|Main Archive Page > Month Archives > postfix-users archives|
On 10/19/2010 09:20 PM, Dom Latter wrote:
> [as subject]
> On 19/10/10 19:42, Jeroen Geilman wrote:
>> How does it deal with address rewriting and alias expansion, which is
>> the routing core of postfix ?
> Badly? It's a site-specific script hacked up quickly for my own
>> "timestamp - client IP [hostname] - orig_envelope_from >
>> orig_envelope_to - Queue ID - final_envelope_from > final_envelope_to -
>> transport:nexthop - server IP [hostname] - delays"
> Here's roughly what I'm doing at the moment:
> On the first incoming connection, store the time, ESMTP ID, and
> client IP / hostname.
> On the first postfix/cleanup, store the message ID.
> On the second postfix/cleanup, use the message ID to find the
> record, dump the original ESMTP ID and store the new one.
> From the amavis record, get from, to, hits, size.
> From the outgoing postfix/smtp that matches the ESMTP ID,
> get sent status and outgoing relay.
> For what I'm doing at the moment I could probably just use
> those last two records; but I think I'm also interested in
> getting a record of emails that never get as far as amavis.
>> Can you share the script ?
> That's the idea, although it's embarrassingly "beta" at the moment.
I am definitely interested, I wasn't baiting you.
This is a decidedly untrivial task, given the flexibility of logging.
We are currently evaluating Splunk to process logs, but I haven't gotten
very far with it yet.