sed question

Amedee Van Gasse (ub) amedee-ubuntu at amedee.be
Mon May 10 09:34:11 UTC 2010 

Hello,

I'm using the following script to have a quick view of all mails that are
refused on my mailserver. It runs inside a screen session. It's my
intention to do some more "pretty printing" later.


#! /bin/bash -e
LOGFILE=/var/log/mail.log
tail -F --lines=1000 --max-unchanged-stats=5 $LOGFILE | egrep NOQUEUE |
sed 's/ localhost postfix\/smtpd\[[0-9][0-9]*\]: NOQUEUE://g' | sed 's/;
/\
     /g' | sed 's/ to=/\
    &/' | sed 's/ proto=/\
    &/' |sed 's/ helo=/\
    &/'


Explained:
* follow the last 1000 lines in mail.log
* show only the lines with NOQUEUE (bounced) emails
* remove hostname & postfix process
* replace ; with newlines
* also put to=, proto= and helo= on a new line


This gives an output like this:

May 10 06:14:02 reject: RCPT from unknown[211.49.70.200]: 550 5.1.1
<an.2006.08.28.19.53.55.655407 at amedee.be>: Recipient address rejected:
User unknown in local recipient table
     from=<an.2006.08.28.19.53.55.655407 at amedee.be>
     to=<an.2006.08.28.19.53.55.655407 at amedee.be>
     proto=SMTP
     helo=<wolfnote>
May 10 06:23:46 reject: RCPT from unknown[124.60.248.25]: 554 5.7.1
Service unavailable
     Client host [124.60.248.25] blocked using bl.spamcop.net
     Blocked - see http://www.spamcop.net/bl.shtml?124.60.248.25
     from=<entitiesqt4 at kapeit.com>
     to=<amedee at amedee.be>
     proto=ESMTP
     helo=<BNQCQDLE>


My problem is that this script doesn't show all lines. The last piece of
output is:

May 10 06:23:46 reject: RCPT from unknown[124.60.248.25]: 550 5.1.1
<amedeen at amedee.be>: Recipient address rejected: User unknown in local
recipient table
     from=<entitiesqt4 at kapeit.com>
     to=<amedeen at amedee.be>
     proto=ESMTP
     helo=<BNQCQDLE>
May 10 06:24:57 reject: RCPT from unknown[186.82.82.124]: 554 5.7.1
Service unavailable
     Client host [186.82.82.124] blocked using bl.spamcop.net
     Blocked - see http://www.spamcop.net/bl.shtml?186.82.82.124

The original is:

May 10 06:23:46 localhost postfix/smtpd[28098]: NOQUEUE: reject: RCPT from
unknown[124.60.248.25]: 550 5.1.1 <amedeen at amedee.be>
: Recipient address rejected: User unknown in local recipient table;
from=<entitiesqt4 at kapeit.com> to=<amedeen at amedee.be> proto=
ESMTP helo=<BNQCQDLE>
May 10 06:24:57 localhost postfix/smtpd[28098]: NOQUEUE: reject: RCPT from
unknown[186.82.82.124]: 554 5.7.1 Service unavailable; Client host
[186.82.82.124] blocked using bl.spamcop.net; Blocked - see
http://www.spamcop.net/bl.shtml?186.82.82.124;
from=<boatswainst at withallmyheartchildcare.com> to=<amedee at amedee.be>
proto=ESMTP helo=<Dynamic-IP-1868282124.cable.net.co>
May 10 06:24:57 localhost postfix/smtpd[28098]: NOQUEUE: reject: RCPT from
unknown[186.82.82.124]: 550 5.1.1 <amedeen at amedee.be>: Recipient address
rejected: User unknown in local recipient table;
from=<boatswainst at withallmyheartchildcare.com> to=<amedeen at amedee.be>
proto=ESMTP helo=<Dynamic-IP-1868282124.cable.net.co>


The problem must be with sed, because if I change (add or remove) sed
statements, it stops at other lines.

So what is going on here? Am I running into limitations of sed?

-- 
Amedee



--

More information about the ubuntu-users mailing list