security-scripts/mail/search maillogs/findrecpt.pl

132 lines
3.4 KiB
Perl
Executable file

#!/usr/bin/perl -w
#
# Name: checkrecpt.pl
# Purpose: Checks a specified postfix maillog for a specified sender
# email address and returns a list of recipients email addresses
# to which email was sent.
# Author: David Miller -- <dmiller@newportnet.com>
# Version: 0.04
# Created: 23 Jul 2002
# Modified: 24 Jul 2002 -- Optimization of message id array to eliminate
# processing of duplicates. Accepts commandline parameters.
# Modified: 24 Jul 2002 -- Cleanup and optimization of message search loop.
# Modified: 25 Jul 2002 -- Added code to handle 'expired' reporting.
#
#
use strict;
#--------------
# variables
#--------------
my $maillog;
my $sender;
my @msgids;
#---------------------------
# Main Thread of Execution
#---------------------------
# process command line arguments
usage() unless ($#ARGV > 0 && $#ARGV < 2);
$sender = $ARGV[0];
$maillog = $ARGV[1];
# check sender name for basically valid form
if (! ($sender =~ /.*@.*/)) {
print "Sender address $sender does not appear valid\n";
exit 1;
}
# test for existance of maillog
if(! -r $maillog) {
print "Can not find mail log $maillog\n";
exit 1;
}
# get all message ids associated with the sender in temporary array
my @temp;
open(LOG, "<$maillog") || die "Open of $maillog failed\n";
while(<LOG>) {
if(/from=<$sender>/) {
my @fields = split " ";
$fields[5] =~ s/://;
$temp[$#temp + 1] = $fields[5];
}
}
close(LOG);
# optimize list by sorting and removing duplicates
@temp = sort @temp;
foreach my $msg (@temp) {
if($#msgids < 0) {
$msgids[0] = $msg;
} elsif ($msgids[$#msgids] ne $msg) {
$msgids[$#msgids + 1] = $msg;
}
}
# display count of messages and display header if there are messages
# if no messages we are done
print "Found " . ($#msgids + 1) . " messages from $sender in $maillog\n";
printMessageHeader() if ($#msgids >= 0) || exit 0;
# Lookup recipients for each message id
open(LOG, "<$maillog") || die "Open of $maillog failed\n";
foreach my $msg (@msgids) {
while(<LOG>) {
chomp();
if(/$msg/ && /smtp/ && /to=</) {
my $status;
my @fields = split " ", $_, 11;
# recipient address
$fields[6] =~ s/^to=<//;
$fields[6] =~ s/>,$//;
# status
if($fields[9] =~ /^status=/) {
$status = $fields[9];
}
$status =~ s/^status=//;
# display the message info
print "$msg $status \t$fields[6]";
if(($status eq "bounced") || ($status eq "deferred")) {
print " $fields[10]";
}
print "\n";
# loop optimization
last if ($status eq "bounced");
} elsif (/$msg/ && /status=expired/) { # handle exired messages
my $status;
my @fields = split " ", $_, 9;
# sender address for return
$fields[6] =~ s/^from=<//;
$fields[6] =~ s/>,$//;
# status field
if($fields[7] =~ /^status=/) {
$status = $fields[7];
}
$status =~ s/^status=//;
$status =~ s/,$//;
# display the message info
print "$msg $status \t<$fields[8]>\t\t$fields[6]\n";
last;
}
}
seek LOG, 0, 0;
}
close(LOG);
exit 0;
#----------------
# Sub Routines
#----------------
sub usage
{
print "usage: $0 sender maillog\n";
exit 0;
}
sub printMessageHeader
{
print "Checking for message recipients\n\n";
print "Message ID Status \tRecipient\n";
print "----------------------------------------------------------------\n";
}