duplication logging

Sat Jun 17 19:29:51 IST 2006

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Matt,

All excellent suggestions as usual. All done. Will be in the next beta 
which I will release shortly.

Matt Kettler wrote:
> Res wrote:
>   
>> One thing that annoys me and I'm sure others on large systems is the
>> amount of unneccesay logging, for ANY program..
>>
>>
>> Jun  17 06:59:39 venus3 MailScanner[16663]: New Batch: Found 409
>> messages waiting
>> Jun  17 06:59:39 venus3 MailScanner[16663]: New Batch: Scanning 32
>> messages, 17285726 bytes
>> Jun  17 06:59:41 venus3 MailScanner[16663]: Virus and Content Scanning:
>> Starting
>> Jun  17 06:59:54 venus3 MailScanner[16663]: Uninfected: Delivered 32
>> messages
>>
>>
>> Now... Virus and Content scanning starting, is another name for New
>> Batch Scanning, I do think its overkill amnd completely (unless
>> debugging) pointless, my question Jules is, is it really needed unless
>> in debug mode?
>>     
>
> Personally, I think these log messages are very useful.
>
> However, I do think it would be nice if MailScanner made use of the "notice" log
> level.
>
> Right now, all the above messages are logged at the "info" level, which is
> probably appropriate.
>
> The problem is, a lot of fairly important stuff, such as infections, are also
> logged at "info".
>
> If these messages were logged at the "notice" level, then large-volume admins
> could configure their syslogger to only log notice or higher to disk and discard
> the info messages.
>
> It's not a perfect system, but would give people more flexibility in choosing
> how much logging they want to do.
>
> Some messages worth bumping from "info" to "notice" level would be:
>
>
>
> Config.pm:      MailScanner::Log::InfoLog("Skipping Custom Function file %s as
> its name does not end in .pm or .pl", $filename);
>
> CustomConfig.pm:    MailScanner::Log::InfoLog("IPBlock: Adding block for %s", $ip);
> CustomConfig.pm:    MailScanner::Log::InfoLog("Could not open file $fn: %s", $!);
>
> Exim.pm:        MailScanner::Log::InfoLog("Header ($line) too long (wanted
> $InHeader)".
> Exim.pm:        or MailScanner::Log::InfoLog("Header continuation ($line)
> doesn't begin".
>
> Exim.pm:  MailScanner::Log::InfoLog("New Batch: Found invalid queue files: %s",
>
> Lock.pm:        MailScanner::Log::InfoLog("Could not open file $fn: %s", $!)
> Lock.pm:        MailScanner::Log::InfoLog("Failed to lock $fn with unexpected
> error: %s", $!);
>
> MCPMessage.pm:  #  MailScanner::Log::InfoLog("Spam Actions: (RBL) Bounce to %s",
> $from)
> MCPMessage.pm:    MailScanner::Log::InfoLog("MCP Actions: (SpamAssassin) Bounce
> to %s",
> MCPMessage.pm:  #  MailScanner::Log::InfoLog("Spam Actions: (RBL,SpamAssassin)
> Bounce to %s",
>
> MessageBatch.pm:  MailScanner::Log::InfoLog("Spam Checks: Found $counter spam
> messages")
> MessageBatch.pm:  MailScanner::Log::InfoLog("MCP Checks: Found $counter MCP
> messages")
> MessageBatch.pm:  MailScanner::Log::InfoLog("Virus Scanning: Found %d viruses",
> $viruses+0)
> MessageBatch.pm:  MailScanner::Log::InfoLog("Other Checks: Found %d problems",
> $others+0)
> MessageBatch.pm:  MailScanner::Log::InfoLog("Content Checks: Found %d problems",
> $content+0)
> MessageBatch.pm:    MailScanner::Log::InfoLog("Quarantining modified message for
> %s", $id);
> MessageBatch.pm:    MailScanner::Log::InfoLog("Silent: Delivered %d messages
> containing " .
> MessageBatch.pm:  MailScanner::Log::InfoLog("Cleaned: Delivered %d cleaned
> messages",
> MessageBatch.pm:  MailScanner::Log::InfoLog("Sender Warnings: Delivered %d
> warnings to " .
> MessageBatch.pm:  MailScanner::Log::InfoLog("Notices: Warned about %d messages",
> $counter)
> MessageBatch.pm:  MailScanner::Log::InfoLog("Disinfection: Attempting to
> disinfect %d " .
> MessageBatch.pm:  MailScanner::Log::InfoLog("Disinfection: Rescan found only %d
> viruses",
> MessageBatch.pm:  MailScanner::Log::InfoLog("Saved archive copies of%s", $log)
> if $log;
>
> Message.pm:    MailScanner::Log::InfoLog("Spam Actions: message %s actions are %s",
> Message.pm:    MailScanner::Log::InfoLog("Spam Actions: message %s actions are %s",
> Message.pm:        MailScanner::Log::InfoLog("Will not bounce high-scoring spam")
> Message.pm:    MailScanner::Log::InfoLog("Spam Actions: (RBL) Bounce to %s", $from)
> Message.pm:    MailScanner::Log::InfoLog("Spam Actions: (SpamAssassin) Bounce to
> %s",
> Message.pm:    MailScanner::Log::InfoLog("Spam Actions: (RBL,SpamAssassin)
> Bounce to %s",
> Message.pm:  MailScanner::Log::InfoLog("Spam Actions: Notify %s", $to)
> Message.pm:  MailScanner::Log::InfoLog("Reject message %s from %s with report %s",
> Message.pm:  MailScanner::Log::InfoLog("Viruses marked as silent: %s", $logstring)
> Message.pm:            MailScanner::Log::InfoLog('Found ip-based phishing fraud
> from ' .
> Message.pm:            MailScanner::Log::InfoLog('Found phishing fraud from %s ' .
>
> Postfix.pm:    MailScanner::Log::InfoLog("New Batch: Found invalid queue files: %s",
>
> Qmail.pm:    MailScanner::Log::InfoLog("New Batch: Found invalid queue files: %s",
>
> Quarantine.pm:    MailScanner::Log::InfoLog("Saved entire message to $msgdir");
> Quarantine.pm:      MailScanner::Log::InfoLog("Deleted infected \"%s\"",
> $attachment);
> Quarantine.pm:      MailScanner::Log::InfoLog("Saved infected \"%s\" to %s",
> $attachment,
>
> RBLs.pm:  MailScanner::Log::InfoLog("RBL checks: %s found in %s", $message->{id},
>
> Sendmail.pm:    MailScanner::Log::InfoLog("New Batch: Found invalid queue files:
> %s",
> Sendmail.pm:    MailScanner::Log::InfoLog("New Batch: Forwarding %d unscanned
> messages, " .
> Sendmail.pm:    #MailScanner::Log::InfoLog("New Batch: Archived %d $ArchivedMsgs
> messages",
> Sendmail.pm:  MailScanner::Log::InfoLog("Queue directory %s is nested", $dir)
>
> SweepContent.pm:      MailScanner::Log::InfoLog("Attachment size check: %s > %s
> (%s) in %s",
> SweepContent.pm:      MailScanner::Log::InfoLog("HTML-IFrame tag found in
> message %s from %s",
> SweepContent.pm:      MailScanner::Log::InfoLog("HTML-Form tag found in message
> %s from %s",
> SweepContent.pm:      MailScanner::Log::InfoLog("HTML-Script tag found in
> message %s from %s",
> SweepContent.pm:      MailScanner::Log::InfoLog("HTML Img tag found in message
> %s from %s",
> SweepContent.pm:      MailScanner::Log::InfoLog("HTML-Object tag found in
> message %s from %s",
>
> SweepOther.pm:        MailScanner::Log::InfoLog("Other Checks: Found Happy virus
> in %s", $id);
> SweepOther.pm:        MailScanner::Log::InfoLog("Other Checks: Found Eudora " .
>
> SweepViruses.pm:      MailScanner::Log::InfoLog("Infected message %s came from %s",
> SweepViruses.pm:    MailScanner::Log::InfoLog("%s: %s found %d infections",
> $logtitle,
> SweepViruses.pm:    MailScanner::Log::InfoLog("Virus Scanning: F-Secure found
> virus %s", $1);
> SweepViruses.pm:      MailScanner::Log::InfoLog("Virus Scanning: F-Secure found
> virus %s",$virus);
> SweepViruses.pm:    MailScanner::Log::InfoLog("Virus Scanning: F-Prot found
> virus %s", $virus);
> SweepViruses.pm:    MailScanner::Log::InfoLog("Virus Scanning: F-Prot found
> problem %s",
> SweepViruses.pm:    MailScanner::Log::InfoLog("Trend found %s in %s", $virus,
> $trend_prevline);
> SweepViruses.pm:  MailScanner::Log::InfoLog("Vexira: found %s in %s (%s)",
> $virusname,
>
> ZMailer.pm:  MailScanner::Log::InfoLog("New Batch: Found invalid queue files: %s",
> ZMailer.pm:  #MailScanner::Log::InfoLog("New Batch: Archived %d $ArchivedMsgs
> messages",
>
>   

- -- 
Julian Field
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store
Professional Support Services at www.MailScanner.biz
MailScanner thanks transtec Computers for their support

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.6 (Build 6060)

iQA/AwUBRJRKIRH2WUcUFbZUEQJItwCfZGCONDDZ1q9w/h6kOvlnTrjDotIAnRtL
+tMmnuxRZapvfH1/e7vadQc5
=xMAc
-----END PGP SIGNATURE-----

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
MailScanner thanks transtec Computers for their support.