I have written a log watching utility. I find it quite useful and I hope
others will as well.
Some general info:
• it depends on the [ pass | skip | fail ] logging prefixes I've made to
many of the plugins
• values have the following meaning:
o - test passed
- - test skipped
X - test failed
The report values shown in the table were chosen primarily to provide high
contrast and readability in a terminal window. Suggestions for improvement are
welcome.
• test results are presented mostly in the order they are encountered. So
CONNECT, HELO, FROM, TO, DATA, etc... are (mostly) grouped together. It seemed
the most logical approach. Suggestions for improvement are welcome.
• some data (like Geo::IP city, distance, karma, etc) depend on changes
that are not merged the main github repo yet.
• some plugins require logging changes that I have yet to get into github
(the backlog of pending commits is a gigantic PITA to work around)
• some plugins require logging tweaks that I have yet to make on my own
server (SPF).
Sample output is posted here: http://www.tnpi.net/internet/mail/qp/logwatch.html
It looks better in a terminal window than a web page. I intend to have a CGI
version of this. CSS markup could make it pretty, AJAX checkboxes could hide
fields you don't want to see, and links could drill down to see log details for
specific transactions.
A few of the features:
• automatic detection of running plugins
• only plugins that are logging data will show up
• if a new plugin log entry detected, a new header is printed and future log
entries include it
Does anyone run more than one virus scanning plugin?
I'm somewhat curious as to how much work and code it would take to make this
processor compatible with older versions of qp. Not quite curious enough to
install older versions of QP to try it with. But if someone had a qp install
and was willing to offer a shell account with read access to
~smtpd/log/main/current, I would put some effort into it. If you're willing to
help, contact me via email. Instructions for setting up a SSH key based login
for me are available here ( http://www.tnpi.net/wiki/Help:Contents ).
There isn't currently a place to put this in the qp repo. It's not a plugin,
it's a utility. I think the qp package should have a bin or contrib directory
for dropping stuff like this into. Preferences?
This thing also needs a name.
Matt
`````````````````````````````````````````````````````````````````````````
Matt Simerson http://matt.simerson.net/
Systems Engineer http://www.tnpi.net/
Mail::Toaster - http://mail-toaster.org/
NicTool - http://www.nictool.com/
`````````````````````````````````````````````````````````````````````````
