On Thu, 12 Nov 1998, Matthew Frost wrote:
> Before I think about sitting down and writing one of my own, has
> anyone written a script for producing statistics on Exim's rejectlog?
I have a lashed up script for my own use that summarizes them. The
output looks like:
1 recipients refused from <marketupdate11_11_98mmo@???>
H=(glline.swissnet.ch) [195.162.162.163]
2 recipients refused from <poc@???>
H=(mailer) [206.98.60.170]
1 rejected HELO from [147.72.123.23]:
syntactically invalid argument(s): friends@???
26 rejected MAIL FROM: temporarily unable to verify sender address
<shuangfu@???>
H=(evermail1.cenpok.net) [203.196.2.175]
7 rejected MAIL FROM: temporarily unable to verify sender address
<xuchen@???>
H=(evermail1.cenpok.net) [203.196.2.175]
1 rejected from (danube.far2.cc.kanagawa-u.ac.jp) [133.72.4.2]:
cannot route to sender <7g0c@???>
1 rejected from (danube.far2.cc.kanagawa-u.ac.jp) [133.72.4.2]:
cannot route to sender <or45@???>
1 rejected from (evermail1.cenpok.net) [203.196.2.175]:
temporarily unable to verify sender address
1 rejected from (ns0.entertainers.net) [194.205.25.65]:
can't currently verify any sender in message headers: return path is <>
1 rejected from (wiscpa.weizmann.ac.il) [132.77.10.14]:
temporarily unable to verify sender address
The script is below, if it is any use to you. I also have a trivial
script that hauls out the hints information for temporary rejections.
The script is
#! /bin/sh
exim_dumpdb /var/spool/exim reject | grep -v ' 0.0 '
And the output looks like
15-Oct-1998 21:30:59 F 1.0 owner-lansrv-l@???:130.246.132.24
05-Nov-1998 18:31:59 F 3.2 kamilw@???:212.51.207.68
10-Nov-1998 16:11:00 F 1.9 butler@???:129.11.16.8
05-Nov-1998 16:03:31 F 2.0 tech@???:195.22.40.50
25-Oct-1998 14:39:44 F 1.0 info@???:194.168.148.16
20-Oct-1998 01:07:50 F 2.6 vanesa@???:209.222.130.8
06-Nov-1998 17:06:25 F 1.0 owner-telugu@???:130.246.132.24
This is applicable only to the latest (testing) versions of Exim with
the new temporary rejection handling code.
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.
#! /bin/perl -w
$file = "/var/spool/exim/log/rejectlog";
$limit = 0;
if (@ARGV > 0 && $ARGV[0] eq "-l")
{
shift @ARGV;
$limit = shift @ARGV;
}
push(@ARGV, "0") if (@ARGV == 0);
for ($i = 0; $i <= $#ARGV; $i++)
{
$ARGV[$i] =
($ARGV[$i] eq "0")? "$file" :
($ARGV[$i] =~ /^\d$/)? "$file.0$ARGV[$i]" : "$file.$ARGV[$i]";
}
for (;;)
{
# This bit of code is written this way because of an oddity in Perl.
# If you replace the second two lines with "last unless ($_ = <>)" you
# get a warning about a <HANDLE> construct being "0". I can't find
# another way of getting rid of it in Perl 5.004.
$item = "";
$_ = <>;
last unless ($_);
while ($_ !~ /^----------------/)
{
$item .= $_;
$_ = <>;
}
$key = substr($item, 20);
chomp($key);
# Cut down the verbiage and do some formatting
$key = substr($key, 17) if $key =~ /^\w{6}-\w{6}-\w{2} /;
$key = "$1\n $2" if $key =~ /^(.*) (H=.*)$/;
$key = "refused relay $1 to $2\n from $3$4"
if $key =~ /^refused relay (.*) to (\S+) from (\S+)(.*)$/s;
$key = "$1\n $2" if $key =~ /^(rejected HELO .+?:) (.*)$/s;
$key = "$1\n $2" if $key =~ /^(.+) \(try again later\) (.*)$/s;
$key = "$1\n $2 $3" if $key =~ /^(.+:) (cannot route to sender) (.*)/;
$key = "$1\n $2 $3"
if $key =~ /^(.+:) (no valid sender in message headers:) (.*)/;
$key = "$1\n $2: $3"
if $key =~
/^(.+:) (can't .+? in message headers) \(please try again later\): (.*)/;
$key = "$1\n $2" if $key =~ /^(rejected from .+:) (.*)/;
# Initialise or increment count
if (!defined $hash{$key})
{
$hash{$key} = 1;
}
else { $hash{$key}++; }
}
foreach $key (sort keys %hash)
{
if ($hash{$key} > $limit)
{
printf("%3d ", $hash{$key});
print "$key\n";
}
}
# End
--
*** Exim information can be found at
http://www.exim.org/ ***
