Re: [exim] Differentiating incoming and outgoing mails

Inizio della pagina
Delete this message
Reply to this message
Autore: Graeme Fowler
Data:  
To: exim-users@exim.org
Oggetto: Re: [exim] Differentiating incoming and outgoing mails
On 14 Jun 2013, at 11:40, soumya tr <soumya.324@???> wrote:
> I am trying to get some statistics from exim maillog. But when I check
> manually I can find the mail logs to be similar for incoming and outgoing
> mails. Is there any way i can differentiate incoming and outgoing mail? May
> be using some keyword [eg: Protocol etc]


There isn't one, strictly speaking.

As configured, Exim accepts mail from different sources and delivers to different destinations. In a basic sense, all mail is "incoming" when it's being pumped into Exim, and "outgoing" when delivered.

What you're trying to determine is "incoming" and "outgoing" from your personal perspective. For example, messages sent over authenticated SMTP connections by your end users *or* from trusted hosts which you provide an onward relay service to could be considered "outgoing". Messages from arbitrary 3rd-party systems on the Internet could be considered "incoming".

You probably need to process your logs using exigrep, and look at the P= entries or the IP addresses of the sending hosts.

Regex: "P=e?smtps?a" would match all authenticated submissions
Regex: " \[(192\.168\.7|10\.0\.9)" would match all messages sent by hosts in the 192.168.7.0/24 and 10.0.9.0/24 netblocks.

Graeme