Recovering Lost Email Addresses for a User

Posted by admin | Filed under Pick and Mix

A user of NeostormInternet.com had lost their address book with many important email addresses, I was able to recover many of them from various logfiles on the server, whilst the messages no longer existed, whenever a mail arrives or is sent a record is saved to various text files on the server.

So I had to work out a way of extracting these for the user amongst all the spam as well.I’ve recently fallen in love with grep, which is tool for searching through files, so this was my weapon of choice.

So first job was to locate the logfiles that might have the info I needed, because of log rotation, there were no logs older than a week for SMTP records, however, the anti spam system keeps track of received messages to help with it’s anti spam efforts. These are located here on my Centos/WHM/ASSP protected box.

  1. /usr/local/assp

So I ran the following command:

  1. grep -h ‘emailaddress@domain.com’ /usr/local/assp/* > ~/results_stage01.txt

Okay, so we got all lines from all in files that were in the /usr/local/assp/ folder in a file called results_stage01.txt

Next I need to seperate filtering rubbish from spam, as they are in the same file. Real Messages that are delivered through the system get a flag called “MESSAGE OK”, so I wanted to extract that line to another file, so I ran this.

  1. grep -h ‘MESSAGE OK’ ~/results_stage01.txt > results_stage02.txt

Easy eh, the this has also removed the duplicates, as each email will create several lines as it passes through various filters. The final step is to extract the email address which is between two anchor tags ‘EMAILADDRESSHERE’. So I used the following command:

  1. grep -E -h -o ‘<.*?>’ results_stage02.txt > results_stage03.txt

If you view that file, you should see a list of email addresses, those addresses correspond to people who have contacted you, which should help you reconstruct your address book.

If you want to be flash you can combine all of them into a single command!

  1. grep -h ‘email@domain.com’ /usr/local/assp/* | grep -h ‘MESSAGE OK’ | grep -h -o -E  ‘<.*?> ‘ > collected_addresses.txt

(I would of combined the final mail command command as wel, but it seems mail only accepts input from a file rather than stdout).

  1. mail -s "Your Requested Addresses" email@example.com < collected_addresses.txt

Have fun, hope it helps some of your clients.

Share and Enjoy:
  • Print
  • email
  • Google Bookmarks
  • Digg
  • Facebook
  • del.icio.us
  • Mixx
  • Live
  • NewsVine
  • Slashdot
  • Technorati
  • Ma.gnolia

Tags: , , , , ,

Permalink | Comments (0) | May 27, 2009

Leave a Reply