Karsten Scheibler wrote: > Hello, > > I've written (yet another) loganalyze script for postfix and amavis. > Currently i use the message-id of a mail to bring together all postfix and > amavis log entries belonging to a specific mail (after using queue-id and > amavis pid+child_id to get all postfix and amavis entries belonging to one > mail). But this is error prone in some situations: > > 1. if mail is forwarded internally, some mail servers use the same message id > again, so i see log entries belonging to different mail transactions but > with the same message-id > 2. forged message-ids are logged differently by postfix and amavis if they > contain invalid characters, so i'm not able to find the matching postfix > and amavis entries > > To circumvent these problems, i thought on adding some uniq-id as X-Header in > the first postfix instance (and logging it), logging it also with amavis and > in the last postfix instance, which would also removes the header. So the > main > logic of the log extracting code would stay the same, but now based on a sane > id. Currently i see no way to realize this without modifying postfix (i don't > think that i could do it with the PREPEND action, because i need a uniq > string for every incoming mail). > > Before investing more time into it i wanted to ask, if someone did something > similar or if there is a better way to do what i want to do. > > message-id is unreliable (it is generated by an external system). use the queue-id instead:
1- when postfix delivers mail to amavisd, it logs something like ..... status=sent (250 2.6.0 Ok, id=27947-07, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 986A379123) get the "id=27947-07" and "queued as 986A379123". this gives 2 informations: 2- amavisd logs something like ... (27947-07) Passed* ... *queued_as: 986A379123, 6268 ms get the "(27947-07)" and the "queued_as: 986A379123" 3- when amavisd passes the mail back to postfix, postfix logs something like: ....: 986A379123: ... get the "986A379123" (the queue id). PS. Pay attention to the order of the log lines (they come in reverse order). ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
