Leonardo Rodrigues, > i would like to have a full email report, which, intentionally, > would give me for each message: > 1) sender > 2) recipient or recipients in case of CCs > 3) subject > 4) message size > 5) name and mime-type of attachments, if present > i have tried getting this from postfix logs, but i couldnt. i can > have some header/body checks with WARNING and logs somethings, but my > tries were completly wasted on trying to get all that information together.
The 1..4 are faily easy, either through adjusting $log_templ or through SQL logging. For 5 you will need to add some code to present the information (which is available in internal data structures) in a coherent way - a MIME structure could be fairly complex, multilevel and long. > i know amavisd have all this informations, some of them even easier > than postfix, like name and mime-type of attachments, which can be seen > on logs with log_level=2. > > would it be possible to have all these informations parsed from > amavisd logs and presented in a easy way ? It can be a comma-delimited > or tab-delimited text, no problem. I can convert it to HTML, the raw > information would be enough. Following up on Mike's suggestion, the mail log entry can be extended by including additional macros in a template - see README.customize for the full list. I'm currently using the following (with 2.6.0) (to go into amavisd.conf, probably an overkill for most uses): $log_templ = <<'EOD'; [?%#D|#|Passed # [? [:ccat|major] |OTHER|CLEAN|MTA-BLOCKED|OVERSIZED|BAD-HEADER|SPAMMY|SPAM|\ UNCHECKED|BANNED (%F)|INFECTED (%V)]# , [? %p ||%p ][?%a||[?%l||LOCAL ]\[%a\] ][?%e||\[%e\] ]%s -> [%D|,]# [? [:tls_in] ||, tls: [:tls_in]]# [? %q ||, quarantine: %q]# [? %Q ||, Queue-ID: %Q]# [? %m ||, Message-ID: %m]# [? %r ||, Resent-Message-ID: %r]# , mail_id: %i# , Hits: [:SCORE]# , size: %z# [? [:partition_tag] ||, pt: [:partition_tag]]# [~[:remote_mta_smtp_response]|["^$"]||[", queued_as: "]]\ [remote_mta_smtp_response|[~%x|["queued as ([0-9A-Z]+)$"]|["%1"]|["%0"]]|/]# [? [:header_field|Subject] ||, Subject: [:dquote|[:header_field|Subject|100]]]# [? [:header_field|From] ||, From: [:uquote|[:header_field|From|100]]\ [? [:dkim|author] || (dkim:AUTHOR)]]# [? [:useragent|name] ||, [:useragent|name]: [:uquote|[:useragent|body]]]# [? %#T ||, Tests: \[[%T|,]\]]# [:supplementary_info|SCTYPE|, shortcircuit=%%s]# [:supplementary_info|AUTOLEARN|, autolearn=%%s]# [:supplementary_info|AUTOLEARNSCORE|, autolearnscore=%%s]# [? [:supplementary_info|LANGUAGES] ||, languages=[:uquote|[:supplementary_info|LANGUAGES]]]# [? [:supplementary_info|RELAYCOUNTRY] ||, relaycountry=[:uquote|[:supplementary_info|RELAYCOUNTRY]]]# [? [:supplementary_info|ASN] ||, asn=[:uquote|[:supplementary_info|ASN] [:supplementary_info|ASNCIDR]]]# [? [:supplementary_info|DCCREP] ||, dcc_rep=[:supplementary_info|DCCREP]]# [? [:dkim|identity] ||, dkim_id=[:dkim|identity]]# , %y ms# ] [?%#O|#|Blocked # [? [:ccat|major|blocking] |# OTHER|CLEAN|MTA-BLOCKED|OVERSIZED|BAD-HEADER|SPAMMY|SPAM|\ UNCHECKED|BANNED (%F)|INFECTED (%V)]# , [? %p ||%p ][?%a||[?%l||LOCAL ]\[%a\] ][?%e||\[%e\] ]%s -> [%O|,]# [? [:tls_in] ||, tls: [:tls_in]]# [? %q ||, quarantine: %q]# [? %Q ||, Queue-ID: %Q]# [? %m ||, Message-ID: %m]# [? %r ||, Resent-Message-ID: %r]# , mail_id: %i# , Hits: [:SCORE]# , size: %z# [? [:partition_tag] ||, pt: [:partition_tag]]# #, smtp_resp: [:smtp_response]# [? [:header_field|Subject] ||, Subject: [:dquote|[:header_field|Subject|100]]]# [? [:header_field|From] ||, From: [:uquote|[:header_field|From|100]]\ [? [:dkim|author] || (dkim:AUTHOR)]]# [? [:useragent|name] ||, [:useragent|name]: [:uquote|[:useragent|body]]]# [? %#T ||, Tests: \[[%T|,]\]]# [:supplementary_info|SCTYPE|, shortcircuit=%%s]# [:supplementary_info|AUTOLEARN|, autolearn=%%s]# [:supplementary_info|AUTOLEARNSCORE|, autolearnscore=%%s]# [? [:supplementary_info|LANGUAGES] ||, languages=[:uquote|[:supplementary_info|LANGUAGES]]]# [? [:supplementary_info|RELAYCOUNTRY] ||, relaycountry=[:uquote|[:supplementary_info|RELAYCOUNTRY]]]# [? [:supplementary_info|ASN] ||, asn=[:uquote|[:supplementary_info|ASN] [:supplementary_info|ASNCIDR]]]# [? [:supplementary_info|DCCREP] ||, dcc_rep=[:supplementary_info|DCCREP]]# [? [:dkim|identity] ||, dkim_id=[:dkim|identity]]# , %y ms# ] EOD The $log_template may also produce multiple lines (i.e. a '#' at the end of each line in a default template discards each NL following it, see README.customize), so one can produce separate log lines, each with different information to facilitate parsing. The following example appends a second line to each default log entry: $log_templ .= q{ Custom log: %s -> [%R|,]# , size: %z# , Subject: [:dquote|[:header_field|Subject]]# , From: [:uquote|[:header_field|From]]# }; Now for the MIME structure, either parse the log entries suggested by Mike, or modify code to match your needs. Same goes for SQL logging: it covers most of the basic info about each message (see schemas for tables msgs, msgrcpt and addrs in README.sql*), but to include MIME info that would need to be added. Wazir Shpoon writes: > @lookup_sql_dsn = > ( ['DBI:mysql:dbname=mail;host=localhost', 'sqluser', 'sqlpassword'] ); > @storage_sql_dsn = @lookup_sql_dsn; > $virus_quarantine_method='sql:'; > $banned_files_quarantine_method='sql:'; > $spam_quarantine_method='sql:'; > $bad_header_quarantine_method='sql:'; If one needs SQL logging only (for pen pals feature or for a bounce killer feature or just for data mining), there is no need to also switch quarantining to sql, and neither do SQL lookups have to be enabled. Setting the @storage_sql_dsn suffices, e.g.: @storage_sql_dsn = (['DBI:Pg:database=mail_log', 'amavis', 'somesecretpassword']); Mark ------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/