Grep Exim Email Transaction with Bash

While email transport having problem, the first we look for is the email log file, to check incoming and outgoing email transaction, to see was the email sent to the recipient or whether did the sender’s email it delivered to our email server.

I like exim log file provide the transport when an email is coming in or out from the server. I have written a simple script to grep sender/recipient email address and analysis the email transaction.

#!/usr/local/bin/bash


E_WRONGARGS=85  # Non-numerical argument (bad argument format).

    # Using Case or
    case "$1" in
    ""          ) echo "Usage: `basename $0`  "; exit $E_WRONGARGS;;
    *           ) lines=$1;;
    esac

    # Using If Eles for simple validation
    if [ ! -f "$2" ]
    then
           echo "Log File not Exist";
           exit;
    fi

LOGFILE=$2
LOGKEYWORD=$1

email_ids=($(grep $LOGKEYWORD $LOGFILE | awk '{print $3}' | uniq))

for email_id in ${email_ids[@]}
do
        grep $email_id $LOGFILE
        echo -e
        echo -e
done

exit 0

I’ve not receiving email from linkedin newsletter lately, lets try to check email log in my server yesterday.

./exim-log linkedin /var/log/exim/mainlog

2009-07-01 23:39:40 1M8cGq-000FKz-Il <= *.linkedin.com H=(xxxxx) [xxx.xxx.xxx.xxx] 
2009-07-01 23:39:40 1M8cGq-000FKz-Il => /mail/spam-2009-05-25  T=address_file
2009-07-01 23:39:40 1M8cGq-000FKz-Il Completed

Oppsss… Email was classified as Spam! Ok, something is wrong with my exim spam filter.