#!/bin/python

from systemd import journal
import re
from time import sleep
from email.mime.text import MIMEText
from subprocess import Popen, PIPE

j = journal.Reader()
j.this_boot()
j.add_match(_SYSTEMD_UNIT='courier-esmtpd.service')

regexes = {
   re.compile('.*msg="534 SIZE=Message too big\.",cmd: MAIL FROM:[^<]*<([^>]+)> SIZE=([0-9]+).*'),
   re.compile('.*,from=[^<]*<([^>]+)>: 523 Message length \(([0-9]+) bytes\) exceeds administrative limit.*')
}

while True:
   item=j.get_next()
   while item!={}:
      for regex in regexes:
         match = regex.match(item['MESSAGE'])
         if match:
            msg = MIMEText("Hi,\n\n{} hat eine zu grosze Email ({}) geschickt ({}).".format(match.group(1),match.group(2),item['SYSLOG_TIMESTAMP']))
            msg["From"] = "journal-watcher@eckner.net"
            msg["To"] = "logs@eckner.net"
            msg["Subject"] = "zu grosze Email von {}".format(match.group(1))
            p = Popen(["/usr/sbin/sendmailadvanced", "-t"], stdin=PIPE)
            p.communicate(msg.as_bytes())
      item=j.get_next()
   sleep(10)