On Fri, Dec 21, 2018 at 06:56:57PM +0100, Walter Alejandro Iglesias wrote: > Hello Gilles, > > In article <20181221145201.ga90...@ams-1.poolp.org> Gilles Chehade > <gil...@poolp.org> wrote: > > On Fri, Dec 21, 2018 at 07:41:41AM -0700, Gilles Chehade wrote: > > > CVSROOT: /cvs > > > Module name: src > > > Changes by: gil...@cvs.openbsd.org 2018/12/21 07:41:41 > > > > > > Modified files: > > > usr.sbin/smtpd : smtp_session.c > > > > > > Log message: > > > start simplifying log lines, they're no longer intended to be parseable, > > > we > > > have a reporting API for tools that want to analyze events, maillog is > > > just > > > for us, hoomans. > > > > > > > that was not the best way to phrase my commit log ... sorry > > > > i meant they're no longer intended to be friendlier to scripts than to > > humans: there will still be in a format that's easy to quickly script, > > but they will hold information easily readable by humans, not a lot of > > unrelated context infos so tools can generate dashboards out of single > > lines. > > > > logs for humans, event reports for tools. > > > > Since long I've been greping IPs from spammers and attackers from > /var/log/maillog, /var/log/authlog and /var/log/daemon using a shell > script I wrote that automatically includes them in a file read by a pf > table. In the case of maillog, it relies in the address="" and host="" > info currently included. > > Will it appear sender's IP and hostname in /var/log/maillog after this > change? >
yes, you'll still be able to grep that information from maillog -- Gilles Chehade @poolpOrg https://www.poolp.org tip me: https://paypal.me/poolpOrg
