Topic: Configure Amavisd-new Logwatch Output

- iRedMail version: 0.8.5
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Linux/BSD distribution name and version: CentOS 6.4
- Related log if you're reporting an issue:

Hi there,

After installing iRedMail and iRedAdmin open source a few weeks ago, I bought iRedAdmin Pro. Installation and configuration went well, and I haven't run into any notable issues.

Just one question for anyone who might know: The default Logwatch output for Amavisd-new seems to be much more verbose than necessary, with thousands of lines like this:

1   (04286-06) Passed CLEAN {RelayedOutbound}, LOCAL [IP_ADDRESS]:28026 [IP_ADDRESS] <EMAIL_ADDRESS> -> <EMAIL_ADDRESS>, Message-ID: <002001cevf47$94c4ed00$be4ec700$@co.zm>, mail_id: b7XwlmVXyr3c, Hits: -8.373, size: 682647, queued_as: 31A9A73C3, 1131 ms

Where can I configure this to reduce the output to only aggregate statistics? I've looked at /usr/share/logwatch/default.conf/services/amavis.conf , but I don't see anything in there that would seem to be related.

Any suggestions? Thanks.



Hi Craig.  Not sure if you are still looking for an answer to this question.

Currently CentOS is using Logwatch 7.3.6. 

If you look at /usr/share/logwatch/scripts/services/amavis you will see that file is version 2.48, dated 2007/05/16.   

Little wonder it has trouble with unmatched entries.

Go to http://sourceforge.net/projects/logrepo … -logwatch/ and download the latest version. Then do the following.

tar xzf amavis-logwatch-1.XX.XX.tgz
cd amavis-logwatch-1-XX.XX
make install-logwatch

This will install a new filter under your /etc/logwatch directory which will override the old copy in /usr/share/logwatch

Next time Logwatch runs you should see nice clean Amavis output which looks something like this.   Taken from a live server that we've just started migrating accounts to.  As you can see we still have a couple of tweaks to make.

--------------------- Amavisd-new Begin ------------------------ 

    2261   Total messages scanned ------------------  100.00%
 513.367M  Total bytes scanned                    523,731,542
========   ==================================================

     205   Blocked ---------------------------------   16.26%
       1     Banned name blocked                        0.08%
     204     Spam blocked                              16.18%

    1056   Passed ----------------------------------   83.74%
      37     Spammy passed                              2.93%
      29     Bad header passed                          2.30%
     990     Clean passed                              78.51%
========   ==================================================

       2   Banned ----------------------------------    0.08%
       2     Banned file blocked                        0.08%

     441   Spam ------------------------------------   19.11%
      77     Spammy passed                              2.93%
     404     Spam blocked                              16.18%

    2019   Ham -------------------------------------   80.81%
      59     Bad header passed                          2.30%
    1990     Clean passed                              78.51%
========   ==================================================

       1   SpamAssassin bypassed   

**Unmatched Entries**
       2   No ext program for   .rar, tried: unrar, rar
       2   Deleting db files __db.001,nanny.db,__db.003,__db.002,snmp.db,__db.004 in /var/spool/amavisd/db

---------------------- Amavisd-new End ------------------------- 


Hi bmackay,

Thanks very much for responding. I wasn't still actively looking, as other priorities took over and this was pushed to the back burner, but now that you've posted a suggestion I'll put this back on the to-do list.

Thanks again, especially for responding to an old thread.