|

»

SpamAssassin - Users

About log generation

View: New views

3 Messages — Rating Filter: Alert me

	About log generation by Jose Luis Marin Perez :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Some parts of this message have been removed. Learn more about Nabble's security policy. Dear friends, There is some configuration of SA to generate different logs and these are for each mail domain? The antispam system analyzes emails from different domains and what I want is to generate statistics for each domain. Thanks Jose Luis Discover the new Windows Vista Learn more!
	Re: About log generation by Matt Kettler-3 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Jose Luis Marin Perez wrote: > Dear friends, > > There is some configuration of SA to generate different logs and these > are for each mail domain? spamd, like most well behaved unix daemons, uses syslog. It doesn't write logfiles directly. The old-school approach to this would be to run several instances of spamd, one per domain, have each log to a separate local* syslog facility, and have syslogd write each to a separate logfile. A more modern approach might be possible using some of the newer syslogd's that can be configured based on message content, not just facility.severity. However, that assumes you can tell from the log message alone.. I'm not sure offhand if spamd has that info in the syslog messages. > > The antispam system analyzes emails from different domains and what I > want is to generate statistics for each domain. > > Thanks > > Jose Luis > Discover the new Windows Vista Learn more! > <http://search.msn.com/results.aspx?q=windows+vista&mkt=en-US&form=QBRE>
	Re: About log generation by LuKreme :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On 8-Nov-2009, at 21:33, Matt Kettler wrote: > However, that assumes you can tell from the log message alone.. I'm > not sure offhand if spamd has that info in the syslog messages. It doesn't. All virtual domains get scanned as the virtual mailbox user. Nov 9 06:47:17 mail spamd[439]: spamd: identified spam (5.8/5.0) for vpopmail:89 in 6.0 seconds, 2910 bytes. Nov 9 06:47:17 mail spamd[439]: spamd: result: Y 5 - BAYES_95,HTML_MESSAGE,MISSING_SUBJECT,URIBL_OB_SURBL scantime = 6.0 ,size = 2910 ,user = vpopmail ,uid = 89,required_score=5.0,rhost=localhost,raddr=127.0.0.1,rport=65314,mid=<COL121-W21E61FB2BDC3CA21457EE6D1AC0@... >,bayes=0.975174,autolearn=no You can use the message ID to scan the log and find the Queue-ID and then use that to scan the log again for the Queue-ID and THEN you can get the user/domain. -- I WILL NOT HANG DONUTS ON MY PERSON Bart chalkboard Ep. 2F13