[Mimedefang] Logs
Joseph Brennan
brennan at columbia.edu
Tue May 8 11:12:25 EDT 2007
--On Tuesday, May 8, 2007 10:46 -0400 Daniel Aquino
<mr.danielaquino at gmail.com> wrote:
> But how do I know what steps caused mimdefang to detect is as spam?
>
> And why was it still sent off to the mta ?
. . .
> ==============================
>
> May 8 10:27:00 localhost mimedefang.pl[23993]:
> DLOG,l48ER0oV024089,spam,12.665,127.0.0.1,<winninginfo at yahoo.com>,<daquin
> o>,RE
> : AWARD NOTIFICATION FINAL NOTICE
>
> May 8 10:27:00 localhost sm-mta[24092]: l48ER0oV024089: to=<daquino>,
> delay=00:00:00, xdelay=00:00:00, mailer=esmtp, pri=124281,
> relay=[10.1.1.20] [10.1.1.20], dsn=2.0.0, stat=Sent (
> <200705081427.l48ER0oV024089> Queued mail for delivery)
Tell mimedefang what you want to do. Assuming you do this:
my($hits, $req, $names, $report) = spam_assassin_check();
Then log with this:
$names =~ s/,/ /g;
md_graphdefang_log('spam', "$hits $names", $relay);
We change the commas to spaces so that we can split syslog records
on commas consistently. This is probably the same as what you do,
except that you only log $hits.
If you want to reject for a high score you need to tell Mimedefang
to do that too. It might look like this. You choice of score and
error message.
if ($hits > 10) {
return action_bounce('No spam, thanks');
}
Joseph Brennan
Lead Email Systems Engineer
Columbia University Information Technology
More information about the MIMEDefang
mailing list