alexalmazan.com

Sendmail default installations are established solely on localhost, please ensure that initial ‘.mc’ edits should include changes to the following line in the file ‘/etc/mail/sendmail.mc’

From this:

DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl

To this:

DAEMON_OPTIONS(`Port=smtp,Name=MTA')dnl

Considerations for SMTP authentication should also be put forth in the initial edits. Remove each ‘dnl’ from the front of the lines in the file ‘/etc/mail/sendmail.mc’ that impact these listed configuration options:

TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN'')dnl
define(`confAUTH_MECHANISMS'', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN 
PLAIN'')dnl

Once your edits are in place, regenerate the configuration

[root@station mail]# service sendmail restart
Shutting down sm-client:                                   [  OK  ]
Shutting down sendmail:                                    [  OK  ]
Starting sendmail:                                         [  OK  ]
Starting sm-client:                                        [  OK  ]
[root@station mail]# telnet 192.168.0.1 25
Trying 192.168.0.1...
Connected to station.example.com (192.168.0.1).
Escape character is '220 station.example.com ESMTP Sendmail 8.13.8/8.13.8; Thu, 9 Aug 2008
10:36:18 -0500
quit
221 2.0.0 station.example.com closing connection

Connection closed by foreign host.

Rhel alternatives script

Rhel5 as with Enterprise 3 and 4 comes with a scripted mechanism for establishing some very important symbolic links in the system. This functionality permits you to transtion your system into using the MTA of your choice. The scripted utility is called ‘alternatives’

Notes on the utilities usage:

“alternatives—display mta“

[root@station13 RHEL5RPMS]# alternatives --display mta
mta - status is auto.
 link currently points to /usr/sbin/sendmail.sendmail
/usr/sbin/sendmail.sendmail - priority 90
 slave mta-pam: /etc/pam.d/smtp.sendmail
 slave mta-mailq: /usr/bin/mailq.sendmail
 slave mta-newaliases: /usr/bin/newaliases.sendmail
 slave mta-rmail: /usr/bin/rmail.sendmail
 slave mta-sendmail: /usr/lib/sendmail.sendmail
 slave mta-mailqman: /usr/share/man/man1/mailq.sendmail.1.gz
 slave mta-newaliasesman: /usr/share/man/man1/newaliases.sendmail.1.gz
 slave mta-aliasesman: /usr/share/man/man5/aliases.sendmail.5.gz
 slave mta-sendmailman: /usr/share/man/man8/sendmail.sendmail.8.gz
/usr/sbin/sendmail.postfix - priority 30
 slave mta-pam: /etc/pam.d/smtp.postfix
 slave mta-mailq: /usr/bin/mailq.postfix
 slave mta-newaliases: /usr/bin/newaliases.postfix
 slave mta-rmail: /usr/bin/rmail.postfix
lave mta-mailqman: /usr/share/man/man1/mailq.postfix.1.gz
 slave mta-newaliasesman: /usr/share/man/man1/newaliases.postfix.1.gz
 slave mta-aliasesman: /usr/share/man/man5/aliases.postfix.5.gz
 slave mta-sendmailman: /usr/share/man/man1/sendmail.postfix.1.gz
Current `best' version is /usr/sbin/sendmail.sendmail.

The output reveals that this system is set for Sendmail usage. Take note of the listed item ‘link currently points to /usr/sbin/sendmail.sendmail’ Redhat is equipped with two versions of ‘sendmail’ for use, the file(s) /usr/sbin/sendmail.postfix and /usr/sbin/sendmail.sendmail. The script alternatives switches the system links to permit the use of either MTA.

Swap system MTA to Postfix via alternatives—config mta

[root@station13 RHEL5RPMS]# alternatives --config mta
  Selection    Command
-----------------------------------------------
*+ 1           /usr/sbin/sendmail.sendmail
   2           /usr/sbin/sendmail.postfix

Select the number presented to change the MTA in use. Complete all the dialog on the screen and the alternatives script does all the heavy lifiting.

(Once this is performed, it is important to review the startup scripts to ensure the appropriate MTA starts at server boot time.

[root@station13 ]# chkconfig --list |egrep 'sendmail|postfix'
sendmail        0:off   1:off   2:on    3:on    4:on    5:on    6:off
postfix         0:off   1:off   2:on    3:off    4:off    5:off    6:off

Change this to ‘Postfix’ with

[root@station13 ]#chkconfig --level 345 sendmail off
[root@station13 ]#chkconfig --level 345 postfix on

Recheck the preferred MTA

[root@station13 ]# chkconfig --list |egrep 'sendmail|postfix'
sendmail       0:off   1:off   2:on    3:off    4:off    5:off    6:off
postfix         0:off   1:off   2:on    3:on    4:on    5:on    6:off

notice the change once sendmail/postfix is changed. It is imperative that these be reviewed if you are transitioning the MTA with ‘alternatives‘

Which MTA? Differences reviewed

A Mail Transfer Agent (MTA) is a program that delivers mail and transports it between machines. Usually, there is only one MTA running on a machine at any particular time.

MUA vs. MTA – A Mail User Agent (MUA) is a program that users run to read, reply, to , compose and dispose of emails ( such as outlook, mozilla) You can have many different MUA’s installed and running on one machine.

Sendmail is an extremely popular mail transfer agent (MTA) used by default on many distributions to handle SMTP messaging.

The default Sendmail directory set in Rhel5 is ‘/etc/mail’. (this does not differ from prior enterprise versions a.k.a AS2.1,rhel3,& rhel4)

The file /etc/mail/sendmail.mc serves as the configuration framework. (BSD {free,open,net} Sendmail renames this file hostname.mc post ‘make install’ in /etc/mail as root)

Regenerate sendmail.mc

The file /etc/mail/sendmail.cf is the cryptic assembly built from the framework ‘.mc’ file with the following syntax as root.

# make -C4 /etc/mail  

You can also perform the following for generating the configuration, as well as a ‘service sendmail restart‘

m4 < sendmail.mc>sendmail.cf

Once you have made an attempt to regenerate the Sendmail configuration, you should check that the corresponding ‘.cf’ file has been updated. To do so quickly, list the contents of ‘/etc/mail’ with ‘ls -lrt’, the file should appear at the bottom of the output recieved.

[root@station ]# ls -lrt
total 356
-r--r--r-- 1 root root 41286 Nov 28  2006 submit.cf.bak
-rw-r--r-- 1 root root  5521 Nov 28  2006 helpfile
-rw-r--r-- 1 root root     0 Nov 28  2006 virtusertable
-rw-r--r-- 1 root root   127 Nov 28  2006 trusted-users
-rw-r--r-- 1 root root   940 Nov 28  2006 submit.mc
-rw-r--r-- 1 root root  1048 Nov 28  2006 Makefile
-rw-r--r-- 1 root root     0 Nov 28  2006 mailertable
-rw-r--r-- 1 root root    64 Nov 28  2006 local-host-names
-rw-r--r-- 1 root root     0 Nov 28  2006 domaintable
-rw-r--r-- 1 root root   355 Nov 28  2006 access
-rw-r----- 1 root root 12288 Aug  6 15:43 virtusertable.db
-rw-r--r-- 1 root root 58205 Aug  6 15:43 sendmail.cf.bak
-rw-r----- 1 root root 12288 Aug  6 15:43 mailertable.db
-rw-r----- 1 root root 12288 Aug  6 15:43 domaintable.db
-rw-r----- 1 root root 12288 Aug  6 15:43 access.db
-rw-r--r-- 1 root root  7202 Aug  9 10:33 sendmail.mc
-rw-r--r-- 1 root root 40239 Aug  9 10:34 submit.cf
-rw-r--r-- 1 root root 58240 Aug  9 10:34 sendmail.cf

Regeneration of the Sendmail configuration files should incorporate any and all configuration details put into the default sendmail.mc

Start up and shutdown of the Sendmail service can be achieved with the syntax ‘service sendmail stop|start|restart’. You can also interact with the service, as you do for BSD based Sendmail from the directory ’/etc/mail’. To do so, issue ‘make start’ or ‘make install start‘

Upon service startup, especially after changes to the framework file /etc/mail/sendmail.mc, a quick connection test to port 25 should confirm success or failure of the changes put forth into the file ‘/etc/mail/sendmail.cf’. Receipt of 200 series response codes are usually enough to confirm successful service operation.

Here is a telnet test example for a generic system ‘user’

[root@station mail]# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 station.example.com ESMTP Sendmail 8.13.8/8.13.8; Thu, 9 Aug 2008
10:40:29 -0500
ehlo localhost
250-station.example.com Hello localhost.localdomain [127.0.0.1], pleased
to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-DELIVERBY
250 HELP
mail from:root@localhost
250 2.1.0 root@localhost... Sender ok
rcpt to:user@rhce.example.com
250 2.1.5 user@rhce.example.com... Recipient ok
data
354 Enter mail, end with "." on a line by itself
subject:using telnet
from:root
this is a body test good config
.
250 2.0.0 l79FeTOX020441 Message accepted for delivery
quit
221 2.0.0 station.example.com closing connection
Connection closed by foreign host.

Here is the message generated confirming local delivery

[root@station mail]# tail -f /var/spool/mail/user
Received: from localhost (localhost.localdomain [127.0.0.1])
        by station.example.com (8.13.8/8.13.8) with ESMTP id l79FeTOX020441
        for user@rhce.example.com; Thu, 9 Aug 2008 10:41:48 -0500
Date: Thu, 9 Aug 2008 10:40:29 -0500
From: root <root@station.example.com>
Message-Id: <200708091541.l79FeTOX020441@station.example.com>
subject: using telnet

this is a body test good config

Virtual Hosting with Sendmail

The file virtusertable serves as a mechanism for building a virtual user environment for multiple domain hosting as well as message forwarding. The file format employs a dual column setup. The leftmost column defines the virtual hosted user at domain ‘user@FQDN‘

The right hand column can be represented by a system user, or a forwarding email address. The first delivery condition is always utilized.

sales@rhce.example.com        user
sales@demo.example.com        auser@example.com
@demo.example.com             student
script@rhce.example.com        |/path/to/file

Notice – the last listed examples highlights that you can use the virtusertable to forward incoming messages to custom scripts.If file is a txt field, it will append messages. If file is a script then the script will execute with the messages as stndin.

Once the virtusertable is created/editted, it has to be regenerated to incorporate the changes much like the MTA’s main configuration file. A service restart of Sendmail will do it, as will the following syntax as root from the command line shell

[root@station ]#makemap hash virtusertable <virtusertable

This action will rebuild the table without a service restart.

The file /etc/mail/local-host-names serves as a list of domains the server will be responsible or accept messaging on behalf of. The acceptable file format is a listing of single domains per-line.

Sendmail differs from Postfix in that ‘/etc/aliases’ should be used to send to groups or multiple recipients for Sendmail

Postfix performs ‘group’ delivery with a listing in a file such as as /etc/postfix/virtual:

The file format of /etc/mail/virtusertable does NOT support comma delimited recpients. This should be handled in the file /etc/aliases as deomonstrated in this example:

# Person who should get root's mail
root:            user
team:           user,student
team2:          chris,jamie

Additional information or rules on Sendmail Virtual Hosting. can be reviewed at the official site

Postfix was designed from the ground up to be a replacement for Sendmail.

The Postfix development group had the following four goals in mind when developing the service:

it should be more efficient than Sendmail

it should be more secure that Sendmail

it should be easier to administer than Sendmail

it should be 100% Sendmail compatible

To accomplish all the development group set out to do,Postfix is composed of many individual programs which each handle a particular aspect of mail transfer.

All spawned processes are managed by a supervisory master daemon. This master daemon inherits its configuration/operation characteristics through the use of the combined files ‘/etc/postfix/main.cf’ and ‘/etc/postfix/master.cf’.

The file ‘main.cf’ contains configuration statements, where as the file ‘master.cf’ has parameters related to the individual spawned processes connectivity to the system, to include such things as connection time out and service type and overall ‘smtpd’ operation of the Postfix service.

Provided is a list of the most essential configuration parameters are required for basic operation of Postfix.These items comprise the core elements of the file ‘/etc/postfix/main.cf‘

‘mydestination’	is equivalent to its Sendmail counterpart ’/etc/mail/local-host-names’ This should not be used for virtual domains
‘mynetworks’	NOTE Postfix will act as a relay to any of the addresses specified with this parameter
‘inet_interfaces’	Default setting with Rhel5 is localhost,This configuratoin paramter tells the service which interface to monitor

Other essential Postfix configuration parameters:

‘myorigin’	This name is added all locally originating email. The default behavior is to assume ‘myhostname’
‘myhostname’	The name of the system to include the domain. It is used to specify the Internet address scheme of the server
‘mydomain’	Specifies the current domain the server represents,in accord with configured DNS.This parameter should be used in place of ‘myhostname’ when in use to recieve hosted domain messaging
‘local_recipient_maps’	This setting informs the MTA where to find the names of local usersto accept mail for.It confirms user validity for message delivery/relay. (removing altogether will generate errors, blank is OK)
‘empty_address_recipient’	Defines the mail address where bounce notifications should be returned to for messages that bounce but have no sender address defined
‘smtpd_banner’	Banner provided to connecting SMTP servers.It is recommended that this FQDN value be properly defined in DNS, to include matching reverse mapping entries
‘message_size_limit’	Sets the maximum size of a message.Default settings reject all messages larger that 20MB
‘mailbox_size_limit’	Sets the maximum size of local mailbox files
‘queue_minfree’	This setting adjusts when the MTA will no longer accept messaging due to disk resource limits
‘transport_maps’	Specifies which protocol the MTA should use to send mail to particular hosts.This tables lists each remote host and protocol the MTA can use to send messages to that host
‘virtual_maps’	Sets the type and location of the ‘virtual’ lookup table.The lookup table lists each address or domain to be redirected on a seperate line. Each then points to a local address that holds messages destined for that domain/address
‘smtpd_helo_restrictions’	Can be used to subscribe to RBLs in an effort to combat bulk UCE
‘smptd_sender_restrictions’	Used to limit or restrict sending hosts. Used in conjuction with ‘helo_restrictions’ to combat bulk UCE
‘smtp_recipient_restrictions’	Prevents the server from being used as an open relay, as well as aids in fighting spam
‘content_fliter’	redirect all messaging to a content filter such as ‘Amavisd’ or ‘AMavisd-new’
‘smtpd_recipient_limit’	limits the number of recipients allows in a single incoming message.Default is 1000
‘smtpd_timeout’	Amount of time the MTA waits for an STMP client request after sending a response. This value can be set in minutes, hours, days, or weeks, the default is seconds
‘queue_run_delay’	Interval in seconds in which the MTA scans the deferred message queue for re-delivery. Default value is 1000
‘maximal_queue_lifetime’	interval in days that a message remains in the deferred queue. Default is 5 days

Here is all that is required to get messaging started

[root@station ]#postconf -e "myorigin-example.com" 
[root@station ]#postconf -e "mydestination=example.com,mail.example.com" 
[root@station ]#postconf -e "my networks=192.168.0.0/24,127.0.0.1" 
[root@station ]#postconf -e 'inet_interfaces=all
[root@station ]#postfix reload

Once you have put forth configuration changes, you can call up all differences with the postconf utility through the use of switch ‘n’

[root@station ]#postconf -n 
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
html_directory = no
inet_interfaces = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = ,localhost.,localhost,hash:/etc/postfix/localhostnames
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
sample_directory = /usr/share/doc/postfix-2.3.3/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
unknown_local_recipient_reject_code = 550

In order to split the RS configured ‘mydomains’ and default virtual Postfix file the following is needed in the configuration hash:/etc/postfix/mydomains at the end of the parameter ‘mydestinations’. The following steps outline how the domains are split off into their own seperate listing

[root@station ]#postconf -e mydestination="$myhostname,localhost.$mydomain,localhost,hash:/etc/postfix/localhostnames" 

Create the file /etc/postfix/mydomains and add the domains:

[root@station postfix]# cat mydomains
rhce.example.com      OK
demo.example.com      OK

issue

[root@station ]#postmap mydomains
[root@station ]#postfix reload

Next test the changes to Postfix

[root@station ]# echo postfix test | mail -s "postfix rocks" 
user@demo.example.com
[root@station ]# tail -f /var/spool/mail/user
Received: by station.example.com (Postfix, from userid 0)
        id D2AFD1988B6; Thu,  9 Aug 2008 11:25:01 -0500 (CDT)
To: user@demo.example.com
Subject: postfix socks
Message-Id: <20070809162501.D2AFD1988B6@station.example.com>
Date: Thu,  9 Aug 2008 11:25:01 -0500 (CDT)
From: root@station.example.com (root)

postfix test

This is also needed to mimic the RS version of postfix

virtual_alias_maps=hash:/etc/postfix/virtual

Postfix has a similar alias mechanism to Sendmail.The file ‘/etc/postfix/aliases’ should be edited to support the handling of mail for non-existent system accounts that may receive messaging such as ‘webmaster/postmaster’ and of course handling of the systems ‘root’ messaging.

When switching to Postfix you should replace the existing system provided ‘aliases’ file in ‘/etc’ overwriting the existing format, as it is likely in place for Sendmail by default. (I would also recommend that you backup all of ‘/etc/postfix’ to ‘/etc/postfix-orig’ .etc prior to implementing changes contrary to the default)

A touch or edit to /etc/aliases with Postfix requires the issuance of the command ‘newaliases’

small samples

virtual
@domain        catch-all
aliases
catch-all: "/dev/null" 

Additional information or rules on Postfix Virtual Hosting. can be reviewed at the official site

Plesk Spamassassin permits the establishment of ‘personal settings’ for individual configured mail users. Problems arise as the default configure ‘required_score’ value for calssifying spam defaults to ‘7’. This is a quick means of changing the score for all hosted mail users from 7.00 to 4.00:

Get to the SQL CLI as the Plesk admin user and inspect the current established settings

[root@server1 log]# mysql -uadmin -p`cat /etc/psa/.psa.shadow` psa

Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 7578332 to server version: 4.0.18-Max

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> select * from spamfilter_preferences where preference='required_score';

This should display all user settings. You may have to issue something similar to the following query to get those with a score of 4.00 or higher

mysql> select * from spamfilter_preferences where preference='required_score'&& value != '4.00';

Use an update statement to change the values in the database table

mysql>  update spamfilter_preferences set value='4.00' where value='7.00';

It is also adviseable to set spamassassin to reject messages tagged as spam. To do so, issue the following via the SQL cli.

mysql>update spamfilter set reject_spam='true' where reject_spam='false';

Once this is all in place, you must use ‘mchk’ to re-issue the .qmail files

[root@server1 log]#/usr/local/psa/admin/bin/mchk --with-spam

Once this is finished, issue

[root@server1 log]#service qmail restart && service psa-spamassassin restart && service xinetd restart && service courier-imap restart 

The scores should now be at the value selected.

unset parse_apache_config find_alog_hit find_host_from_headers find_maillog_entries find_user_from_messagelog;parse_apache_config() { if [ ! -f docroots.out ]; then rm -f cfgs.[0-9]*;if [ -f /hsphere/local/home/cpanel/apache/etc/httpd.conf ]; then rootcfg='/etc/httpd/conf/httpd.conf';else rootcfg='/etc/httpd/conf/httpd.conf'; fi; ilvl=0;includes=1; echo $rootcfg > cfgs.$ilvl;until [[ ! -f cfgs.$ilvl ]]; do let $(( ilvl++ )); for cfg in $(cat cfgs.$((ilvl-1))); do for inc in $(grep -i "^ *include" $cfg | awk '{print $2}' | sed -e "s/^conf/\/etc\/httpd\/conf/g"); do ls $inc >> cfgs.$ilvl;done; done; done; cat cfgs.* > httpdconfs.out; rm -f cfgs.*;for cfg in $(cat httpdconfs.out); do egrep -i "(transfer|error|custom)log" $cfg | sed -e "s/^\s//g" | grep -v "^ *#" | sed -e "s/ logs\// \/var\/log\/httpd\//g" -e "s/  */ /g" | cut -f1-2; done > logs.out; egrep "TransferLog|CustomLog" logs.out | sed -e "s/^ *//g" |cut -f2 -d" " | uniq > access_logs;grep "ErrorLog" logs.out | sed -e "s/^ *//g" |cut -f2 -d" " | uniq > error_logs;for cfg in $(cat httpdconfs.out); do egrep -i "documentroot" $cfg | grep -v "^ *#" | awk '{print $2}'| sed -e "s/\"//g"; done | uniq > docroots.out;rm -f logs.out; rm -f httpdconfs.out;else echo "Apache config already  parsed"; fi; };find_host_from_headers() { host=$(grep "^Received: .*)$" $msgfile | head -1 | sed -e "s/^.*(//g" -e "s/)$//g");echo " - connected from: $host"; unset srchpatt; };find_maillog_entries() { srchpatt="$datefromhdr.*msg $msgno"; echo "$mlfn:";zgrep -h "$srchpatt" $mlfn*; unset srchpatt; };find_user_from_messagelog() { if [[ $subjhdr != 'failure notice' ]]; then srchpatt="$datefromhdr .* smtp_auth: SMTP user.*$host";user=$(zgrep -h "$srchpatt" /var/log/messages* | sed -e "s/^.*smtp_auth: SMTP user //g" -e "s/:.*$//g");if [ -z $user ]; then echo "user not found.  searching again with truncated timestamp, may provide weird results";srchpatt="$daypatt .* smtp_auth: SMTP user.*$host";user=$(zgrep -h "$srchpatt" /var/log/messages* | sed -e "s/^.*smtp_auth: SMTP user //g" -e "s/:.*$//g"); fi;if [ -z $user ]; then user="not found"; else mysql -uadmin -p`cat /etc/psa/.psa.shadow` psa -e "select password from domains left join mail on domains.id=mail.dom_id left join accounts on mail.account_id= accounts.id where postbox= \"true\" and mail_name=\"$user\" and domains.name=\"$domain\"\G" | grep --binary-files=text "password:" | cut -f2 -d" ";fi; echo "SMTP auth user $user";unset srchpatt; else echo "failure notice"; fi; };find_alog_hit() { echo "Searching web access_logs..."; for alog in $(cat access_logs); do zgrep "$apachefmt_date.*POST" $alog*; done; };if [ ! -d spaminfo ]; then mkdir spaminfo || (echo "Could not create work directory"; exit 1);else echo -n "" > spaminfo/report.out; fi;if [ -d /etc/psa ]; then mlfn="/usr/local/psa/var/log/maillog";echo "Found maillog: $mlfn";echo "Parsing Apache configuration file chain"; parse_apache_config;for msgfile in $(find /var/qmail/queue/mess/ -type f | head -10); do unset rcvhdr method uid date qmpid rcptlist tohdr fromhdr subjhdr bcchdr loc_datestamp srchpatt datefromhdr host user;remfile=$(echo $msgfile | sed -e "s/mess/remote/g"); rcptlist=$(sed -e "s/T/ /g" $remfile);rcvhdr=$(grep "^Received: (qmail" $msgfile);datefromhdr=$(echo $rcvhdr | sed -e "s/^.*); //g" | awk '{print $2" *"$1" "$4}');apachefmt_date=$(echo "$rcvhdr" | awk '{print $8"/"$9"/"$10":"$11}' | cut -f1-3 -d":");daypatt=$(echo $datefromhdr | cut -f1-2 -d ":");qmpid=$(echo $rcvhdr | sed -e "s/^.*qmail //g" -e "s/ invoked .*$//g");method=$(echo $rcvhdr | sed -e "s/^.*invoked //g" -e "s/).*$//g");echo $method | grep "from network" >/dev/null && (auth=);echo $method | grep "by uid" >/dev/null && (uid=$(echo $method | sed -e "s/^by uid //g"); );msgno=$(echo $msgfile | cut -f7 -d"/");tohdr=$(grep "^To: " $msgfile | cut -f2- -d" ");subjhdr=$(grep "^Subject: " $msgfile | head -1 | cut -f2- -d" ");fromhdr=$(grep "^From: " $msgfile | cut -f2- -d" ");bcchdr=$(grep -i "^bcc:" $msgfile | cut -f2- -d" ");echo "found msg: $msgno"; echo "To: $rcptlist"; echo "From: $fromhdr";echo "Timestamp: $(echo $datefromhdr | sed -e "s/\*//g")";echo "Subject: $subjhdr"; echo -n "qmail pid=$qmpid, $method";(echo $method | grep "from network" > /dev/null) && (find_host_from_headers && find_user_from_messagelog);(echo $method | grep "by uid 48" > /dev/null) && (find_alog_hit);echo; echo; echo "***"; echo; done;else mlfn="/var/log/maillog"; fi | tee -a spaminfo/report.out;unset parse_apache_config find_alog_hit find_host_from_headers find_maillog_entries find_user_from_messagelog