#!/usr/bin/perl

# monitor postfix mail.log and update tls_per_site map if any TLS
# errors are found.

# note: obsoleted by watch-maillog.pl

# (C) Copyright Craig Sanders <cas@taz.net.au>, 2001
#
# this program is licensed under the terms of the GNU General Public 
# License (GPL)
#
# the latest version can always be found at http://taz.net.au/postfix/scripts

use DB_File;
use File::Tail ;
#use diagnostics;
$debug = 0;

$mail_log = '/var/log/mail.log' ;
$tlsfile = '/etc/postfix/tls_per_site' ;

my $logref=tie(*LOG,"File::Tail",(name=>$mail_log,debug=>$debug));

while (<LOG>) {
	if (/\(Could not start TLS/) {
	    
		%sites = {} ;

		s/.*relay=(.*)\[.*/$1/ ;
		chomp ;

		$sites{$_} = "NEW" ;
		
		# read in tls_per_site file again, in case it has been hand-edited 
		# since the last auto-update
		open(TLSPERSITE,"<$tlsfile") ;
		while (<TLSPERSITE>) {
			($lhs,$rhs) = split ;
			$sites{$lhs} = $rhs ;
		}
		close(TLSPERSITE) ;

		# write out any new records
		open(TLSPERSITE, ">>$tlsfile") || die "couldn't open $tlsfile for write: $!" ;
		foreach $site (sort keys %sites) {
			if ($sites{$site} eq "NEW") {
				#print "'$site'\tNONE\n";
				print TLSPERSITE "$site\tNONE\n";
				$sites{$site} = "NONE" ;
			} ;
		} ;
		close(TLSPERSITE) ;
		system "postmap $tlsfile" ;
	} ;
} ;

untie $logref ;