Re: Creating a log line?

Wed, 30 Mar 2016 12:54:28 -0700 

On Tue Mar 29 2016 22:37:31 Viktor Dukhovni     <postfix-us...@dukhovni.org> 
said:
> 
> # collate /var/log/maillog | pgrep 
> '<20160329164500\.GD6602@mournblade\.imrryr\.org>'

Collate is useful, and I do use it, but it provides far more information that I 
usually want.

Enabling smtpd_log_access_permit_actions = static:all

Does give me a line (well, several lines) with both the to and the from address:

Mar 30 12:47:04 mail postfix/smtpd[10877]: NOQUEUE: permit: RCPT from 
localhost[127.0.0.1]: action=permit_mynetworks for Client 
host=localhost[127.0.0.1] ; from=<owner-postfix-us...@postfix.org> 
to=<krem...@covisp.net> proto=ESMTP helo=<mail.covisp.net>
Mar 30 12:47:04 mail postfix/smtpd[10877]: NOQUEUE: permit: RCPT from 
localhost[127.0.0.1]: action=permit_mynetworks for Client 
host=localhost[127.0.0.1] ; from=<owner-postfix-us...@postfix.org> 
to=<krem...@covisp.net> proto=ESMTP helo=<mail.covisp.net>
Mar 30 12:47:04 mail postfix/smtpd[10877]: 3qZxT41PjPzpL6k: permit: RCPT from 
localhost[127.0.0.1]: action=permit_mynetworks for Client 
host=localhost[127.0.0.1] ; from=<owner-postfix-us...@postfix.org> 
to=<backup+kremels.kreme.com@*munged*> proto=ESMTP helo=<mail.covisp.net>
Mar 30 12:47:04 mail postfix/smtpd[10877]: 3qZxT41PjPzpL6k: permit: RCPT from 
localhost[127.0.0.1]: action=permit_mynetworks for Client 
host=localhost[127.0.0.1] ; from=<owner-postfix-us...@postfix.org> 
to=<backup+kremels.kreme.com@*munged*> proto=ESMTP helo=<mail.covisp.net>

Not sure why there are two identical lines.

Looks like if I can tell permit_actions to only look at DATA that will give me 
the from and to before lookups:

Mar 30 12:46:53 mail postfix/smtpd[10799]: 3qZxSs3qSbzpKtk: permit: DATA from 
camomile.cloud9.net[168.100.1.3]: action=permit for Data command=DATA ; 
from=<owner-postfix-us...@postfix.org> to=<krem...@kreme.com> proto=ESMTP 
helo=<camomile.cloud9.net>

But right now, this shows me mostly what I want.

grep DATA /var/log/maillog | grep “from=" | awk '{print 
$6"\t"$3"\t"$17"\t"$16}’ |grep -v ESMTP|column -t

One line for every message.

(With smtpd_log_access_Permit_actions=static:all as above.

grep -E 'DATA|"from="' /var/log/maillog | awk '{print $6"\t"$3"\t"$17"\t"$16}’ 
|grep -v ESMTP 


-- 
Once upon a time the plural of 'wizard' was 'war'. --The Last Continent

Reply via email to