Hello Gilles,
In article <20181221145201.ga90...@ams-1.poolp.org> Gilles Chehade
<gil...@poolp.org> wrote:
> On Fri, Dec 21, 2018 at 07:41:41AM -0700, Gilles Chehade wrote:
> > CVSROOT: /cvs
> > Module name: src
> > Changes by: gil...@cvs.openbsd.org 2018/12/21 07:41:41
> >
> > Modified files:
> > usr.sbin/smtpd : smtp_session.c
> >
> > Log message:
> > start simplifying log lines, they're no longer intended to be parseable, we
> > have a reporting API for tools that want to analyze events, maillog is just
> > for us, hoomans.
> >
>
> that was not the best way to phrase my commit log ... sorry
>
> i meant they're no longer intended to be friendlier to scripts than to
> humans: there will still be in a format that's easy to quickly script,
> but they will hold information easily readable by humans, not a lot of
> unrelated context infos so tools can generate dashboards out of single
> lines.
>
> logs for humans, event reports for tools.
>
Since long I've been greping IPs from spammers and attackers from
/var/log/maillog, /var/log/authlog and /var/log/daemon using a shell
script I wrote that automatically includes them in a file read by a pf
table. In the case of maillog, it relies in the address="" and host=""
info currently included.
Will it appear sender's IP and hostname in /var/log/maillog after this
change?
Walter
