On Wednesday, February 07, 2007 10:11 PM, Joseph wrote:
[snip]
>>> The database contains a simple domainname filed with the domain.com
>>> without
>>> the @.
[snip]
>
> Looking at the auto whitelist options,
>
> Is there a way to to populate the table with all the domains of sent
> email?
>
> I saw reference to making a function.
> Is there a sample such function around someone would want to share?
The following is how I distill the recipient addresses:
1. Add "log_selector = +received_recipients" to the configure file, so
the recipients will be kept in mainlog. A sample entry looks like
2006-03-29 00:01:16 1FOGdA-0002MF-3X <= customer@???
H=(xxxx.xxx.org.xx)
[xx.xx.xx.xxx] P=esmtp S=14683
id=APPLICATION1o8yfogk00000070@???
for training@??? yuxxee@???
training@??? and yuxxee@??? are recipients, while
customer@??? is
the sender.
2. A shell script, invoked by cron at XX:29 and XX:59, processes the
mainlog and prints recipient addresses to standard output. The script
relevant to our discussion is:
# I use TIME_RANGE as a pattern to match entries logged in the previous 30
minutes.
# TIME_RANGE looks like "^2006-03-29 00:[012]" (depending on when the script
runs)
MNT=012; if [ "`date +%M`" -ge 30 ]; then MNT=345; fi
TIME_RANGE="^`date +'%F %H:'`[$MNT]"
sleep 50 # delayed for some time, but not a full minute, or it won't work
when mainlog gets rotated.
< /var/spool/mta/exim/log/mainlog grep "$TIME_RANGE" |
# preserve only interesting entries. $5 is the sender address.
# If the sender does not belong to our domain, there is no need to keep it.
# the output is a list of sender followed by recipients,
# like "customer@??? training@??? yuxxee@???"
awk '$4 == "<=" && tolower($5) ~ /@(contract\.)?xxx\.org\.xx$/ \
{ from = tolower($5); sub(/^.+ for /, ""); \
print from " " tolower($0); }' |
# transform the data further to single recipient followed by ";" and single
sender,
# like "training@???;customer@???" and
"yuxxee@???;customer@???",
# to be used as auto whitelist to skip greylisting
awk '{ for (i = 2; i <= NF; i++) \
if ($i !~ /@(contract\.)?xxx\.org\.xx$/) \
print $i ";" $1; }' |
# remove duplicated entries
$SORT -u
In fact the script above does more than what you want. But it's easy to
modify it to serve your purpose. Hope this helps.
Chih-Cherng Chin
