Get specific rule by log code

K

koby

Renowned Member
Jun 21, 2012
143
4
83
Natanya , Israel
Hello All ,
Does anyone know how can I get the specific rule from the log message who look like this :
"notify <koby@mksoft.co.il> (rule: DefBlockSubject, AC81C21C94)"
I need to get the specific rule for : AC81C21C94 (example code from my message log)
How / where I can get this data from ?

Best Regards ,
Koby Peleg Hen
 
Last edited:
Hi, koby.
If you want to add a rule name to a message, you need to create an Action Object and add it to the desired filter.
Action Objects:
Code: 
Name: Add Rule Name
Field: X-SPAM-RULE
Value: __RULE__
Result (header added to message):
X-SPAM-RULE: DefBlockSubject
 
Hi Badej ,
I am seeking to know what is the AC81C21C94 refer to.
I my case I block by mistake a valid mail which I like to retest again the rule that blocked it.
 
Hmm...
DefBlockSubject - is the name of the rule (filter) that triggered.
AC81C21C94 - is most likely the message ESMTP ID (you can check it in the first Received: header). Ex.: ... (Proxmox) with ESMTP ID
Judging by the rule name, the message was blocked based on a fragment of the message subject.
 
I think you may be wrong about this , I thick that the code is the database rule record id or something like this.
I need to find out which rule is the one who blocked it (I have at least 100 rules....)
 
See Mail Filter - Rules
The name of the rule that blocked the message is DefBlockSubject
(rule: DefBlockSubject, AC81C21C94).
Log example:
pmg-smtp-filter[617972]: moved mail for <user> to spam quarantine - (rule: Block Sender E-Mail)
pmg-smtp-filter[611766]: moved mail for <user> to spam quarantine - (rule: Block Subject)
pmg-smtp-filter[615729]: moved mail for <user> to spam quarantine - (rule: Quarantine/Spam (Level 5))
pmg-smtp-filter[615730]: moved mail for <user> to spam quarantine - (rule: Block Newsletters)
 
Hello Badej ,
If I take your example let's consider please that I have in rule "Block Subject" 150 RegEx to block a subject.
Who can I know which one was activetd ?
 
If the rule blocks messages based on specific words, use a page search (check each word in the message's Subject).
If you're using regular expressions, you can selectively check online. Paste the entire Subject and insert the regular expressions. It's possible that more than one of them worked.
 
I see your point and I am using it for a long time.
But I have an issue with that , one of my regex is blocking valid mail and it is not pop up on the search box.
I need find a certain way to figure up which role is the one who activated.
There must be a way to look inside the DB and check it out.
 
You must log in or register to reply here.
Top Bottom