微信公众号搜"智元新知"关注
微信扫一扫可直接关注哦!

如何计算每个单一帐户EXIM发送的电子邮件数量? 安装syslog和syslog-mysql 基本配置解析器数据配置

分类:编程问答

如何解决如何计算每个单一帐户EXIM发送的电子邮件数量? 安装syslog和syslog-mysql 基本配置解析器数据配置

我的应用程序需要实时计算电子邮件数量以及通过exim发送的时间,这可能吗?

连接是通过SMTP建立的。

解决方法

有三种方法可以做到这一点:

  • 1个解析日志(更糟糕的方法)。
  • 2个RSyslog实现以及Exim conf。
  • 使用Mysql进行3次进出口。

Rsyslog

安装syslog和syslog-mysql 

[root@web ~]# yum install rsyslog rsyslog-mysql

基本配置

[root@web ~]# mysql
mysql> CREATE DATABASE Syslog;
mysql> USE Syslog;
mysql> CREATE TABLE `SmtpMailLog` (
 `Id` bigint(11) unsigned NOT NULL AUTO_INCREMENT,`Hostname` varchar(255) NOT NULL,`EximID` varchar(16) NOT NULL,`DateIn` datetime DEFAULT NULL,`DateLastProcessed` datetime DEFAULT NULL,`DateCompleted` datetime DEFAULT NULL,`FromAddr` varchar(100) DEFAULT NULL,`FromAddrHost` varchar(100) DEFAULT NULL,`FirstToAddr` varchar(100) DEFAULT NULL,`AdditionalToAddr` text,`HostFrom` varchar(100) DEFAULT NULL,`FirstHostTo` varchar(100) DEFAULT NULL,`Size` int(11) DEFAULT NULL,`Subject` varchar(255) DEFAULT NULL,`Notes` varchar(255) DEFAULT NULL,PRIMARY KEY (`Id`),UNIQUE KEY `EximID` (`EximID`)
) ENGINE=MyISAM AUTO_INCREMENT=1 DEFAULT CHARSET=utf8 COMMENT='--';
mysql> exit
[root@web ~]# echo "USE mysql; CREATE USER rsyslog; FLUSH PRIVILEGES;" | mysql
[root@web ~]# echo "USE mysql; GRANT ALL PRIVILEGES ON Syslog.* TO 'rsyslog'@'127.0.0.1' IDENTIFIED BY 'rsysl0g'; FLUSH PRIVILEGES;" | mysql
[root@web ~]# echo "USE mysql; SET PASSWORD FOR 'rsyslog'@'127.0.0.1' = PASSWORD('rsysl0g'); FLUSH PRIVILEGES;" | mysql
[root@web ~]# /bin/cat << EOF > /etc/rsyslog.conf
# Modules --------------------------------------------------------------------
# Input
$ModLoad imuxsock.so    # Unix sockets
# Output
$ModLoad ommysql.so     # Log to MySQL

# Globals --------------------------------------------------------------------
# There are many more - see docs
# Files and dirs are created as needed (dirs only for "dynamic" files)
$umask 0000
$DirCreateMode 0640
$FileCreateMode 0640
#$FileOwner rsyslog
#$FileGroup rsyslog
#$DirOwner rsyslog
#$DirGroup rsyslog
$RepeatedMsgReduction on

# Include package specific logs (including rsyslog itself)
$IncludeConfig /etc/rsyslog.d/*.conf

# Log to the console
*.*     -/var/log/exim/main.log 
& ~

EOF

解析器数据配置

[root@web ~]# /bin/cat << EOF > /etc/rsyslog.d/20-mail.conf
# ###############################################################
# Mail system logging                                           
# Exim,Spam Assassin,SA-Exim,ClamAV                          
# /etc/rsyslog.d/20-mail.conf                                            
# ###############################################################   
# NOTES                                                            
# Careful with quotes in if clauses                                
#   seems to need ' and not " (JG 11 Jun 2009)                     
# Multi line logging from Exim "detector":                         
#      :msg,regex," \[[0-9]{1,3}[\\/][0-9]{1,3}\]" ~             
# email address finder:                                            
#  %msg:R,ERE,ZERO:[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}--end%
# Exim ID finder:                                                         
#  %msg:R,ZERO:[A-Za-z0-9]{6}-[A-Za-z0-9]{6}-[A-Za-z0-9]{2}--end%   
# Easier to read log format:                                              
# $template Mail-Exim-File-Format,"%timegenerated:1:10:date-rfc3339% %timegenerated:12:19:date-rfc3339% %hostname% %syslogtag%%msg%\n"
#########################################################                                                                             

# Syslog style to support OSSEC (JG 26 AUg 2009)
$template Mail-Exim-File-Format,"%timegenerated% %HOSTNAME% %syslogtag%%msg%\n"

#########################################################
# Amalgamated logging templates                          
# The log entry is built up an initial entry from ClamAV followed by successive updates from the vaious components,in the order
# of the templates here. The EximID is used to look up the entry except for SA-Exim (which uses the msgid).                     

# <= - In
#   Local:
# Sep 15 09:06:17 loghost exim[20787]: 1MnT3J-0005PH-2y <= nagios@example.com U=nagios P=local S=794 T="** PROBLEM Service Alert: host-name/NTP-peer is CRITICAL  **"                                                                                                                                                      
# Sep 22 10:40:59 portal exim[12557]: 1Mq1rn-0003GX-MZ <= root@blueloop.net U=root P=local S=516 T="test message"                                            
#   Relayed:                                                                                                                                                 
# Sep 15 09:03:38 loghost exim[20078]:                                                                                                                       
#   1MnT0g-0005Dq-BC <= user@example.com H=host.example.com [192.168.100.100] P=esmtp S=8690192 id=4AAF585B020000AA0004ED5B@port.blueloop.net T="Subject line from  message"                                                                                                                                                
# If an arg to CONCAT is NULL then the whole output is NULL      
$template Mail-Exim-In-Amalgamated,"REPLACE INTO SmtpMailLog \                                                                                              
        ( \
                Hostname,\ 
                EximID,\
                DateIn,\
                DateLastProcessed,\ 
                FirstToAddr,\
                FromAddr,\
                FromAddrHost,\
                AdditionalToAddr,\
                HostFrom,\
                Size,\ 
                Subject,\ 
                FirstHostTo \
        ) \
        VALUES \
        ( \
                '%hostname%',\
                '%msg:R,ZERO:[A-Za-z0-9]{6}-[A-Za-z0-9]{6}-[A-Za-z0-9]{2}--end%',\
                '%timereported:::date-mysql%',ZERO:([A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$)--end%',4}--end%',\
                substring_index('%msg:R,'@',-1),\
                '',\
                SUBSTRING('%msg:R,ZERO:H=.*\[[0-9]{1,3}\.[0-9]{1,3}]--end%' FROM 3),ZERO:S=[0-9]{1,}--end%' FROM 3),ZERO:T=.*--end%' FROM 3),\
                'pending' \
        ) \                                                                                                                                                                                                          
",SQL                                                                                                                                                        

# ** - Failed
$template Mail-Exim-Fail-Amalgamated,"UPDATE SmtpMailLog \
        SET \                                                    
                DateLastProcessed   = '%timereported:::date-mysql%',\
                FirstToAddr         = 'Failed - see notes',\               
                FirstHostTo         = 'Failed - see notes',\               
                Notes               = '%msg%' \                                   
        WHERE EximID = '%msg:R,ZERO:[A-Za-z0-9]{6}-[A-Za-z0-9]{6}-[A-Za-z0-9]{2}--end%' \
",SQL                                                                                           

# => - Out
$template Mail-Exim-Out-Amalgamated,"UPDATE SmtpMailLog \
        SET \                                                    
                FirstToAddr         = '%msg:R,\
                FirstHostTo         = SUBSTRING('%msg:R,ZERO:H=.*]--end%' FROM 3),\                        
                DateLastProcessed   = '%timereported:::date-mysql%',\                                      
                Notes               = 'Out' \                                                                           
        WHERE EximID = '%msg:R,ZERO:[A-Za-z0-9]{6}-[A-Za-z0-9]{6}-[A-Za-z0-9]{2}--end%' \           
",SQL                                                                                                     

# -> - additional deliveries
$template Mail-Exim-Add-Amalgamated,"UPDATE SmtpMailLog \
        SET \                                                    
                AdditionalToAddr    = CONCAT_WS(' ',AdditionalToAddr,'%msg:R,4}--end%'),\
                DateLastProcessed   = '%timereported:::date-mysql%',\                                                                           
                Notes               = 'Additional delivery' \                                                                                                
        WHERE EximID = '%msg:R,ZERO:[A-Za-z0-9]{6}-[A-Za-z0-9]{6}-[A-Za-z0-9]{2}--end%' \                                                
",SQL                                                                                                                                          

# Completed
$template Mail-Exim-Completed-Amalgamated,"UPDATE SmtpMailLog \
        SET \                                                         
                DateCompleted       = '%timereported:::date-mysql%',\      
                DateLastProcessed   = '%timereported:::date-mysql%',\  
                Notes               = 'Completed' \                                 
        WHERE EximID = '%msg:R,SQL                                                                                                                                                                                                    
#########################################################                                                                                     

# Full Exim log (bar the bits that are filtered out above) - file
if $programname == 'exim' then /var/log/exim/main.log;Mail-Exim-File-Format

###################################
# Amalgamated Mail log - single line per mail,some details lost - DB

#if $programname == 'exim' \
#        and $msg contains 'dovecot_login'  \
#then :ommysql:127.0.0.1,Syslog,rsyslog,rsysl0g;Mail-Exim-New-Amalgamated

if $programname == 'exim' \
        and $msg contains '<=' \
then :ommysql:127.0.0.1,rsysl0g;Mail-Exim-In-Amalgamated

if $programname == 'exim' \
        and $msg contains '=>' \
then :ommysql:127.0.0.1,rsysl0g;Mail-Exim-Out-Amalgamated

if $programname == 'exim' \
        and $msg contains '->' \
then :ommysql:127.0.0.1,rsysl0g;Mail-Exim-Add-Amalgamated

if $programname == 'exim' \
        and $msg contains '**' \
then :ommysql:127.0.0.1,rsysl0g;Mail-Exim-Fail-Amalgamated

if $programname == 'exim' \
        and $msg contains 'Completed' \
then :ommysql:127.0.0.1,rsysl0g;Mail-Exim-Completed-Amalgamated
##################################

# Dump Exim messages
if $programname == 'exim' then ~

EOF

调整进出口日志选择器:

[root@web ~]# vi /etc/exim/exim.conf
log_selector = +incoming_port +smtp_connection +all_parents +retry_defer +subject +arguments +received_recipients

-

Exim Mysql

安装依赖项。

[root@web ~]# yum install exim-mysql

添加exim mysql连接。

[root@web ~]# vi /etc/exim/exim.conf
hide mysql_servers = 127.0.0.1/{DATABASE}/{USER}/{PASSWORD}

可以使用与Rsyslog安装相同的表结构。

acl_smtp_data部分,添加如下内容:

acl_smtp_data:
  warn
    continue = ${lookup mysql{INSERT INTO SmtpMailLog \
      (\
        AdditionalToAddr \
      )\
      values \
      (\
        '${quote_mysql:$recipients}' \
      )}}

版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。

苹果市值2025年有望达4万亿美元
pythonJavaScriptjavaHTMLPHPreactjsC#AndroidCSSNode.jssqlrpython-3.xMysqLjQueryc++pandasFlutterangularIOSdjangolinuxswifttypescript路由器JSON路由器设置无线路由器h3c华三华三路由器设置华三路由器电脑软件教程arraysdocker软件图文教程Cvue.jslaravelspring-boot