|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Gilles Buisson (gilles.buisson
namebay.com)
Date: Wed Aug 22 2007 - 01:44:50 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I used a Pre-Processor for pflogsumm to prevent the duplicate entries, found
on the link below, maybe it help you:
http://web.tiscali.it/postfix/
gilax
-----Message d'origine-----
De : owner-postfix-userspostfix.org
[mailto:owner-postfix-userspostfix.org] De la part de Gautam Singaraju
Envoyé : jeudi 12 juillet 2007 20:03
À : Tolga
Cc : Chris Horry; Postfix ML
Objet : Re: [Fwd: pflogsumm]
I am not sure if my explanation is complete:
When an email is received by postfix, it puts an entry into the log
file with a certain queue-id. If you are using a milter, the email is
removed from the queue and processed by the milter. If the milter
deems it to be non-spam, the email is then put back into the queue,
however, with a different queue-id. There are other parameters that
ensure that the email is not picked up by the milter. This processes
seems to happen in this case for you. I see clamsmtpd being used,
which means an email virus scanning being done and then the queue
manager and pickup threads are picking it up.
When we look at logs generated by threaded applications (like
postfix), it shows multiple entries for the same object in a log file.
I would like to know if someone has a tool that can consolidate these
multiple entries into a single entry.
Gautam
On 7/12/07, Tolga <tolgaozses.net> wrote:
>
>
> Chris Horry yazmýþ:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Tolga wrote:
> >
> >> I'm sorry, it's somehow postfix. Below are my logs and I received 1
> >> e-mail from the said address which was spam
> >>
> >> ozses ~ # grep Jul\ 12 /var/log/mail.log | grep danawestmarina.com
> >> Jul 12 07:26:23 ozses postfix/qmgr[10753]: C299CE332:
> >> from=<kkojimadanawestmarina.com>, size=28180, nrcpt=1 (queue active)
> >> Jul 12 07:26:25 ozses postfix/pickup[17139]: 4E8F814F48: uid=1009
> >> from=<kkojimadanawestmarina.com>
> >> Jul 12 07:26:25 ozses postfix/qmgr[10753]: 4E8F814F48:
> >> from=<kkojimadanawestmarina.com>, size=29303, nrcpt=1 (queue active)
> >> Jul 12 07:26:25 ozses postfix/qmgr[10753]: 6703DB1B2:
> >> from=<kkojimadanawestmarina.com>, size=29508, nrcpt=1 (queue active)
> >> Jul 12 07:26:25 ozses clamsmtpd: 100261:
> >> from=kkojimadanawestmarina.com, to=kartagiskunduz.org, status=CLEAN
> >>
> >> -------- Original Message --------
> >> Subject: pflogsumm
> >> Date: Thu, 12 Jul 2007 16:09:57 +0300
> >> From: Tolga <tolgaozses.net>
> >> To: Postfix ML <postfix-userspostfix.org>
> >>
> >>
> >>
> >> Hi,
> >>
> >> Assuming I received 1 e-mail from rootmydomain.com, pflogsumm always
> >> triples it. Any ideas why?
> >>
> >>
> >
> > You're not making any sense, pflogsumm doesn't send e-mail. What
> > mechanism are you using to e-mail your pflogsumm reports?
> >
> > Chris
> >
> 00 01 * * * pflogsumm.pl yesterday /var/log/mail.log|mail -s "Postfix
> log summary of yesterday" tolga >/dev/null 2>&1
>
> Tolga
> >
> > - --
> > Chris Horry KG4TSM "A conservative is a man with two perfectly
> > zerbeywibble.co.uk good legs who, however, has never learned how
> > http://www.wibble.co.uk to walk forward". -- Franklin D. Roosevelt
> >
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.4.7 (MingW32)
> > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> >
> > iD8DBQFGlkyZnAAeGCtMZU4RAkx3AJwMYHAEOfANlO4X+5zoXqi2utwZggCgho5+
> > LZGTOS9itBl5nic/GPeGY6g=
> > =Q7zg
> > -----END PGP SIGNATURE-----
> >
>
> --
> Q: Why did the WASP cross the road?
> A: To get to the middle.
>
>
--
---
Gautam
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]