This may be useful to you or others.
I have a solution compatible with exim and log this info to a separate file
using exim_system_filter.
--------
if "$h_X-Spam-Checker-Version:" contains "XXX.suptech.com"
then
logfile /var/log/exim/exim_spamdlog
logwrite "$tod_log $message_id X-Spam-Level: $h_X-Spam-Level:"
logwrite "$tod_log $message_id X-Spam-Status: $h_X-Spam-Status:"
logwrite "$tod_log $message_id subject: $header_subject"
logwrite "$tod_log $message_id $return_path => $recipients"
logwrite "$tod_log $message_id Completed"
endif
--------
This gives entries in the log like:
--------
2003-10-31 08:52:09 1AFcVM-0006Dc-00 X-Spam-Level:
***********************************
2003-10-31 08:52:09 1AFcVM-0006Dc-00 X-Spam-Status: Yes, hits=35.5
required=5.5 tests=BAYES_99,BIZ_TLD,
DATE_SPAMWARE_Y2K,FORGED_HOTMAIL_RCVD2,FORGED_IMS_HTML,
FORGED_IMS_TAGS,FORGED_MUA_IMS,HTML_40_50,HTML_MESSAGE,
MIME_HTML_NO_CHARSET,MIME_HTML_ONLY,MIME_HTML_ONLY_MULTI,
MISSING_MIMEOLE,MISSING_OUTLOOK_NAME,_STI_MDBZ autolearn=spam
version=2.60
2003-10-31 08:52:09 1AFcVM-0006Dc-00 subject: Re: Pain relief lwvj
2003-10-31 08:52:09 1AFcVM-0006Dc-00 [EMAIL PROTECTED] =>
[EMAIL PROTECTED]
2003-10-31 08:52:09 1AFcVM-0006Dc-00 Completed
--------
Which are comaptible with exigrep, so you can do things like exigrep
BAYES_99 /var/log/exim/exim_spamdlog
Balam
> -----Original Message-----
> From: Dan Tappin [mailto:[EMAIL PROTECTED]
> Sent: Friday, October 31, 2003 8:19 AM
> To: [EMAIL PROTECTED]
> Subject: [SAtalk] Log Question...
>
>
> Below is a snippet from a recent post to the list:
>
> > Oct 30 14:12:40 ns1 MailScanner[3201]: Message h9UMAPR07828 from
> > 61.59.154.73 ()
> > to userdomain.com is spam, SpamAssassin (score=28.325, required
> > 5, BAYES_99
> > 6.00, FORGED_AOL_RCVD 4.10, FORGED_MUA_OUTLOOK 2.57,
> > FORGED_OUTLOOK_HTML 1.00,
> > FORGED_RCVD_NET_HELO 4.10, FROM_NO_USER 2.39, HTML_90_100 1.19,
> > HTML_IMAGE_ONLY_02 1.33, HTML_MESSAGE 0.10,
> HTML_TITLE_UNTITLED 0.43,
> > MIME_HTML_ONLY 0.32, MSGID_FROM_MTA_HEADER 0.70, RCVD_AM_PM 4.10)
>
> Is there a config option to have these triggered rules logged
> like that? My
> maillog simply has mail identified or not identified as spam.
> It would be
> great to be able to troubleshot false positives.
>
> I looked in the docs and searched the list but could not find
> and thing on
> this.
>
> Thanks,
>
> Dan
>
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by: SF.net Giveback Program.
> Does SourceForge.net help you be more productive? Does it
> help you create better code? SHARE THE LOVE, and help us help
> YOU! Click Here: http://sourceforge.net/donate/
> _______________________________________________
> Spamassassin-talk mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
>
-------------------------------------------------------
This SF.net email is sponsored by: SF.net Giveback Program.
Does SourceForge.net help you be more productive? Does it
help you create better code? SHARE THE LOVE, and help us help
YOU! Click Here: http://sourceforge.net/donate/
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
