Using regex to find servers that sent email-CodePudding

Having a hard time trying to create a python script that finds all the servers that sent email and output the results in a .csv file, with one column being the server name and the other column being the server IP address. The script also needs to use regular expressions to find the the servers that sent email.

Here is a portion of the log file:

Apr  7 10:25:45 sys postfix/smtpd[667]: disconnect from airwave.nsd.org[10.1.20.13]
ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5

Here is my attempt at a script to find the server name and IP:

    import re

with open('mail.log','r') as fin:
    for line in fin:
        line.rstrip()
        m = re.search('.*from.*.(.org).*([.*]).*\n.*mail=1', line)
        if m:
            print('IP: '   m.group(1))

When I run the script, I get no output.

CodePudding user response：

I think anotherGatsbys answer is nearly correct but his regex does not check if "mail=1" is present. Tho you did not specify if it has to but I assume it has to.

If mail can be any integer above 0 then use this regex:

(?<=from)([^\[] )\[([\d.] )\](?=\n.*?mail=[1-9][0-9]*)

If its a bool thats just 1 or 0 then just remove the number check at the end and replace with 1. Test it here: https://regex101.com/r/L0CWOt/1

CodePudding user response：

Use this pattern: (?<=from)([^\[] )\[([\d.] )\]

Test here: https://regex101.com/r/cZTjQB/1

This pattern will match server in group 1 and IP in groups 2.

Since you are searching line by line, you can do this:


pattern = re.compile(r'(?<=from)([^\[] )\[([\d.] )\]', re.M)

for line in fin:
    m = pattern.search(line)
    csv_file.writerow([m.group(1).strip(), m.group(2).strip()])

This writes a row with content [airwave.nsd.org, 10.1.20.13] into your csv file.