Re: [exim] Logging a specific header to a different log file

Top Page
Delete this message
Reply to this message
Author: Jasen Betts
Date:  
To: exim-users
Subject: Re: [exim] Logging a specific header to a different log file
On 2015-11-17, Daniel Oakes <Daniel.Oakes@???> wrote:
> Hi There,
>
> Tried googling for quite a bit, but didn't really find what I was after.
>
> What I'm trying to do is log a specific header line in the received: portion to a different log file.
>
> Basically we've got a simple filter we've created for our exim which blocks email to specific domains (for spam reasons). We think we've got a bucketload of compromised accounts but want to capture them. The filter is currently:
>
>   deny message          = Domain $domain is prohibited for outgoing mails
>         domains         = lsearch;/etc/exim4/restricted_domains

>


logging to an arbitrary file is hard. but there are some other things
you could try.

* log to a standard log file but prepend a token that you can later grep
for when analysing the logs

* log to an arbitrary socket using the ${readsocket expansion

* log to an SQL database using the apropriate query lookup expansions

* embedded perl

* redis lookup expansion - experimental (so you'll need to build a
recent version of exim from source) alsi it handles arbitrary strings
poorly.

* modify exim.

--
\_(ツ)_