This is a great idea. This is a spam filter that is integrated into a CRM system, so I needed to parse and dump the information so it could be sucked up later.
Here's what I ultimately created. It still needs some work (mainly because it re-reads the whole file every time, and I should use timestamps and a half-interval search algorithm to find the last-processed time stamp. I am relying on log rotate to make it not-too-terribly-big). https://github.com/mjmunger/postfix-log-parser Michael Munger, dCAP, MCPS, MCNPS, MBSS High Powered Help, Inc. Microsoft Certified Professional Microsoft Certified Small Business Specialist Digium Certified Asterisk Professional mich...@highpoweredhelp.com On 12/02/2016 01:30 AM, @ wrote: > On 11/30/16 2:35 PM, Michael Munger wrote: > >> I am writing a log parser so that when users complain "so and so sent me >> an email and I didn't get it" I can query the logs and find this with >> ease. Ultimately, I want ot make this self service through a web page. > I went a different way. Users can chose to receive a "DMR" (Daily Mail > Report) and that report can contain either all the rejected email > addresses that were not accepted for their account (or domain), all > the accepted emails they got, or both. > > I have a bash script that does it, and when a user wants this, I > simply set up a crontab for them. Usually after a week or so they want > it turned off. The script sends them a lightly styled HTML table in > the email. > > The heart of the script is: > > if [ "$REJECT" = 1 ]; then > echo '<tr><th> </th><th>IP address</th><th>Claimed > address</th></tr>' > bzgrep "$MATCHPAT" $LOGF | grep -i reject | egrep 'from=<[^>]+>' | > grep -v "Protocol error" | \ > grep -v "$EXCLUDE" | sort -u | sed 's/from=<//' | tr -d '>,[]:' | > grep -v rejected | \ > awk '{print "<tr><td class=\"rej\">REJECTED</td><td > class=\"right\">"$16"</td><td>"$20"</td></tr>"}' > fi > > if [ "$ACCEPT" = 1 ]; then > echo '<tr><th style="width:8em;">Accepted ID</th><th > style="width:6em;">Time</th><th>From</th></tr>' > bzgrep -E 'DATA|\"from=\"' $LOGF | grep -v "<>"| \ > awk '{print $6"\t"$3"\t"$17"\t"$16}' | grep -v ESMTP | \ > grep -v "to=<backup" | column -t | sort -k 2 | grep > "to=<.*$MATCHPAT" | \ > grep -v "$EXCLUDE" | sed 's/from//g' | sed 's/://' | tr -d > '=><' | > awk '{print "<tr><td class=\"right qid\">"$1"</td><td > class=\"right\">"$2"</td><td>"$4"</td></tr>"}' > fi > > For this to work > > smtpd_log_access_permit_actions = static:all > > must be set in main.cf. This makes your logs chattier, but provides me > with the line in the logs that I need to get this working. > > One user, in particular, was calling several times a week looking for > an email and now never calls. > > >
