[Logwatch] sendmail logwatcher additions for MIMEdefang (fwd)

Kenneth Porter shiva@sewingwitch.com
Fri, 18 Apr 2003 00:08:53 -0700


[Forwarded to logwatch list.]

This looks handy if you run milters from sendmail such as MIMEdefang or
SpamAssassin.

------------ Forwarded Message ------------
Date: Thursday, April 17, 2003 11:16 PM -0700
From: Jeffrey Goldberg <jeffrey@goldmark.org>
To: Kenneth Porter <shiva@well.com>
Cc: horshack@lisa.franken.de
Subject: sendmail logwatcher additions for MIMEdefang

Below is a diff to

  etc/log.d/scripts/services/sendmail

which I made to count various mimedefang/Milter messages.

whether enough people use mimedefang for this to be generally useful is
anybody's guess.  But I'm sending this to you.  The bulk of unknown
sendmail lines in the logs I'm dealing with get covered by this.
Otherwise the "unmatched entries" are overwhelming.

This is in addition to the modifications recommended at

  http://lena.franken.de/linux/sysadmin.html

for filtering some MIMEdefang log lines.

-j

-- 
Jeffrey Goldberg                            http://www.goldmark.org/jeff/
 Relativism is the triumph of authority over truth, convention over justice
 Hate spam?  Boycott MCI! http://www.goldmark.org/jeff/anti-spam/mci/


*** sendmail	2003/04/18 05:10:34	1.1
--- sendmail	2003/04/18 05:49:06
***************
*** 74,79 ****
--- 74,95 ----
      elsif ( $ThisLine =~ m/^[a-zA-Z0-9]+: [a-zA-Z0-9]+: return to sender:
Warning: could not send message for past 4 hours/ ) {
$FourHourReturns++;
      }
+
+ # deal with Milter stuff
+     elsif ( ($Changedhdr) =
+        ($ThisLine =~ /^[a-zA-Z0-9]+: Milter change: header\s+(\S+):/ ) ) {
+         $MilterHeadChange{$Changedhdr}++;
+     }
+     elsif ( ($Deletedhdr) =
+        ($ThisLine =~ /^[a-zA-Z0-9]+: Milter delete: header\s+(\S+):/ ) ) {
+         $MilterHeadDelete{$Deletedhdr}++;
+     }
+     elsif ( ($MiltMess) =
+        ($ThisLine =~ /^[a-zA-Z0-9]+: Milter message:\s+(.*)$/ ) ) {
+         $MilterMessage{$MiltMess}++;
+     }
+
+
      else {
  	# Report any unmatched entries...
  	push @OtherList,$ThisLine;
***************
*** 86,92 ****
      (keys %UnknownUsers) or
      (keys %RelayDenied) or
      (keys %AuthWarns) or
!     (keys %ForwardErrors)) {
      print "\n\n --------------------- sendmail Begin
------------------------ ";

      if($MsgsSent > 0) {
--- 102,111 ----
      (keys %UnknownUsers) or
      (keys %RelayDenied) or
      (keys %AuthWarns) or
!     (keys %ForwardErrors) or
!     (keys %MilterHeadChange) or
!     (keys %MilterHeadDelete) or
!     (keys %MilterMessage)) {
      print "\n\n --------------------- sendmail Begin
------------------------ ";

      if($MsgsSent > 0) {
***************
*** 126,131 ****
--- 145,171 ----
  	}
      }

+     if (keys %MilterHeadChange) {
+ 	print "\n\nMilter header changes:\n";
+ 	foreach $ThisOne (keys %MilterHeadChange) {
+ 	    print "    " . $ThisOne . ": " . $MilterHeadChange{$ThisOne} . "
Times(s)\n"; + 	}
+     }
+
+     if (keys %MilterHeadDelete) {
+ 	print "\n\nMilter header deletions:\n";
+ 	foreach $ThisOne (keys %MilterHeadDelete) {
+ 	    print "    " . $ThisOne . ": " . $MilterHeadDelete{$ThisOne} . "
Times(s)\n"; + 	}
+     }
+
+     if (keys %MilterMessage) {
+ 	print "\n\nMilter messages:\n";
+ 	foreach $ThisOne (keys %MilterMessage) {
+ 	    print "    " . $ThisOne . ": " . $MilterMessage{$ThisOne} . "
Times(s)\n"; + 	}
+     }
+
      if ($#OtherList >= 0) {
  	print "\n\n**Unmatched Entries**\n\n";
  	print @OtherList;

---------- End Forwarded Message ----------