I use spamass-milter - it works very well. But, since it doesn't log the IP Address of rejected messages, I have to manually grep through to identify the info I need. I am not sure the IP address is available to the milter at that part of the transaction; however, failing adding that to the log output (which would make life easier), I'm looking for a means to parse the textual log, using the message-id as the key, to parse out the information I need. I know I could just use syslog-ng and log to mysql, but I'm not there yet. My limited programming experience would have me parsing over the entire log for the message-id multiple times to match lines - that can't be efficient Basically, I want to get the IP address of the host that was rejected by Spamass-milter -- from there, I determine whether the host is offensive and needs to be packet filtered. Thanks.