Closed ravensorb closed 4 years ago
Commit 7cd749f might do the job.
Aswesom!
Hmm, I applied the update and I am still seeing the prvs= address in the senders report. I even deleted all of the data an reprocessed 3 years of mail logs (not only 3 months seem to be in the report -- can I force it to go back and process older ones?)
Ok, I see, new commit 80889ea might fix the remaining problem. If the problem persist please post some lines of your log file to reproduce the issue.
If you want to force sendmailanalyzer to analyze old files you have to remove file /usr/local/sendmailanalyzer/data/LAST_PARSED
before.
That seems to have done it -- note its possible there was a user error on my part. I was updating the version in /usr/local/sendmailanalyzer and I found I had a 2nd copy in /usr/bin - i remove the /usr/bin and setup a symbolic link :)
One last question -- if I change the file format to RSYSLOG_FileFormat (this include the UTC date format as the first colum), will your script be able to handle it?
I don't remember, let's try it. If it don't work or give inconsistent data post one line or two of the log file so that I can update the regexp.
I have a lot of mail addresses are seen in BATV format in my log (have "prvs=" prefix) for example
prvs=8407575794=someuser@mydomain.com
Now the number after prvs changes, however the someuser@mydomain.com is consistent. Is there anyway for sendmailanalyzer to collapse these into the same sender/recipient?For reference: https://en.wikipedia.org/wiki/Bounce_Address_Tag_Validation