[Mimedefang] Using graphdefang
Stefano McGhee
SMcGhee at ARCweb.com
Thu Jan 2 14:53:01 EST 2003
Hello,
Oh, didn't know that. I imagine you're separating it to make it
easier to see and process. Anyway, I'm no perl expert, but perhaps you
are. The graphdefanglib.pl file says it looks for lines in the file of
your choosing ;) that look like this in the beginning:
Sep 28 21:55:50 westover mimedefang.pl[16803]:
MDLOG,g8T2th86016917,mail_out...etc, etc.
With this regex
if (/^(\S+\s+\d+\s+\d+:\d+:\d+) (\S+ \S+\[\d+\]):
MDLOG,(\S+?),(\S+?),(\S*?),(\S*?),(.*?),(.*?),(.*)$/ ) { # then it a good
line and lets use it
It may be that the extra data in your line, namely:
[ID 702911 local5.info]
Might be confusing it. Again, a perl regex person could tell you
definitively. However that's my best stab at it :)
Cheers,
Stefano
> > You probably want to point it to /var/log/maillog. That's where
> Well I've defined in my mimedefang-filter to use
> /var/log/mimedefang so I
> Jan 2 14:17:31 mail.mydomain.tld mimedefang.pl[1322]: [ID 702911
> local5.info]
> MDLOG,h02DHJLW001360,virus,Eicar-Test-Signature,192.168.0.2,<m
> e at mydomain.tld>,<client at anotherdomain.tld>,virus
> testing
More information about the MIMEDefang
mailing list