--On 16 May 2009 06:05:47 -0700 Marc Perkel <marc@???> wrote:
> Just want to share a trick I'm using with you all to gather data for
> black/white lists and such. This is direct simple, works, and doesn't
> require scanning and parsing logs files. It uses the Exim readsocket
> command to send one line messages to a server that collects these one
> line messages into a text file that is then processed with whatever
> scripts you want to run.
>
> First - on the Exim side:
>
> set acl_c_socket = ${readsocket{inet:1.2.3.4:567}{black
> $sender_host_address\n}{2s}{}{}}
>
> This send the message "black" followed by the IP address to server
> 1.2.3.4 on port 567
>
> now - on the receiving side:
>
> socat -u TCP4-LISTEN:567,reuseaddr,fork OPEN:/tmp/karma.log,creat,append&
>
> This will receive messages from multiple servers. What I do then is
> gather up the files once a minute and process them into my black lists.
> It works well for me and I'm sure a lot of you will find it interesting
> and useful.
Neat idea. Just a note, though, that one should probably use a private port
number (49152 through 65535) to be safe.
<
http://www.iana.org/assignments/port-numbers>
--
Ian Eiloart
IT Services, University of Sussex
01273-873148 x3148
For new support requests, see
http://www.sussex.ac.uk/its/help/