blob: e17c3bb5eaa4ac9fb94da82196d13dc7e0fb7775 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
#!/bin/python
from systemd import journal
import re
from time import sleep
from email.mime.text import MIMEText
from subprocess import Popen, PIPE
j = journal.Reader()
j.this_boot()
j.add_match(_SYSTEMD_UNIT='courier-esmtpd.service')
regexes = {
re.compile('.*msg="534 SIZE=Message too big\.",cmd: MAIL FROM:[^<]*<([^>]+)> SIZE=([0-9]+).*'),
re.compile('.*,from=[^<]*<([^>]+)>: 523 Message length \(([0-9]+) bytes\) exceeds administrative limit.*')
}
while True:
item=j.get_next()
while item!={}:
for regex in regexes:
match = regex.match(item['MESSAGE'])
if match:
msg = MIMEText("Hi,\n\n{} hat eine zu grosze Email ({}) geschickt ({}).".format(match.group(1),match.group(2),item['SYSLOG_TIMESTAMP']))
msg["From"] = "journal-watcher@eckner.net"
msg["To"] = "logs@eckner.net"
msg["Subject"] = "zu grosze Email von {}".format(match.group(1))
p = Popen(["/usr/sbin/sendmailadvanced", "-t"], stdin=PIPE)
p.communicate(msg.as_bytes())
item=j.get_next()
sleep(10)
|