<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD><TITLE>Message</TITLE>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 5.50.4919.2200" name=GENERATOR></HEAD>
<BODY>
<DIV><SPAN class=805043615-12092002><FONT face=Arial color=#0000ff size=2>Thanks
for pointing that out for me. Pete Peters answered me the same tip 3 days
ago.</FONT></SPAN></DIV>
<DIV><SPAN class=805043615-12092002><FONT face=Arial color=#0000ff
size=2>>>> Virus' line in the UNIX Maillog comes from Mailscanner.
Thats why I asked it as a MailScanner issue and not UNIX. After all it is in the
mailscanner code to add '>>>Virus' in the UNIX SEndmail Log File. Not
UNIX Itself right?</FONT></SPAN></DIV>
<DIV><SPAN class=805043615-12092002><FONT face=Arial color=#0000ff
size=2></FONT></SPAN> </DIV>
<DIV> </DIV>
<P><FONT size=2>Matt Doherty<BR>IT Dept<BR>Datawatch Corp<BR><BR>>>In a
world without walls or fences, who needs Windows and Gates?<<</FONT> </P>
<BLOCKQUOTE dir=ltr style="MARGIN-RIGHT: 0px">
<DIV class=OutlookMessageHeader dir=ltr align=left><FONT face=Tahoma
size=2>-----Original Message-----<BR><B>From:</B> Patterson S.R.
[mailto:S.R.Patterson@SOTON.AC.UK]<BR><B>Sent:</B> Thursday, September 12,
2002 12:20 PM<BR><B>To:</B> MAILSCANNER@JISCMAIL.AC.UK<BR><B>Subject:</B> Re:
what are you rude?.. heres a copy of what I sent you a week a go.try reading
it<BR><BR></FONT></DIV>
<DIV><SPAN class=508211715-12092002><FONT face=Arial color=#0000ff size=2>Your
answer is:</FONT></SPAN></DIV>
<DIV><SPAN class=508211715-12092002><FONT face=Arial color=#0000ff
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=508211715-12092002><FONT face=Arial color=#0000ff size=2>grep
'>>> Virus' maillog</FONT></SPAN></DIV>
<DIV><SPAN class=508211715-12092002><FONT face=Arial color=#0000ff
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=508211715-12092002><FONT face=Arial color=#0000ff size=2>Note
the single quotes. They stop the ">" characters from having a meaning
to the shell. Make sure you use the ones which slope from bottom-left to
top-right (or look straight upright), NOT the ones which slope top-left to
bottom-right, as they do something completely different.</FONT></SPAN></DIV>
<DIV><FONT face=Arial color=#0000ff size=2></FONT> </DIV>
<DIV><SPAN class=508211715-12092002><FONT face=Arial color=#0000ff size=2>This
is a UNIX question, not a mailscanner question.</FONT></SPAN></DIV><!-- Converted from text/plain format -->
<P><FONT size=2>--<BR>Steven Patterson MSci. Tel: +44 (0)2380
595810<BR>Electronic Information Systems Support and Development<BR>Computing
Services, University of Southampton, UK.<BR>Public PGP Key: <A
href="http://www.soton.ac.uk/~srp/pubkey.asc">http://www.soton.ac.uk/~srp/pubkey.asc</A></FONT>
</P>
<BLOCKQUOTE dir=ltr
style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #0000ff 2px solid; MARGIN-RIGHT: 0px">
<DIV></DIV>
<DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left><FONT
face=Tahoma size=2>-----Original Message-----<BR><B>From:</B> Matt Doherty
[mailto:Matthew_doherty@DATAWATCH.COM] <BR><B>Sent:</B> 12 September 2002
15:40<BR><B>To:</B> MAILSCANNER@JISCMAIL.AC.UK<BR><B>Subject:</B> what are
you rude?.. heres a copy of what I sent you a week ago. try reading
it<BR><BR></FONT></DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN
class=566053714-12092002>such as</SPAN></FONT></DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN
class=566053714-12092002></SPAN></FONT> </DIV>
<DIV> </DIV>
<P><FONT size=2>Matt Doherty<BR>IT Dept<BR>Datawatch Corp<BR><BR>>>In
a world without walls or fences, who needs Windows and Gates?<<</FONT>
</P>
<DIV class=OutlookMessageHeader dir=ltr align=left><FONT face=Tahoma
size=2>-----Original Message-----<BR><B>From:</B> Matt Doherty
[mailto:Matthew_doherty@datawatch.com]<BR><B>Sent:</B> Monday, September 09,
2002 4:34 PM<BR><B>To:</B> MailScanner mailing list<BR><B>Subject:</B> RE:
New release logging suggestions<BR><BR></FONT></DIV>
<DIV><SPAN class=195202020-09092002><FONT face=Arial color=#0000ff size=2>I
would like to see some differant text in the log per email virus caught.. I
grep the maillog to see how many viruses caught so far that week. For
instance, I currently tried 'tail -2000 /var/log/maillog | grep
>>>Virus' of course the ">" symbols something that messes grep
up and wont work. The only string that works best is just use the word Virus
( tail -2000 /var/log/maillog | grep Virus ) Only thing is, it shows the
mailscanner restarting every four hours lines as well as the viruses caught.
I cant think of anything good but maybe some weird character that is never
seen in the maillog such as a & or pipe symbol? Just something that grep
could sniff out easily ONLY for caught viruses. Or do you have a better
solution? The Email ID to go along with it as well would be nice. for ones
that were scanned and ones that were found to be
infected.</FONT></SPAN></DIV>
<DIV><SPAN class=195202020-09092002><FONT face=Arial color=#0000ff
size=2>Hope that is a ok suggestion.. </FONT></SPAN></DIV>
<DIV><SPAN class=195202020-09092002><FONT face=Arial color=#0000ff size=2>Oh
well Im still a newbie anyways 8-)</FONT></SPAN></DIV>
<DIV> </DIV>
<P><FONT size=2>Matt Doherty<BR>IT Dept<BR>Datawatch Corp<BR><BR>>>In
a world without walls or fences, who needs Windows and Gates?<<</FONT>
</P>
<BLOCKQUOTE>
<DIV class=OutlookMessageHeader dir=ltr align=left><FONT face=Tahoma
size=2>-----Original Message-----<BR><B>From:</B> Julian Field
[mailto:mailscanner@ECS.SOTON.AC.UK]<BR><B>Sent:</B> Monday, September 09,
2002 5:14 PM<BR><B>To:</B> MAILSCANNER@JISCMAIL.AC.UK<BR><B>Subject:</B>
New release logging suggestions<BR><BR></FONT></DIV>The new release is
getting there... <BR><BR>What logging would people like to see?
<BR>Anything particular that you want logged? <BR><BR>Suggestions please.
<BR>-- <BR>Julian Field Teaching Systems Manager <BR>jkf@ecs.soton.ac.uk
Dept. of Electronics & Computer Science <BR>Tel. 023 8059 2817
University of Southampton <BR>Southampton SO17 1BJ
<BR><BR></BLOCKQUOTE></BLOCKQUOTE></BLOCKQUOTE></BODY></HTML>