Sendmail: TLS handshake failed

昨日發現有

2014-03-05T15:56:04.873290+08:00 oms13 sendmail[16831]: s257u3Ro016831: to=<naomi@XXX.XXX>, ctladdr=<root@localhost> (0/0), delay=00:00:00, xdelay=00:00:00, mailer=esmtp, pri=36923, relay=XXXXX [XXXXXXXX], dsn=4.0.0, stat=Deferred: 403 4.7.0TLS handshake failed. 

參考: http://mikeberggren.com/post/15331563670/disable-tls

By default, SendMail servers will always check for TLS support when sending an outbound message.  Normally this is a good thing — I mean, if the recipient MTA on the other side supports additional security, why not? There’s just one small problem: If SendMail tries to use TLS and something goes wrong with the initial TLS handshake, it does not fallback to using unencrypted delivery.  Instead, SendMail considers the entire delivery attempt to be a 400 class issue and temporarily defers the message for another try later.  This can result in a stuck message that stays stuck.  

 解決方法:

 sloution1: 一個一個把有問題的domain 加入到 access  Try_TSL:XXX.domain NO      (太多要加入了,)

 soloution2: disable TLS 

 O ClientPortOptions=Family=inet, Address=172.16.1.92  (原設定)

 O ClientPortOptions=Family=inet, M=S, Address=172.16.1.92  (加入M=S)

The M=S option forces the SendMail client (used for outbound connections) to NOT use TLS regardless of whether or not the recipient MTA advertises support for it.

Postfix: Recipient based rate limiting

來源: http://servexpert.blogspot.tw/

需求原因: yahoo 擋信~

Most of the renowned ESPs such as gmail or hotmail or yahoo do not like to mailed to from the same address multiple times in a short span. If they detect (and they will) that a server's IP is sending out bursts of emails in short span of time or over a single connection, they will most certainly block your IP.

Here is how we can negate this block by rate limiting on the server side so that the server IP(s) remain clean and unblocked. We can configure postfix to rate limit the mails based on their recipient domains. Suppose we need to rate limit mails to gmail to 1000 per hour, this can be achieved using the following steps.

We will use custom transports in postfix configuration to achieve this rate limiting. Custom transports are supported in postfix > v2.5. Check your postfix version using the following command:

    [root@smtp01 ~]# postconf mail_version
    mail_version = 2.8.5


If postfix is older than 2.5, upgrade it.

Now, define required additional transport in postfix master.cf file:

    smtp-gmail unix -    -    n    -    1    smtp
       -o syslog_name=smtp-gmail


syslog_name will specify the name by which messages related with this transport will be logged in maillog. This will help us to identify if the custom transport is working or not.

Define the required throttling (rate limits) settings in postfix main.cf

    smtp-gmail_destination_rate_delay = 12s
    smtp-gmail_destination_concurrency_limit = 1
    smtp-gmail_destination_recipient_limit = 2
    smtp-gmail_initial_destination_concurrency=1


The syntax is as follows: trasntport-name_variable-name=value

Here the transport name I am using is smtp-gmail. You can use anything of you own choice.

destination_rate_delay: This defines the delay between individual deliveries to the destination using this transport. Set this as per required. Suppose you want 10 deliveries per minute to gmail, then you can set it up like 60/10 = 6s.

destination_concurrency_limit: This decides the number of parallel deliveries to the destination using this transport. Setting it one means only one mail will be delivered once.

destination_recipient_limit: This decides the number of recipients per mail delivery. Setting this parameter to a value of 1 changes the meaning of the corresponding per-destination concurrency limit from concurrency per domain into concurrency per recipient. So set this to 2. This will take care of the domain. If you set it to 1, throttling will work only if you send mails to the same recipient and not for the same recipient domain.

initial_destination_concurrency: This decides the initial number of parallel deliveries. Default is 5, you don't want that probably, so set it as 1.

You can get more information about the parameters here: http://www.postfix.org/postconf.5.html

Create a transport map file, so that mails to gmail.com are directed to our new transport (smtp-gmail). Add the following to /etc/postfix/transport

    /\@gmail\.com$/       smtp-gmail:


The format of the above file is regexp. Lookups to regexp tables are fast so probably you should use those. For regexp to work you should have regexp support built into postfix. Find out using this command

    postconf -m


You should get the following result, showing all supported lookup tables

    [root@smtp01 ~]# postconf -m
    btree
    cidr
    environ
    hash
    internal
    ldap
    nis
    pcre
    proxy
    regexp
    static
    tcp
    texthash
    unix


Once the transport file is created, make sure to create the corresponding db, which will be actually used by postfix. Use postmap command.

    postmap  /etc/postfix/transport


Make postfix use this transport table. Edit main.cf and add the following:

    transport_maps = regexp:/etc/postfix/transport


Make sure you use regexp prefix.

Reload postfix.

Test the configuration.

Create a file containing two or more different gmail addresses. Then you can use a loop to send mails to them using the command line.

    for i in `cat recpts`; do echo "hello" | mail -s "testing throttling" $i; done


recpts is the file containing recipients' addresses.

Tail the maillog and grep for the transport name. You should get the following messages:

    Oct 5 10:33:26 smtp01 smtp-gmail/smtp[31905]: A8AB21EE201: to=, relay=gmail-smtp-in.l.google.com[209.85.143.27]:25, delay=1466, delays=0.09/1465/0.25/0.84, dsn=2.0.0, status=sent (250 2.0.0 OK 1317825206 ge19si1398564wbb.49)
    Oct 5 10:38:28 smtp01 smtp-gmail/smtp[31945]: AFF7B1EE206: to=, relay=gmail-smtp-in.l.google.com[209.85.143.26]:25, delay=1768, delays=0.09/1766/0.24/1.2, dsn=2.0.0, status=sent (250 2.0.0 OK 1317825508 s63si1405914weq.73)
    Oct 5 10:43:29 smtp01 smtp-gmail/smtp[31985]: B18DC1EE208: to=, relay=gmail-smtp-in.l.google.com[209.85.143.27]:25, delay=2069, delays=0.09/2068/0.25/0.75, dsn=2.0.0, status=sent (250 2.0.0 OK 1317825809 fn12si1423894wbb.51)
    Oct 5 10:48:30 smtp01 smtp-gmail/smtp[32021]: B136C1EE207: to=, relay=gmail-smtp-in.l.google.com[209.85.143.27]:25, delay=2370, delays=0.09/2369/0.25/0.48, dsn=2.0.0, status=sent (250 2.0.0 OK 1317826110 fi7si1433546wbb.71)


You can see that the transport 'smtp-gmail' is being called every five minutes ( as set in postfix main.cf).

So all is working now. Post your queries/comments.

nginx start shell script

#!/bin/sh
#
# nginx - this script starts and stops the nginx daemin
#
# chkconfig:   - 85 15
# description:  Nginx is an HTTP(S) server, HTTP(S) reverse \
#               proxy and IMAP/POP3 proxy server
# processname: nginx
# config:      /opt/nginx/conf/nginx.conf
# pidfile:     /opt/nginx/logs/nginx.pid

# Source function library.
. /etc/rc.d/init.d/functions

# Source networking configuration.
. /etc/sysconfig/network

# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0

nginx="/opt/nginx/sbin/nginx"
prog=$(basename $nginx)

NGINX_CONF_FILE="/opt/nginx/conf/nginx.conf"

lockfile=/var/lock/subsys/nginx

start() {
    [ -x $nginx ] || exit 5
    [ -f $NGINX_CONF_FILE ] || exit 6
    echo -n $"Starting $prog: "
    daemon $nginx -c $NGINX_CONF_FILE
    retval=$?
    echo
    [ $retval -eq 0 ] && touch $lockfile
    return $retval
}

stop() {
    echo -n $"Stopping $prog: "
    killproc $prog -QUIT
    retval=$?
    echo
    [ $retval -eq 0 ] && rm -f $lockfile
    return $retval
}

restart() {
    configtest || return $?
    stop
    start
}

reload() {
    configtest || return $?
    echo -n $"Reloading $prog: "
    killproc $nginx -HUP
    RETVAL=$?
    echo
}

force_reload() {
    restart
}

configtest() {
  $nginx -t -c $NGINX_CONF_FILE
}

rh_status() {
    status $prog
}

rh_status_q() {
    rh_status >/dev/null 2>&1
}

case "$1" in
    start)
        rh_status_q && exit 0
        $1
        ;;
    stop)
        rh_status_q || exit 0
        $1
        ;;
    restart|configtest)
        $1
        ;;
    reload)
        rh_status_q || exit 7
        $1
        ;;
    force-reload)
        force_reload
        ;;
    status)
        rh_status
        ;;
    condrestart|try-restart)
        rh_status_q || exit 0
            ;;
    *)
        echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"
        exit 2
esac

rewirte list

##for 特定 jsp 導入 特定 url

RewriteEngine on
RewriteCond %{REQUEST_URI} ^/ad\/trnaddrNum.jsp$
RewriteRule ^/ad\/trnaddrNum.jsp(.*)$      http://www.104.com.tw/jb/service/ad/TransferAddress/TransferCount$1  [R,L]
RewriteCond %{REQUEST_URI} ^/ad\/trnaddr.jsp$
RewriteRule ^/ad\/trnaddr.jsp(.*)$ http://www.104.com.tw/jb/service/ad/TransferAddress$1  [R,L]

###機車需求

RewriteRule     /104reading$                            /cfdocs/edu/104reading/index.cfm        [L,QSA,PT]
RewriteRule     /104reading/$                           /cfdocs/edu/104reading/index.cfm        [L,QSA,PT]
RewriteRule     /104reading/index.html$                 /cfdocs/edu/104reading/index.cfm        [L,QSA,PT]
RewriteRule     /cfdocs/edu/104reading/info.html$       /cfdocs/edu/104reading/index.cfm        [L,QSA,PT]
RewriteRule     /cfdocs/edu/104reading/index/info.html$ /cfdocs/edu/104reading/index.cfm        [L,QSA,PT]

RewriteRule     /cfdocs/edu/104reading/(.*)/kw(.*)/st(.*)/recorded/page(.*)/info.html   /cfdocs/edu/104reading/$1.cfm?kw=$2&st=$3&recorded&page=$4  [L,QSA,PT]
RewriteRule     /cfdocs/edu/104reading/(.*)/kw(.*)/st(.*)/recorded/info.html            /cfdocs/edu/104reading/$1.cfm?kw=$2&st=$3&recorded          [L,QSA,PT]

RewriteRule     /cfdocs/edu/104reading/(.*)/kw(.*)/recorded/page(.*)/info.html          /cfdocs/edu/104reading/$1.cfm?kw=$2&recorded&page=$3        [L,QSA,PT]
RewriteRule     /cfdocs/edu/104reading/(.*)/kw(.*)/recorded/info.html                   /cfdocs/edu/104reading/$1.cfm?kw=$2&recorded                [L,QSA,PT]

RewriteRule     /cfdocs/edu/104reading/(.*)/uno(.*)/orderType(.*)/tag(.*)/type(.*)/page(.*)/info.html           /cfdocs/edu/104reading/$1.cfm?uno=$2&orderType=$3&tag=$4&type=$5&page=$6        [L,QSA,PT]
RewriteRule     /cfdocs/edu/104reading/(.*)/j(.*)/theclass(.*)/school(.*)/orderType(.*)/page(.*)/info.html      /cfdocs/edu/104reading/$1.cfm?j=$2&theclass=$3&school=$4&orderType=$5&page=$6   [L,QSA,PT]

RewriteRule     /cfdocs/edu/104reading/(.*)/uno(.*)/orderType(.*)/showType(.*)/page(.*)/info.html       /cfdocs/edu/104reading/$1.cfm?uno=$2&orderType=$3&showType=$4&page=$5   [L,QSA,PT]
RewriteRule     /cfdocs/edu/104reading/(.*)/uno(.*)/orderType(.*)/type(.*)/page(.*)/info.html           /cfdocs/edu/104reading/$1.cfm?uno=$2&orderType=$3&type=$4&page=$5       [L,QSA,PT]
RewriteRule     /cfdocs/edu/104reading/(.*)/uno(.*)/orderType(.*)/tag(.*)/page(.*)/info.html            /cfdocs/edu/104reading/$1.cfm?uno=$2&orderType=$3&tag=$4&page=$5        [L,QSA,PT]
RewriteRule     /cfdocs/edu/104reading/(.*)/uno(.*)/orderType(.*)/tag(.*)/type(.*)/info.html            /cfdocs/edu/104reading/$1.cfm?uno=$2&orderType=$3&tag=$4&type=$5        [L,QSA,PT]
RewriteRule     /cfdocs/edu/104reading/(.*)/j(.*)/theclass(.*)/school(.*)/orderType(.*)/info.html       /cfdocs/edu/104reading/$1.cfm?j=$2&theclass=$3&school=$4&orderType=$5   [L,QSA,PT]

RewriteRule     /cfdocs/edu/104reading/(.*)/uno(.*)/orderType(.*)/page(.*)/info.html            /cfdocs/edu/104reading/$1.cfm?uno=$2&orderType=$3&page=$4       [L,QSA,PT]
RewriteRule     /cfdocs/edu/104reading/(.*)/uno(.*)/orderType(.*)/type(.*)/info.html            /cfdocs/edu/104reading/$1.cfm?uno=$2&orderType=$3&type=$4       [L,QSA,PT]
RewriteRule     /cfdocs/edu/104reading/(.*)/uno(.*)/orderType(.*)/tag(.*)/info.html             /cfdocs/edu/104reading/$1.cfm?uno=$2&orderType=$3&tag=$4        [L,QSA,PT]
RewriteRule     /cfdocs/edu/104reading/(.*)/uno(.*)/orderType(.*)/showType(.*)/info.html        /cfdocs/edu/104reading/$1.cfm?uno=$2&orderType=$3&showType=$4   [L,QSA,PT]
RewriteRule     /cfdocs/edu/104reading/(.*)/j(.*)/theclass(.*)/school(.*)/info.html             /cfdocs/edu/104reading/$1.cfm?j=$2&theclass=$3&school=$4        [L,QSA,PT]

RewriteRule     /cfdocs/edu/104reading/(.*)/kw(.*)/st(.*)/info.html             /cfdocs/edu/104reading/$1.cfm?kw=$2&st=$3               [L,QSA,PT]
RewriteRule     /cfdocs/edu/104reading/(.*)/uno(.*)/fno(.*)/info.html           /cfdocs/edu/104reading/$1.cfm?uno=$2&fno=$3             [L,QSA,PT]
RewriteRule     /cfdocs/edu/104reading/(.*)/uno(.*)/orderType(.*)/info.html     /cfdocs/edu/104reading/$1.cfm?uno=$2&orderType=$3       [L,QSA,PT]
RewriteRule     /cfdocs/edu/104reading/(.*)/uno(.*)/tag(.*)/info.html           /cfdocs/edu/104reading/$1.cfm?uno=$2&tag=$3             [L,QSA,PT]
RewriteRule     /cfdocs/edu/104reading/(.*)/uno(.*)/type(.*)/info.html          /cfdocs/edu/104reading/$1.cfm?uno=$2&type=$3            [L,QSA,PT]
RewriteRule     /cfdocs/edu/104reading/(.*)/tag(.*)/page(.*)/info.html          /cfdocs/edu/104reading/$1.cfm?tag=$2&page=$3            [L,QSA,PT]

RewriteRule     /cfdocs/edu/104reading/(.*)/j(.*)/info.html     /cfdocs/edu/104reading/$1.cfm?j=$2      [L,QSA,PT]
RewriteRule     /cfdocs/edu/104reading/(.*)/kw(.*)/info.html    /cfdocs/edu/104reading/$1.cfm?kw=$2     [L,QSA,PT]
RewriteRule     /cfdocs/edu/104reading/(.*)/cno(.*)/info.html   /cfdocs/edu/104reading/$1.cfm?cno=$2    [L,QSA,PT]
RewriteRule     /cfdocs/edu/104reading/(.*)/nno(.*)/info.html   /cfdocs/edu/104reading/$1.cfm?nno=$2    [L,QSA,PT]
RewriteRule     /cfdocs/edu/104reading/(.*)/uno(.*)/info.html   /cfdocs/edu/104reading/$1.cfm?uno=$2    [L,QSA,PT]
RewriteRule     /cfdocs/edu/104reading/(.*)/tag(.*)/info.html   /cfdocs/edu/104reading/$1.cfm?tag=$2    [L,QSA,PT]

rsyslog conf

$ModLoad imtcp.so
$ModLoad ommysql
:syslogtag, contains, "nmbd"  ~

$template manphp,"insert into $Groupname (Message, Facility, FromHost, Priority, DeviceReportedTime, ReceivedAt, InfoUnitID, SysLogTag) values ('%msg%', %syslogfacility%, '%HOSTNAME%', %syslogpriority%, '%timereported:::date-mysql%', '%timegenerated:::date-mysql%', %iut%, '%syslogtag%')",SQL
$template cmdlog,"insert into $Groupname (Message, Facility, FromHost, Priority, DeviceReportedTime, ReceivedAt, InfoUnitID, SysLogTag) values ('%msg%', %syslogfacility%, '%HOSTNAME%', %syslogpriority%, '%timereported:::date-mysql%', '%timegenerated:::date-mysql%', %iut%, '%syslogtag%')",SQL
$template securelog,"insert into $Groupname (Message, Facility, FromHost, Priority, DeviceReportedTime, ReceivedAt, InfoUnitID, SysLogTag) values ('%msg%', %syslogfacility%, '%HOSTNAME%', %syslogpriority%, '%timereported:::date-mysql%', '%timegenerated:::date-mysql%', %iut%, '%syslogtag%')",SQL

#define web group
+(servername)
##bypass log policy##
:msg, contains, "DBERROR:"  ~
##custom log policy##
:msg, contains, "attackalert:" >(IPADDR),linuxlog,rsyslog,(password);$Groupname
:msg, contains, "exec_command:" >(IPADDR),cmdlog,rsyslog,(password);cmdlog
if $syslogtag == 'rsyslogd:' then >(IPADDR),linuxlog,rsyslog,(password);$Groupname
if $syslogtag == 'MD5:' then >(IPADDR),linuxlog,rsyslog,(password);$Groupname
if $syslogpriority == '4' then >(IPADDR),linuxlog,rsyslog,(password);$Groupname#warn
if $syslogpriority == '3' then >(IPADDR),linuxlog,rsyslog,(password);$Groupname#error
if $syslogpriority == '2' then >(IPADDR),linuxlog,rsyslog,(password);$Groupname#crit
if $syslogpriority == '1' then >(IPADDR),linuxlog,rsyslog,(password);$Groupname#alert
if $syslogpriority == '0' then >(IPADDR),linuxlog,rsyslog,(password);$Groupname#emerg
##standard log policy##
authpriv.*  >(IPADDR),securelog,rsyslog,(password);securelog
##web group setting end##



============db ===========
cmdlog

CREATE TABLE `3phd` (
`ID` INT(10) UNSIGNED NOT NULL AUTO_INCREMENT,
`CustomerID` BIGINT(20) NULL DEFAULT NULL,
`ReceivedAt` DATETIME NULL DEFAULT NULL,
`DeviceReportedTime` DATETIME NULL DEFAULT NULL,
`Facility` SMALLINT(6) NULL DEFAULT NULL,
`Priority` SMALLINT(6) NULL DEFAULT NULL,
`FromHost` VARCHAR(60) NULL DEFAULT NULL,
`Message` TEXT NULL,
`NTSeverity` INT(11) NULL DEFAULT NULL,
`Importance` INT(11) NULL DEFAULT NULL,
`EventSource` VARCHAR(60) NULL DEFAULT NULL,
`EventUser` VARCHAR(60) NULL DEFAULT NULL,
`EventCategory` INT(11) NULL DEFAULT NULL,
`EventID` INT(11) NULL DEFAULT NULL,
`EventBinaryData` TEXT NULL,
`MaxAvailable` INT(11) NULL DEFAULT NULL,
`CurrUsage` INT(11) NULL DEFAULT NULL,
`MinUsage` INT(11) NULL DEFAULT NULL,
`MaxUsage` INT(11) NULL DEFAULT NULL,
`InfoUnitID` INT(11) NULL DEFAULT NULL,
`SysLogTag` VARCHAR(60) NULL DEFAULT NULL,
`EventLogType` VARCHAR(60) NULL DEFAULT NULL,
`GenericFileName` VARCHAR(60) NULL DEFAULT NULL,
`SystemID` INT(11) NULL DEFAULT NULL,
`ProcessID` INT(11) NULL DEFAULT NULL,
`Messagetype` VARCHAR(60) NULL DEFAULT NULL,
PRIMARY KEY (`ID`)
)
COLLATE='latin1_swedish_ci'
ENGINE=MyISAM
AUTO_INCREMENT=337;

===========================

linuxlog

CREATE TABLE `3phd` (
`ID` INT(10) UNSIGNED NOT NULL AUTO_INCREMENT,
`CustomerID` BIGINT(20) NULL DEFAULT NULL,
`ReceivedAt` DATETIME NULL DEFAULT NULL,
`DeviceReportedTime` DATETIME NULL DEFAULT NULL,
`Facility` SMALLINT(6) NULL DEFAULT NULL,
`Priority` SMALLINT(6) NULL DEFAULT NULL,
`FromHost` VARCHAR(60) NULL DEFAULT NULL,
`Message` TEXT NULL,
`NTSeverity` INT(11) NULL DEFAULT NULL,
`Importance` INT(11) NULL DEFAULT NULL,
`EventSource` VARCHAR(60) NULL DEFAULT NULL,
`EventUser` VARCHAR(60) NULL DEFAULT NULL,
`EventCategory` INT(11) NULL DEFAULT NULL,
`EventID` INT(11) NULL DEFAULT NULL,
`EventBinaryData` TEXT NULL,
`MaxAvailable` INT(11) NULL DEFAULT NULL,
`CurrUsage` INT(11) NULL DEFAULT NULL,
`MinUsage` INT(11) NULL DEFAULT NULL,
`MaxUsage` INT(11) NULL DEFAULT NULL,
`InfoUnitID` INT(11) NULL DEFAULT NULL,
`SysLogTag` VARCHAR(60) NULL DEFAULT NULL,
`EventLogType` VARCHAR(60) NULL DEFAULT NULL,
`GenericFileName` VARCHAR(60) NULL DEFAULT NULL,
`SystemID` INT(11) NULL DEFAULT NULL,
`ProcessID` INT(11) NULL DEFAULT NULL,
`Messagetype` VARCHAR(60) NULL DEFAULT NULL,
PRIMARY KEY (`ID`)
)
COLLATE='latin1_swedish_ci'
ENGINE=MyISAM
AUTO_INCREMENT=328279;




===============================
securelog


CREATE TABLE `3phd` (
`ID` INT(10) UNSIGNED NOT NULL AUTO_INCREMENT,
`CustomerID` BIGINT(20) NULL DEFAULT NULL,
`ReceivedAt` DATETIME NULL DEFAULT NULL,
`DeviceReportedTime` DATETIME NULL DEFAULT NULL,
`Facility` SMALLINT(6) NULL DEFAULT NULL,
`Priority` SMALLINT(6) NULL DEFAULT NULL,
`FromHost` VARCHAR(60) NULL DEFAULT NULL,
`Message` TEXT NULL,
`NTSeverity` INT(11) NULL DEFAULT NULL,
`Importance` INT(11) NULL DEFAULT NULL,
`EventSource` VARCHAR(60) NULL DEFAULT NULL,
`EventUser` VARCHAR(60) NULL DEFAULT NULL,
`EventCategory` INT(11) NULL DEFAULT NULL,
`EventID` INT(11) NULL DEFAULT NULL,
`EventBinaryData` TEXT NULL,
`MaxAvailable` INT(11) NULL DEFAULT NULL,
`CurrUsage` INT(11) NULL DEFAULT NULL,
`MinUsage` INT(11) NULL DEFAULT NULL,
`MaxUsage` INT(11) NULL DEFAULT NULL,
`InfoUnitID` INT(11) NULL DEFAULT NULL,
`SysLogTag` VARCHAR(60) NULL DEFAULT NULL,
`EventLogType` VARCHAR(60) NULL DEFAULT NULL,
`GenericFileName` VARCHAR(60) NULL DEFAULT NULL,
`SystemID` INT(11) NULL DEFAULT NULL,
`ProcessID` INT(11) NULL DEFAULT NULL,
`Messagetype` VARCHAR(60) NULL DEFAULT NULL,
PRIMARY KEY (`ID`)
)
COLLATE='latin1_swedish_ci'
ENGINE=MyISAM
AUTO_INCREMENT=328279;



==========================
winlog


CREATE TABLE `backer` (
`ID` INT(10) UNSIGNED NOT NULL AUTO_INCREMENT,
`CustomerID` BIGINT(20) NULL DEFAULT NULL,
`ReceivedAt` DATETIME NULL DEFAULT NULL,
`DeviceReportedTime` DATETIME NULL DEFAULT NULL,
`Facility` SMALLINT(6) NULL DEFAULT NULL,
`Priority` SMALLINT(6) NULL DEFAULT NULL,
`FromHost` VARCHAR(60) NULL DEFAULT NULL,
`Message` TEXT NULL,
`NTSeverity` INT(11) NULL DEFAULT NULL,
`Importance` INT(11) NULL DEFAULT NULL,
`EventSource` VARCHAR(60) NULL DEFAULT NULL,
`EventUser` VARCHAR(60) NULL DEFAULT NULL,
`EventCategory` INT(11) NULL DEFAULT NULL,
`EventID` INT(11) NULL DEFAULT NULL,
`EventBinaryData` TEXT NULL,
`MaxAvailable` INT(11) NULL DEFAULT NULL,
`CurrUsage` INT(11) NULL DEFAULT NULL,
`MinUsage` INT(11) NULL DEFAULT NULL,
`MaxUsage` INT(11) NULL DEFAULT NULL,
`InfoUnitID` INT(11) NULL DEFAULT NULL,
`SysLogTag` VARCHAR(60) NULL DEFAULT NULL,
`EventLogType` VARCHAR(60) NULL DEFAULT NULL,
`GenericFileName` VARCHAR(60) NULL DEFAULT NULL,
`SystemID` INT(11) NULL DEFAULT NULL,
`ProcessID` INT(11) NULL DEFAULT NULL,
`Messagetype` VARCHAR(60) NULL DEFAULT NULL,
PRIMARY KEY (`ID`)
)
COLLATE='latin1_swedish_ci'
ENGINE=MyISAM
AUTO_INCREMENT=62719136;