H all,
I've created a simple SED script that extracts and parses rejected messages from the /var/log/exim/rejectlog
- This is useful after you've followed the following tutorial:
http://www.webhostgear.com/175.html
- This can be used for monitoring and clients can select email From which they would like to whitelist.
You can use the following if you have GNU SED which can parse \n
Additionally if you want email account specific parsing you can do the following
You can then replace "file.name.to.parse" with extract.log
chmod +x the script file and then execute as following
- I guess there are easier ways to do this and i'm open to suggestions. Let me know if anyone gets anything!
RESULT:
From seeing this in your reject log:
2007-01-06 11:37:19 H=088156096067.stk.vectranet.pl [88.156.96.67] F=<[email protected]> rejected RCPT <[email protected]>: Message rejected because 088156096067.stk.vectranet.pl [88.156.96.67] is blacklisted at bl.spamcop.net see Blocked - see http://www.spamcop.net/bl.shtml?88.156.96.67 :
You will now see this:
From: [email protected]
Recipient: [email protected]
Reason: Message rejected because 088156096067.stk.vectranet.pl [88.156.96.67] is blacklisted at bl.spamcop.net see Blocked - see http://www.spamcop.net/bl.shtml?88.156.96.67 :
Side Note: I'm still unable to obtain a linebreak after Reason so that each of the entries are seperated in the final parsed file... (Any suggestions appreciated)
Marko
I've created a simple SED script that extracts and parses rejected messages from the /var/log/exim/rejectlog
- This is useful after you've followed the following tutorial:
http://www.webhostgear.com/175.html
- This can be used for monitoring and clients can select email From which they would like to whitelist.
Code:
#!/bin/sh
# Script to Parse Exim Rejected logs (After already parsing)
#
sed 's/^\([^ ]*\).*F=<\([^>]*\)> rejected RCPT <\([^>]*\)>/Date: \1\
From: \2\
Recipient: \3\
Reason/' file.name.to.parse
Code:
sed 's/^\([^ ]*\).*F=<\([^>]*\)> rejected RCPT <\([^>]*\)>/Date: \1\nFrom: \2\nRecipient: \3\nRejected/' extract.log > final.log
Code:
cat /var/log/exim/rejectlog |grep [email protected] > extract.logchmod +x the script file and then execute as following
Code:
./script > final.logRESULT:
From seeing this in your reject log:
2007-01-06 11:37:19 H=088156096067.stk.vectranet.pl [88.156.96.67] F=<[email protected]> rejected RCPT <[email protected]>: Message rejected because 088156096067.stk.vectranet.pl [88.156.96.67] is blacklisted at bl.spamcop.net see Blocked - see http://www.spamcop.net/bl.shtml?88.156.96.67 :
You will now see this:
From: [email protected]
Recipient: [email protected]
Reason: Message rejected because 088156096067.stk.vectranet.pl [88.156.96.67] is blacklisted at bl.spamcop.net see Blocked - see http://www.spamcop.net/bl.shtml?88.156.96.67 :
Side Note: I'm still unable to obtain a linebreak after Reason so that each of the entries are seperated in the final parsed file... (Any suggestions appreciated)
Marko