Web lists-archives.com

Re: question on spamd logging




On Saturday 25 August 2018 12:12:09 Reco wrote:

> 	Hi.
>
> On Sat, Aug 25, 2018 at 11:27:32AM -0400, Gene Heskett wrote:
> > This is expanding the syslog to the point of drowning out any real
> > actionable messages.
> >
> > I think it used to have a log of its own. How, it this continues
> > once stretch is up and running, can we put those spamd messages back
> > into spamassassin's own log file? Seems like the logical place for
> > them.
>
> It's definitely possible with rsyslog's filtering feature.
> Can you provide a sample of the records that annoy you?
>
> Reco

Aug 25 12:10:01 coyote /USR/SBIN/CRON[20245]: (www-data) CMD ([ -x /usr/share/awstats/tools/update.sh ] && /usr/share/awstats/tools/update.sh)
Aug 25 12:11:33 coyote spamd[4854]: spamd: connection from localhost [127.0.0.1]:43518 to port 783, fd 5
Aug 25 12:11:33 coyote spamd[4854]: spamd: setuid to gene succeeded
Aug 25 12:11:33 coyote spamd[4854]: spamd: processing message <20180825161027.eaq2xy65oiar6fqz@xxxxxxxx> aka <AgA_oytFLPE.A.wcD.I-XgbB@bendel> for gene:1000
Aug 25 12:11:34 coyote spamd[4854]: spamd: clean message (1.6/5.1) for gene:1000 in 1.1 seconds, 10538 bytes.
Aug 25 12:11:34 coyote spamd[4854]: spamd: result: . 1 - BAYES_50,HEADER_FROM_DIFFERENT_DOMAINS,RDNS_NONE,T_DKIM_INVALID 
scantime=1.1,size=10538,user=gene,uid=1000,required_score=5.1,rhost=localhost,raddr=127.0.0.1,rport=43518,mid=<20180825161027.eaq2xy65oiar6fqz@xxxxxxxx>,rmid=<AgA_oytFLPE.A.wcD.I-XgbB@bendel>,bayes=0.500000,autolearn=no 
autolearn_force=no
Aug 25 12:11:35 coyote spamd[4707]: prefork: child states: II

Several hundred a day...

Thanks Reco

-- 
Cheers, Gene Heskett
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page <http://geneslinuxbox.net:6309/gene>