You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by Steve Fatula <co...@yahoo.com> on 2009/10/04 20:46:38 UTC

How to log sending IP in spamd

We use Spamassassin via spamc/spamd via procmail. In the maillog file, we see when there is spam, the message indicates a bunch of information. raddr shows up always as 127.0.0.1, which is our course our connection to SPAMD from our machine via procmail. Similarly, rhost is our machine.

We are trying to tally up totals by sending IP of SPAM. So, none of the log messages show sending IP when used in this environment. 

How can we get spamd to log the sending ip? Alternatives? 
 
Steve

Re: How to log sending IP in spamd

Posted by Steve Fatula <co...@yahoo.com>.

Chris write:

>Steve, are you looking for something like this:

>X-senderip: 213.240.247.107
>X-asn: ASN-20911
>X-cidr: 213.240.244.0/22

>If so I can send you the formail recipes I use.

I was looking for the log files. I decided to go another way that makes it easier, just create a plugin since all of the data possible is there or can be easily obtained, and, I can update and store it anywhere I want (database).

I are more surprised that spamd logs 127.0.0.1 info and not the lastexternalip, I guess that makes sense, but, no option is odd to me as many run procmail, maildrop, etc.

Re: How to log sending IP in spamd

Posted by Chris <cp...@embarqmail.com>.

On Sun, 2009-10-04 at 11:46 -0700, Steve Fatula wrote:
> We use Spamassassin via spamc/spamd via procmail. In the maillog file, we see when there is spam, the message indicates a bunch of information. raddr shows up always as 127.0.0.1, which is our course our connection to SPAMD from our machine via procmail. Similarly, rhost is our machine.
> 
> We are trying to tally up totals by sending IP of SPAM. So, none of the log messages show sending IP when used in this environment. 
> 
> How can we get spamd to log the sending ip? Alternatives? 
>  
> Steve

Steve, are you looking for something like this:

X-senderip: 213.240.247.107
X-asn: ASN-20911
X-cidr: 213.240.244.0/22

If so I can send you the formail recipes I use.

Chris

-- 
KeyID 0xE372A7DA98E6705C

Re: How to log sending IP in spamd

Posted by Michael Parker <pa...@pobox.com>.

On Oct 4, 2009, at 1:46 PM, Steve Fatula wrote:

> We use Spamassassin via spamc/spamd via procmail. In the maillog  
> file, we see when there is spam, the message indicates a bunch of  
> information. raddr shows up always as 127.0.0.1, which is our course  
> our connection to SPAMD from our machine via procmail. Similarly,  
> rhost is our machine.
>
> We are trying to tally up totals by sending IP of SPAM. So, none of  
> the log messages show sending IP when used in this environment.
>
> How can we get spamd to log the sending ip? Alternatives?
>

Not sure how recent of a version you'll need but in at least 3.3 you  
can write a plugin that calls $permsgstatus- 
 >set_spamd_result_item(<coderef>) to add anything to the spamd logline.

Check the Shortcuit plugin for an example.

Michael