[Mimedefang] logwatch and sendmail/mimedefang logs

Troy Carpenter troy at carpenter.cx
Sat Sep 28 16:35:01 EDT 2002 

I have heavily modified the logwatch script.  The first modification was
to only count messages that actually have nrcpts>0.  Secondly, since I
use this only at home, and not as an outgoing mail server (well, not
much outgoing mail), I break out the email addresses to see who is
getting mail.  Finally, I extended the blackhole tracking, which is what
I am most interested in  Most everything is already built into the
sendmail script for logwatch.  I don't do anything with mimedefang logs.
Here's a sample output:

 --------------------- sendmail Begin ------------------------ 

299930 bytes transferred
24 messages sent
     2	: machine-registration at counter.li.org
     11	: laura at carpenter.cx
     11	: troy at carpenter.cx
2 messages marked as SPAM

Unknown users:
    david at carpenter.cx: 1 Time(s)


Blackhole List Hits:
    relays.ordb.org.: 4 Time(s)
    relays.osirusoft.com.: 7 Time(s)
    spamcop.net.: 1 Time(s)
    list.dsbl.org.: 1 Time(s)

Blackhole Data:
    From [200.208.220.194] by relays.osirusoft.com.: 1 Time(s)
    From [211.138.91.30] by relays.osirusoft.com.: 1 Time(s)
    From c143.h061016100.is.net.tw by spamcop.net.: 1 Time(s)
    From dsl-gte-kh13508-1.linkline.com by relays.ordb.org.: 1 Time(s)
    From h-66-166-56-163.CMBRMAOR.covad.net by relays.osirusoft.com.: 1
Time(s)
    From mail17.dont-miss-this-deal.com by relays.osirusoft.com.: 1
Time(s)
    From obd115.offer888.net by relays.osirusoft.com.: 1 Time(s)
    From ATuileries-102-1-1-8.abo.wanadoo.fr by list.dsbl.org.: 1
Time(s)
    From [200.56.243.4] by relays.ordb.org.: 1 Time(s)
    From [202.120.189.138] by relays.ordb.org.: 1 Time(s)
    From [205.244.69.156] by relays.osirusoft.com.: 1 Time(s)
    From [65.220.189.58] by relays.ordb.org.: 1 Time(s)
    From po80.knurow.sdi.tpnet.pl by relays.osirusoft.com.: 1 Time(s)

Unresolveable or non-existent domains:
    Playpools at e54.org: (does not resolve): 1 Time(s)

**Unmatched Entries**
   ruleset=check_rcpt, arg1=<carpenter-d at carpenter.cx>,
relay=viking.sophos.com [194.203.134.132], discard: 1 Time(s)

 ---------------------- sendmail End ------------------------- 

Send me a private email if you would like my version of the logwatch
sendmail script.

Troy Carpenter
troy at carpenter.cx

-----Original Message-----
   6. logwatch and sendmail/mimedefang logs (Tony Nugent)
Message: 6
To: mimedefang at lists.roaringpenguin.com
Organization: LinuxWorks for NetworksGrowZone OnLine
Date: Sat, 28 Sep 2002 23:46:43 +1000
From: Tony Nugent <tony at linuxworks.com.au>
Subject: [Mimedefang] logwatch and sendmail/mimedefang logs
Reply-To: mimedefang at lists.roaringpenguin.com

I'm wondering if anyone here has done anything with the logwatch utility
to produce summaries of mimedefang activity.  I use calls to
syslog() in my filter to log spam, viruses and so on.  Logwatch seems to
be an easy way to produce nice activity report summaries as a daily
administative email.

If anyone has done anything with it, can you share what you may have
done?  I'm doing things with it myself (rh7.3 box), and I'd be
interested in other's ideas.  And it would seem silly for me to
re-invent the wheel :)

Thanks.

Cheers
Tony

More information about the MIMEDefang mailing list