a script to echo back the input of "current", then
fork a process and return to multilog. The background
process then filters all of the saved(@*.s) log files and
outputs one csv("comma separated value") file. At loglevel
3 it can grep mx host and ip, from and to addresses, but
needs loglevel 7 to pick up message id and the name of
a denying plugin.
It could read up ./log/env files to see if it ought to add
custom fields beyond these--
human readable date and time,
"Q" for successful delivery OR name or denying plugin,
remote host,
remote ip,
from address,
to address,
message id
so that's a default of six columns "x,x,x,x,x,x" per line. I'll
work on grepping those others.
Next, I'd like to replace "Q" with "dspam" if the message id
greps out to a Spam classification, or a user-directed
re-classification to Spam, in dspam's log or quarantine.
That's why I'm defaulting to message id, not pid.
Then do the stats and serve 3d charting on a website. Or
you could have a spreadsheet do the stats and run a chart
program. Or you could find out why good mail bounced by
reading the csv file! Find bad subnets, bad from address
domains, bad ip's, bad address, bad host, bad host domain,
worst times of bad hair day, bad in what sense(sent to
non-existent address, or bad protocol).
-Bob
