Date: Sat, 13 Jun 2015 02:36:31 +0200 From: Polytropon <freebsd@edvax.de> To: "Lt. Commander" <us.navy@outlook.com> Cc: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org>, "sageame@sageweb.net" <sageame@sageweb.net> Subject: Re: Script question Message-ID: <20150613023631.db821f0c.freebsd@edvax.de> In-Reply-To: <BAY182-W89C2924F4BDF0D2BD3810DF4BB0@phx.gbl> References: <BAY182-W89C2924F4BDF0D2BD3810DF4BB0@phx.gbl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 12 Jun 2015 18:53:25 -0500, Lt. Commander wrote: > Am running fbsd-9.3 and sendmail-8.15 plus spamassassin. > > I would like to be able to scan the daily maillog with a script > at midnight to extract a list by selecting spam recognized and > contained using the constant "score=(greater than x) and from > that a list of just the IPs which will be placed in a spam file > as part of a spam system here. Am tired of some getting past > spamass even though it exceeds a reasonable tag level. What you're describing here sounds like the typical functionality of a spam filter. None of the present solutions fits your needs? > I do know how to extract just the IP from a line in the log, > but not sure what the syntax should be to first ID the "score=<x" > in a simple sh shell script. If you can provide an anonymized example from such a log line, you might get a direct suggestion. At this point, if you have to use sh tools (sh, sed, awk, cut, grep et al.), you can probably do this the easiest using awk, with a pattern that matches the spam score criteria, and then trim the line down to the information (here: IP) you need. Surely you can also do this with a "grep | sed | cut pipeline", but awk can probably do this alone. Anyway, also consider perl which is "the typical tool" for the task of "log distillation". :-) > I hope this has been presented clear enough to gather some help on this task. It is. An example of your input and desired output would have been nice. :-) -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ...
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150613023631.db821f0c.freebsd>