ACCUEIL >>  Technologies et Territoires >>  Laboratoire du libre >>  Code
 

grepmail.pl

Searching SMTP transactions (postfix)

Friday 19 January 2007 , par Michel Blanc



grepmail lets you search for SMTP transactions in postfix log files. You can search by sender or recipient.

 

grepmail let you search for SMTP transactions in postfix log files. You can search by sender or recipient.

This software is released as-is. Use at your own risks. Licence is GNU GPLv2.

Here is an example session :



[some@mail ~]# grepmail /var/log/maillog
Reading log file /var/log/maillog
Database built from 989342 lines read
Found 100974 transactions
Creating match database
100974/100974>help

'exit','quit' : quits to shell
'help' : this help
'stats' : displays stats for the database store, filter and logs
'from <filter>' : keep messages sent by 'arg'
'to <filter>' : keep messages received by 'arg'
'any  <filter>' : keep messages sent or received by 'arg'
'list' : list messages currently selected by successive filters
'load <file>' : read a log file discarding previous database
'merge <file>' : read a log file adding new messages to the database
'debug' : dumps perl database structures one by one
'reload' : reload last used logfile, discarding database
'reset' : reset all applied filters
'clear' : clears the whole database
'show <message>' : show specific message details
'case <on|off>' : make making case sensitive/insensitive (default)
'paging <on|off>' : sets paging on (default) of off (for 'list'); returns status without argument
'page X' : set page line size for paging; press 'q' to quit paging

The prompt displays the number of selected messages / the database size

100974/100974>from bob@erasme
Filtering message sent from bob@erasme
71 matches

71/100974>to alice
Filtering messages addressed to alice
16 matches

16/100974>list
Dec 7 10:30:14 [2E25A17B4D3] bob@erasme -> [alice@erasme]
Dec 6 00:39:56 [936F117B467] bob@erasme -> [alice@erasme,charlie@erasme]
Dec 5 22:03:12 [1CF2717B467] bob@erasme -> [alice@erasme,charlie@erasme]
Dec 4 21:41:58 [5376717B48F] bob@erasme -> [alice@erasme,dave@erasme]
Dec 7 16:41:34 [2228E17B4B3] bob@erasme -> [alice@erasme]
Dec 6 00:39:59 [E657C17B4AA] bob@erasme -> [alice@erasme,charlie@erasme]
Dec 7 15:37:34 [6FB6317B4D8] bob@erasme -> [alice@erasme]
Dec 7 10:30:10 [BD4B817B4B2] bob@erasme -> [alice@erasme]
Dec 6 19:03:13 [8F47417B496] bob@erasme -> [alice@erasme]
Dec 3 08:11:21 [2B37F17B4F0] bob@erasme -> [alice@erasme]
Dec 3 08:11:19 [49E9C17B48F] bob@erasme -> [alice@erasme]
Dec 5 22:03:14 [B0CDB17B48F] bob@erasme -> [alice@erasme,charlie@erasme]
Dec 4 21:42:00 [8ADF417B4B2] bob@erasme -> [alice@erasme,dave@erasme]
Dec 7 16:41:32 [EDF6117B4C8] bob@erasme -> [alice@erasme]
Dec 7 15:37:30 [6C2DA17B50A] bob@erasme -> [alice@erasme]
Dec 6 19:03:17 [1D00C17B4B2] bob@erasme -> [alice@erasme]
16/100974>exit
[some@mail ~]#





Répondre à cet article



Recherche par mots clés