Mark Scholten a écrit : > [snip] > I am now doing it by parsing the logs, but I want to get the following > information in a MySQL database (currently I get it from the logs, but that > takes a few hours to parse for 1 day logs). > I currently log the following data in a MySQL database: > - sender (email address) > - receiver (email address) > - IP sender (from where did postfix receive it) > - date/time (when) > I would like to add: subject (but I didn't find a solution yet for that).
if you keep using logs, then you can use header_checks to log the subject: /^Subject:/ WARN blahblah DISCLAIMER: The above is a technical answer to a technical question. It is not a recommendation. Subject logging may introduce privacy issues. > Also doing it "realtime" and not with a delay (as we don't do parse it every > minute and putting it in a database when we receive the information would be > great). > you have many options: - keep using a log parser. you can "tail -F $logfile | yourscript" or call the parser often enough (use seek() to avoid re-parsing). alternatively, you can mkfifo and log a copy to the fifo... (People do this with syslog-ng). - write a content_filter. you can use a pipe based filter (see the CONTENT FILTER README). but you need to be careful... (yes, you need to resubmit mail via sendmail...) (if you already use amavisd-new and feel confortable writing perl code, then you can do that from inside amavisd-new). - write a milter. - you can deliver a copy of mail to a program that does what you want. for example bcc_recipient_maps = pcre:/etc/postfix/bcc_recipient.pcre == bcc_recipient.pcre: /(.*)@(example\.com)$/ $...@bcc.example.com == transport bcc.example.com loggit: and define "loggit" in master.cf. > What do you think is the best solution? I prefer log parsing because it doesn't interfere with mail flow. you can stop it when you want and start it again, without touching postfix... but it's just my opinion. >>> Maybe there's an easier way that I can do that without having to call >>> sendmail again. with a content_filter, you need to resubmit mail, either via sendmail or via smtp (if you chose tha letter, don't resubmit to the same port as that would create an infinite loop. add a new smtpd listener which doesn't trigger the content filter. as you see, this is more work than with sendmail, and is probably not worth the pain in your case). >>> >>> [snip] >
