[Logwatch-Devel] how to match milter logs?

Greg Matthews gmatt at nerc.ac.uk
Tue Dec 6 07:30:33 MST 2005

I've been reading the docs and trying to make alterations to the
sendmail script/config as suggested by Bjorn. I'd like to catch
milter-ahead lines of the type:

Milter: to=<foo at bar.com>, reject=550 5.7.1 User unknown: 71 Time(s)

and I'm trying to do it the recommended way using a customised
sendmail.conf in /etc/logwatch/conf/services/ but I'd appreciate some
help. The following does not seem to work for me:

$Sendmail_MatchFilter = " \
   if ( ($User) = ($ThisLine =~ /Milter: to=<(\S+)>, reject=.+/ ) ) { \
      $UnknownUsersCheckRcpt{$User}{$QueueID}++ \
      $Msgs{$QueueID}{"BadRCPT"}++ \

Greg Matthews           01491 692445
Head of UNIX/Linux, iTSS Wallingford

More information about the Logwatch-Devel mailing list