20YY-MM-DD (version: 1.51.04)
 - New maintainer: Michael Orlitzky.
 - Support for modern versions of Amavis and Perl.

2014-05-01 (version: 1.51.03)
 - Fix: Update RE for TIMING lines to accomodate new output from amavis 2.8.1 with
   Unix::Getrusage installed.
 - Fix: Ignore 2.8.1's RUSAGE report
 - Fix: increment spamdiscarded category on do_notify_and_quarantine: cutoff, blacklisted.
 - Fix: Some log lines that were no longer being ignored (minor changes)
 - Fix: Ignore some DSPAM lines: Thanks: Christian Rößner
 - Change: Several minor changes in the SADiags section: "SA info: dns: [...]" lines
   are ignored; canonicalize some PIDs and IDs, replacing them with with generic
   "<PID>" and "<ID>" strings to allow grouping.
 - Fix: Handle new amavisd startup messages
 - Fix: Handle format changes for Amavisd-new 2.9.0

2012-02-27 (version: 1.51.02)
 - Fix: Ignore case of SPAM-TAG lines. Amavisd-new 2.7.0 changed the
   SPAM-TAG line to Spam-tag, and changed its log level to 3.  This
   log entry is used to trigger spam tagged counts.  Users on 2.7.0
   will have to increase log_level to 3, or change the amavisd-new
   source code as per the patch located in this message:
   http://lists.amavis.org/pipermail/amavis-users/2012-January/001163.html
 - Fix: Ignore more debug/misc log lines
 - Thanks: Stefan Jakobs

2012-01-14 (version: 1.51.01)
 - Fix: Removed old references to $re_DSN, $re_QID, $re_DDD (obsoleted
   and removed from shared packages) which prevented amavis-logwatch
   from runnning.

2012-01-11 (version: 1.51.00)
 - Change: License is now the MIT/X-Consortium License:
   http://www.opensource.org/licenses/mit-license.php
   This allows re-inclusion into the logwatch project.

2011-07-08 (version: 1.50.04)
 - Fix: Support 2.7's log_short_templ changes ([:client_addr_port],
   {actions_performed}).
 - Fix: Support 2.7's TIMING lines, which now start with "size: "
 - Fix: Support 2.7's new BAD-HEADER-[:ccat|minor]; The stuff after
   BAD-HEADER is ignored.
 - Fix: Ignore log parser compatibility "header_edits_for_quar..." lines.
 - Fix: Additional minor 2.7 log line changes
 - Fix: Ignore more debug lines.
 - Thanks: Michael Orlitzky
 - Fix: change method of untaint'ing data when evaluating per-recipient
   boost in Hits; required for newer perl versions.

2010-11-12 (version: 1.50.03)
 - Fix: Eliminate use of $re_IP, as it is too complicated, expensive, and did
   not correctly match all valid IPv6 addresses. Thanks: Michael Orlitzky
 - Fix: Ignore extra entries after tests= in SPAM lines, for the case where the
   tests are not surrounded by brackets (Maia, and older amavisd versions).
 - Fix: Ignore more debug lines.
   Thanks: Stefan Jakobs
 - Internal: Update URL to Sourceforge.

2010-03-09 (version: 1.50.02)
 - Fix: tarball was missing html documentation. Thanks: Michael Orlitzky

2010-03-02 (version: 1.50.01)
 - New: Allow enabling/djsabling the summary section in config file, using
   var $postfix_Show_Summary and command line option --[no]summary.
   Thanks: Benedikt Bohm
 - Change: Ignore all 'wbl' log lines, until they cannot be meaningfully
   summarized.
 - Fix: Score frequencies buckets were not sorted correctly, causing
   erroneous bucket tallies.  Thanks: Victor Hugo dos Santos
 - Fix: Ignored lines are placed into a list at runtime instead of
   at compile time.  Works around perl bug #56202 I discovered
   while working on postfix-logwatch.
 - Fix: Support continuation lines that include the alert markers
   (!) and (!!).
 - Fix: Skip RUSAGE reporting lines
 - Fix: Ignore more debug lines.
 - Thanks: Chris Burton, Gabriele Beltrame, Jernej Porenta,
   Danny (aka "Technik"), Ricardo Stella, Armin Tueting

2009-07-19 (version: 1.50.00)
 - New: MalwareToSpam report shows whether or not amavis turned
   a virus scanner infected result into a spam score, and the score
   assigned.
 - New: Handle some new logging messages from amavisd 2.6.3.
 - New: Counter for truncated messages passed to SA (amavis >= 2.6.3).
 - New: Group white/blacklisted sender addrs by domain for limiting
 - New: Section SADiags for amavis reported SpamAssassin diagnostics
   (log lines started with "SA warn", "SA info", etc.).
 - Change: Group official vs. unofficial ClamAV detections in
   MalwareByScanner (and MalwareToSpam) reports.
 - Change: Level of detail now shown in Detail section's title.
 - Fix: Patch to ignore "storage and lookups will..." messages
   when more than one SQL server is in use.
 - Fix: Don't collect SpamScores (for the spam score frequencies and
   spam score percentiles reports) when not necessary.
 - Fix: Better diagnostic when limiter level is not specified on
   the command line using the --limit option (eg:
   "--limit malwarebyscanner" v. "--limit malwarebyscanner=10").
 - Fix: Coerce previously unmatched "unknown bad table name" log
   line into Warning section.
 - Fix: Divide by zero error in print_summary_report(), found in
   test case.
 - Fix: Remove duplicates from test=[xxx,...], which occurs in
   amavis < 2.6.2 when using @virus_name_to_spam_score_maps, which
   would be seen in SpamAssassin Rule Hits reports as double-counted
   AV:xxx hits.
 - Fix: Routine to strip out trace information was too greedy.
 - Fix: handle p0f lines w/short client info (eg. MYNETWORKS).
 - Fix: Ignore "Error reading mail header section", which is diag
   output for a condition created by a perl getline() bug.
 - Fix: Handle other syslog formats.
 - Fix: Update some missing options and information in man page.
 - Fix: Ignore more debug lines.
 - Internal: Ignored lines are now placed into a list, instead of
   hard coded into the code.  In the future, this will allow users
   to configure ignore patterns without making code modifications.
 - Thanks: Jernej Porenta, Jerzy Sakol, Chris Burton, Armin T�ting

2008-11-13 (version: 1.49.09)
 - Fix: Work around minor amavis logging error which produces
   empty _WARN|_DIE lines.  Thanks: Rob Sterenborg and Chris Burton
 - Fix: remove debugging print which is likely never reached.

2008-06-25 (version: 1.49.08)
 - Fix: White and blacklisted was broken.  Added soft-hard
   distinction to reports.
 - Fix: Ignore more debug log lines.
 - Thanks: Brendan
 - Fix: debug keyword unmatched had incorrect value assigned,
   disabling the ability to output the unaltered UNMATCHED debug
   lines using --debug unmatched.
 - Fix: The counter "Spam tagged" was being incremented for
   SPAM lines (it should only increment on SPAM-TAG lines).
   Thanks: Armin T�ting

2008-06-24 (version: 1.49.07)
 - New: Added p0f (passive fingerprinting) hits by contents type,
   OS, and IP address in Detail section.  Controlled by level
   limiter variable 'p0f', which is set to level 2 by default
   (this shows OS genre, but suppresses further by-IP address
   breakdown); increase to level 3 for per-IP breakdown.
   This section may be moved into a suppliemental report later.
 - Fix: Ignore more debug log lines.  Thanks: Brendan

2008-06-18 (version: 1.49.06)
 - New: Include hit counts after each key name in Timings report.
 - New: SpamAssassin timings percentiles report.  Options:
   sa_timings, sa_timings_percentiles.  Requires amavis version
   2.6+ and SpamAssassin 3.3+.
 - Change: Scan Times percentiles report units have been changed to
   milliseconds rather than seconds.
 - Change: Removed the "Hypothetical" row from timings reports; it
   was not very meaningful.

2008-06-11 (version: 1.49.05)
 - New: Reduce some noise in smtpresponse section
 - Thanks: Robert Brooks

2008-06-10 (version: 1.49.04)
 - New: Show count of Spam tagged messages in Summary.
 - Fix: The fix in 1.49.02 of treating SPAMMY as ham was incorrect.
   SPAMMY is spam, not ham.
 - Fix: Removed extraneous spaces from end of log lines, left by
   some syslog implementations.
 - Fix: Ignore SQL reconnecting "NOTICE: reconnecting in response to..."
 - Fix: Ignore "FuzzyOcr: Skipping ..., image too small" lines for now.
 - Fix: Better handle when name field in MIME part is only whitespace
 - Thanks: Robert Brooks

2008-06-08 (version: 1.49.03)
 - New: Count of penpals saved from kill reported in Summary.
 - Fix: Include $amavis_Line_Style in config file.
 - Fix: Clear start info earlier if "logging initialized" line is
   present.  Otherwise, consider "starting.  " as the first line.
 - Fix: Some startinfo output was occuring when --nodetail was set.
 - Fix: Supplemental sections could not be re-enabled after using
   --nodetail.
 - Fix: SMTP: connection lines may not include size, which causes
   unmatched lines. Thanks: Stefan F�rster
 - Fix:  In the above case, the number of bytes scanned is not available.
   Byte scanned is now calculated from the size data available in the
   Passed/Blocked line.  Note: this number is slightly smaller than
   that reported in the LMTP/SMTP connection line, so the total bytes
   scanned number will be marginally reduced.

2008-05-29 (version: 1.49.02)
 - Change: level limiters are no longer unique command line options,
   but are now parameters to the single option "--level" or "-l".
   This reduces the number of command line options in the help list,
   and simplifies the code added to support reject_reply_patterns.
   For example, the config file level limiter $amavis_SpamBlocked = 2,
   the command line option would be --limit spamblocked=2 or
   -l SpamBlocked=2, rather than the previous --spamblocked=2.
   This also means the --no variants for level limiters are gone
   (eg. --nosent; instead use -l SpamBlocked=0).  There is no change
   within the configuration files.  Limiters can still be abbreviated
   so long as they are unambiguous.
 - Change: dccproc is included in syslog_name in standalone mode.
 - Change: nodsnsent* variants merged into single dsnsuppressed section,
   which is now included in Detail section.
 - Change: Moved total message scan counts/bytes to the top of the
   Summary report.
 - Change: Spam score percentiles report broken out by contents
   category: unchecked, spam, and ham.  SA is not called when contents
   category is VIRUS or BANNED; UNCHECKED may have a spam score, and
   anything less than SPAM is considered ham.   Note: the count of
   ham in the score reports may be less than the ham count shown in
   the Summary section, as SA may have been bypassed (see the
   SpamAssassin bypassed count in the summary report).
   Encouraged by: Hannes Erven
 - Change: Passed/Blocked sections are now ordered by priority, as 
   defined by amavis: VIRUS, BANNED, UNCHECKED, SPAM, SPAMMY, BADH,
   OVERSIZED, MTA, and CLEAN.
 - New/Change: Summary section now includes both Passed/Blocked and
   Ham/Spam breakdowns.  Previously, only a Ham/Spam breakdown was
   present, and this was insufficient to accurately show how messages
   were classified.  Passed/Blocked is the first grouping shown in
   Summary section, and the Spam/Ham/etc. grouping is the second.
   This sub-section can be suppressed with via --noby_ccat_summary or
   amavis_show_by_ccat_summary = No.
 - New: Option --line_style instructs how to handle lines lengths
   longer than max_report_width.  Options are "wrap", "full", or
   "truncate" (default).  The older --detail >= 11 is equivalent
   to line_style=full; line_style=truncate or line_style=wrap has
   higher precedence and will dictate how long lines are handled.
   Option abbreviations are --truncate, --wrap, or --full.
 - New: Single letter options for some long options; run with
   --help to see list.  More may be added in the future.
 - New: Beginning of support for amavis 2.6 log entries.
   Bounce killer sections: bouncekilled, bouncerescued, and
   bounceunverifiable.
 - New: VirusScanSkipped section.
 - New: Include hit counts in spam score percentiles and spam score
   frequency reports.  Score is adjacent to row header.
 - Fix: In spam score reports, spam scores are collected for any
   contents category; previously, only ham and spam categories
   were used.  If a score exists, it is used.
 - Fix: SPAMMY was being treated as spam instead of ham.
 - Fix: Passed UNCHECKED lines were reported as Unmatched, due to
   spelling error (UNCHECED v. UNCHECKED) in RE.
 - Fix: At detail > 10, log lines were truncated to max_report_width.
 - Fix: Ignore dkim lines until better report is created.
 - Fix: Ignore more debug log lines.
   Thanks: Armin T�ting
 - Fix: eliminate some extraneous newline output.
 - Internal: debug output is now controlled by keywords.

2008-03-17 (version: 1.49.01pre1)
 - New: Option sect_vars shows names of section configuration
   variables/command line options in titles of Detail report sections.
   This allows easy correlation of corresponding configuration file
   variables/command line option for each section. [ Default: off ]
 - New: amavis-logwatch man page created.
 - New: Threshold limiting and Top N lists for every level in each
   Detail section.  Every level in each section can now be limited
   with minimum count thresholds and top N lists.  See the updated
   README file, the comments in the amavis-logwatch.conf file, and
   the new amavis-logwatch man page.
 - New: Added Defanged and DefangError sections
 - New: Autolearn report available when autolearn entries exist. This
   feature requires enabling autolearn entries in amavis' $log_templ
   log template, at the end of the amavis program or by proper 
   configuration of $log_templ in your amavisd.conf file.
   Encouraged by: "Cube"
 - Change: All recipients are now show when multiple recipients are
   present.  Previously, only the first recipient was shown.  The
   new option --first_recip_only will enable the previous behavior.
 - Change: Timings percentiles report title and summary labels
 - Change: Taint mode is now on by default in standalone mode.  It is
   disabled upon installation in logwatch mode, as logwatch fails with
   taint mode enabled.
 - Change: Summary report format has been changed (once again).
 - Fix: Significantly reduce memory footprint when detail < 5.
 - Fix: Usage and --help now correctly show only Detail section
   level limiter options that are available.  Previously, summary-
   only counts were also display as level limiter options.
 - Fix: configuration file reading code was not properly warning on
   non-existent files
 - Fix: use Received ip (%e macro in log_templ) if client IP (%a) is
   not available.
 - Fix: ignore diagnostic defang messages.  Thanks: Leon Kolchinsky
 - Fix: SpamDiscarded messages were being added to TotalSpams, but
   this is incorrect, as SpamDiscarded is already included in
   SpamBlocked.  SpamBlocked is now reduced by SpamDiscarded, and
   TotalSpams is correct again.
 - Fix: Ignore more level 3+ log lines.
 - Fix: unmatched SPAM-TAG lines when no quarantine enabled.
   Thanks: Paul Dulaba
 - Fix: sabypassed section was being double counted due to spam-scan
   lines
 - Fix: report header was one character too wide
 - Internal: Converted source to be package-based to allow code sharing
   with postfix-logwatch.  The single-file executable is auto-generated
   from the packages.
 - Internal: internal gen_test_log function to create sample log data
   for testing. Reads '#TD' comments from within amavis-logwatch.
 - Internal: converted all Section keynames to lowercase to avoid
   silly case errors due to hash key case differences in Sections,
   Opts, and Collecting hashes.
 - Internal: Cleanup Passed/Blocked code

2008-01-25 (version: 1.48.27)
 - Released

2008-01-19 (version: 1.48.27pre5)
 - Fix: Relax email address REs
 - Fix: Prefix unknown data with an asterisk as in postfix-logwatch
   (eg. "*unknown")
 - Fix: Generalize capture of "Empty result from ..." to support
   any AV scanner
   Thanks: Stefan Jakobs
 - Fix: Ignore more level 5 log lines.

2008-01-16 (version: 1.48.27pre4)
 - Fix: Ignore "policy protocol: policy_bank=..." lines, and
   report as warnings "policy protocol: INVALID..." lines
   Thanks: Jurek Sakol
 - Fix: Additional WarningSQL captures.
 - Fix: Ignore more level 5 log lines.

2008-01-14 (version: 1.48.27pre3)
 - Fix: Ignore ! leader chars in "FWD via SMTP: ..." and similar.
   Thanks: Stefan Jakobs

2008-01-14 (version: 1.48.27pre2)
 - New: SmtpResponse section for various negative and positive
   SMTP reponse log lines.
 - New: TmpPreserved section to capture log lines indicating when
   amavis does not remove temporary directories
 - Fix: Experimental: Handle more dccproc errors in DccError
   Thanks: Stefan Jakobs
 - Fix: ignore "save_info_preliminary..." and "save_info_final ..."

2007-12-14 (version: 1.48.27pre1)
 - New: Handle "Quarantine release xxx: missing X-Quarantine-ID" log
   entries as warnings in new section WarningNoQuarantineID.
 - New: Handle "WARN: address modified ..." log entries as warnings
   in new section WarningAddressModified.

2007-12-14 (version: 1.48.26)
 - Fix: Handle empty sender in release from quarantine
 - Fix: Handle amavis 2.5.3's "extra modules loaded after daemonizing"
   message
 - New: AVTimeout is now treated as a warning so it will show at the
   top of the Summary report.  The scanner that timed out is available
   in the Detail section.
 - New: AVConnectFailure, WarningSmtpShutdown, WarningSQL sections.
   These were previously grouped under the Warnings section; Like the
   AVTimeout section, these too will also appear at the top of the 
   Summary report.
 - Fix: canonicalize several warnings which differed only by process
   number, amavis id, callback info, etc.  Thanks: Stefan Jakobs
 - Fix: several Warning Counts variables were inconsistently used.
 - Fix: avoid useless reporting of Perl's pseudo-modules which can't,
   be pre-loaded once (eg. those in .../unicore/lib/).

2007-10-17 (version: 1.48.26pre4)
 - Incompatible Change: some more config variable/option name changes
   for naming consistency and shortening: ReleasedMsg -> Released,
   CleanMsgPassed, CleanMsgBlocked -> CleanPassed, CleanBlocked respectively
 - Change: uncomment all variables in the config file.  This ensures the
   variables in the config file stay in sync with those used in the 
   source.
 - Fix: sync'd incorrect names in config file with source
   Thanks: Isaac Ordonez
 - New: Handle "Can't send SIG 0 to process [###]: Operation not permitted..."

2007-10-14 (version: 1.48.26pre3)
 - Changed: In timings report, always show actual totals instead of totals for
   the data presented (eg. when --timings was < 100%).
 - Changed: Total times shown in timings percentiles report previously 
   were the sum of the percentiles columns.  This represented a cherry-picked,
   hypothetical set of values.  Now, there are two totals shown: the first
   is a percentiles report calculated from the actual set of per-message total
   scan times reported by amavis, and the second is a hypothetical worst/best
   case, whose percentiles are calculated from simple column summations.
   Encouraged by: Robert Brooks

2007-10-10 (version: 1.48.26pre2)
 - New: Spam score frequency report, controlled with option --score_frequency.
   Suggested by: Robert Brooks
 - Incompatible Change: To reduce the number of configuration file variables 
   and command line options, and to be more consistent, several config
   variables/command line options have changed.  In general, the method now
   employed is an overloading approach; specifying values for a report
   section also enables that section.  The "no" variant disables a section,
   and the new keyword "default" resets options to their internal defaults.
   Run amavis-logwatch --help to see a list of the new options, and see the
   comments in the default amavis-logwatch.conf file.
 - Fix: IP isn't always reported; report "Unknown" in such cases 
 - Internal: change how options are processed
 - Internal: parameterize some report formatting

2007-10-02 (version: 1.48.26pre1)
 - New: show percentiles totals at bottom of percentile report.
   Suggested by: Robert Brooks

2007-09-21 (version: 1.48.25)
 - Fix: Ignore "mail checking ended: " and "AM.PDP" lines.  Also, escape
   a dot in an ignore pattern, and remove duplicate.
   Thanks: Curtis Doty, Mark Martinec

2007-09-17 (version: 1.48.24)
 - Fix: Remove excessive blank lines in summary output

2007-09-16 (version: 1.48.23)
 - Fix: Support SMTP connections to amavis
 - Experimental: Reformated summary section to better show the relationship
   between counts, percentages, and totals.  Feedback encouraged.

2007-09-13 (version: 1.48.22)
 - Fix: no -D option to install in FreeBSD.  Use -d instead in Makefile

2007-09-01 (version: 1.48.21)
 - Fix: use ask_av and run_av as virus indicators for Malware by Scanner,
   as previously used virus_scan line does not report accurate information
   when multiple scanners report different malware names
 - Fix: ignore "broken pipe (don't worry), retrying" messages
 - Fix: Directory permission within tarball was not executable
 - Fix: remove rooted path in md5 file
 - Fix: Makefile install-logwatch rule was missing a parenthesis
 - Fix: Makefile updates from Till Mass

2007-08-31 (version: 1.48.20)
 - Change: Include GPLv2 license
 - Change: Include version number in tarball file name
 - Internal: Move CVS log comments to Changes file

2007-08-29 (version: 1.48.19)
 - New: added --syslog_name ($amavis_Syslog_Name) for installations where
   syslog name is not "amavis" (eg. /usr/sbin/amavisd).
   New: ignore additional amavis log entries
   Thanks: Jordi Espasa Clofent

2007-08-15 (version: 1.48.18)
 - Internal: change variable Formats to the more obvious named Sections

2007-08-14 (version: 1.48.17)
 - New: capture "skip local delivery..." messages, controlled with
   LocalDeliverySkipped variable/option.  Thanks Andrew M. Kinnard
 - Output help and version info on STDOUT for easier pipelines to a pager
 - Internal: split printReports into printSummaryReport and printDetailReport

2007-08-13 (version: 1.48.16)
 - New: enable detail output for clean blocked messages
 - Fix: disable startinfo report when --nodetail is given

2007-08-04 (version: 1.48.15)
 - New: option --nodetail zeros out all detail levels, to more easily obtain
   only specified detailed reports (eg: --nodetail --spamblocked=4) will
   show only spam blocked (to level 4) in the details section.
 - New: option --nosummary disables the summary section
 - New: detailed section command line arguments can now be specified with the
   prefix "no", to set the level to 0 (eg. --nospampassed is equivalent to
   --spampassed 0).

2007-08-03 (version: 1.48.14)
 - New: option --config_file allows specifying a configuration file via
   command line. Options in configuration file act as though they were
   set on the command line in order, with ealier settings being over-
   ridden by most recent settings.  Multiple config_file options may
   be specified.
 - Fix: Yes/True and No/False config values weren't being read properly
   in standalone

2007-08-02 (version: 1.48.13)
 - Ignore "storage and lookups will use the same connection to SQL"
 - Support bracketed IP in LMTP messages (eg. "LMTP:[127.0.0.1]:10026...")
 - Thanks John Beaver

2007-07-13 (version: 1.48.12)
 - FreeBSD change in v1.48.11 botched non-freeBSD systems

2007-07-13 (version: 1.48.11)
 - Support FreeBSD (<facility.priority> preceeds hostname in syslog)

2007-07-06 (v1.48.10)
 - Capture and summarize cabextract messages

2007-07-05 (v1.48.9)
 - Generalize archive extraction problem messages.   The new variable
   amavis_ArchiveExtract replaces amavis_EmptyMember and EncryptedArchive.
 - Generalize some fatal and warning messages
 - Capture and summarize more MAIA and MySQL entries
 - Add MAIA Fake Sender section

2007-07-03 (v1.48.8)
 - Experimental: syntax to limit Top N level 1 output lines.  Variables
   that control depth levels in detailed reports can be specified as
   m.n, where m is the maximum level to output, and n specifies the number
   of level 1 items output.   Eg: $amavis_SpamBlocked=2.10, will output
   the top 10 level 1 items, with each item providing 2 levels of detail.
 - Capture "Config files read"

2007-07-03 (v1.48.7)
 - Reorganized code; favors newer amavis releases
 - Show scores assigned to each SA test in spam/ham reports
 - Catch and report file(1) bad/extra output messages
 - increased width of timing report for maia
 - Add additional ccats MTA-BLOCKED, OVERSIZED, OTHER
 - Support older amavis entries (as in maia)

2007-06-07
 - Changed NoSubject title to more accurately indicate Subject header insertion

2007-05-31
 - Fix bug which caused config file to be required in standalone mode

2007-05-28
 - Added content-type section (log_level >= 2)
 - Added SpamAssassin bypassed count summary ($sa_mail_body_size_limit)
 - Only print report headers for SA rules report when data exists
 - Fix end points of percentiles calculations
 - In percentile reports, when N% is requested for output, show *at least*
   N% (previously was *at most*, which might have produced no values)
 
 - NOTE: Some older amavis log entries may be flagged as Unmatched, as code
   restructuring now favors recent amavis releases.  Please report any
   Unmatched entries and I will correct the problems immediately.

2007-05-27
 - Can't ignore all do_quarantine_and_notify messages; one indicates quarantine cutoff level
 - Additional continuation line fix; several log entries end with "..." and are not
   continuation lines, causing subsequent log line to be ignored.  Continuation lines are
   exactly 980 chars - see comments in source.
 - Internal: Group similar messages
 - Add zero-width assertions and use strict IP RE in bycount sort subroutine 
   to match IP addresses more reliably

2007-05-23
 - Fix alignment issue in Top N Spam/Ham reports
 - Provide a better (working) solution to avoid the SPAM/SPAM-TAG duplication 
   mentioned below.

2007-05-18
 - Allow supplementary reports to be printed even when TotalMsgs is 0;
   This typically would not occur in practice, but is useful for debugging.
 - Some lines ending with "..." are not actually continuation lines; treat
   them as ordinary lines for further consideration (Thanks Eray Aslan)
 - When both SPAM and SPAM-TAG are present, don't double count (which
   doubles SA test score accumulators). (Thanks Eray Aslan)
 - Rework white/blacklisted section; sender is now tracked. (Thanks Dan Horne)

2007-05-15
 - Revision 1.48  2007/05/16 04:27:17  mrc

2007-05-16
 - Ignore a few more log lines for log_level 3 
 - Fixed problem setting SARules config variable; renamed Show_SARules

2007-05-14
 - Revision 1.47  2007/05/14 17:28:21  mrc
 - Forgot to update Version string

2007-05-14
 - Revision 1.46  2007/05/14 17:20:45  mrc

2007-05-08
 - Minor changes to sync up with postfix-logwatch release
 - Capture MailZu quarantine release messages

2007-05-07
 - Handle amavis' Hits that includes, but does not add/subtract boost
   scores (eg. 1.03-3.5)
 - The option --timing_percentiles was not being recognized, due to name
   change from --percentiles.  Both are recognized.

2007-05-04
 - Ignore "The amavisd daemon is already running" messages

2007-05-02
 - Reworked the Startup info section.  Only shows at detail 10 by default

2007-05-01
 - Add Ham / Spam hits summary
 - Experimental: Show Top N Spam/Ham SA rules hit
 - Minor SPAM/SPAM-TAG RE update

2007-04-28
 - Experimental: Show hit Bayesian buckets
 - Experimental: Show hit SA tests
 - More cleanup (refactor common code, replace most global variables with lexicals,
   lowercase non-global variable names, shorten variable names, etc.)

2007-04-25
 - Renamed script to "amavis-logwatch" to avoid confusion when running
   in standalone mode.  See the README.
 - Experimental: Show spam score percentiles.
 - Additional standalone features. Try: logwatch_amavis/amavis --help

2007-04-24
 - Minor RE adjustment for amavis 2.5.0
 - Report SA version when shown in INFO line (amavis 2.5.0)
 - Top N percent of Timings report is now configurable (amavis_Timings)
 - Display of startup info can be disabled (amavis_StartInfo)

2007-03-31
 - Capture SMTP shutdown messages
 - Capture and report TEMPFAIL messages
 - Updated comments regarding IPv6 from Mark Martinec
 - Support for running in standalone mode (independent of logwatch)

2007-03-27
 - Revision 1.45  2007/03/27 01:09:48  mrc

2007-03-25
 - Handle multiple viruses in list in Malware by Scanner

2007-03-15
 - Handle multiple recipients in Release from quarantine
 - Swap From and To keys in Release from quarantine, to handle multiple
   recipients

2007-03-03
 - add inc_unmatched subroutine for easier debug of unmatched lines

2007-03-01
 - Fix problem in sort routine where IP addresses were being captured
   anywhere in an output line for comparison via pack 'C4' - only
   attempt IP comparison if an IP address is the start of an output line.

2007-02-27
 - Revision 1.44  2007/02/27 20:31:42  mrc
 - New section for Passed|Blocked UNCHECKED
 - Change summary output criteria to check for any non-zero Totals

2007-02-17
 - Revision 1.43  2007/02/17 18:43:39  mrc
 - Ensure no output occurs when nothing is captured
 - Sync up the shared routines with the postfix code
 - Made maximum report width configurable in amavis.conf
 - All lines in report now obey max report width
 - Warn about dccproc unable to open map error

2007-02-16
 - Revision 1.42  2007/02/16 06:21:20  mrc

2007-02-11
 - Capture and summarize Bad Address Syntax message
   (in postfix, can occur when strict_rfc821_envelopes is not set)

2007-02-08
 - Group similar BAD HEADER messages and remove From key

2007-02-07
 - Revision 1.41  2007/02/07 04:19:43  mrc

2007-02-05
 - Update IPv6 RE to accept amavis' "IPv6:" prefix
 - Liberalize several REs to better capture policy bank names
 - Ignore lines:
     "OS_fingerprint:"
     "run_as_subprocess: child process... "
     "Sophie broken pipe ..."
     "penpals: (bonus|prev Subject:|this Subject:"
     "virus_scan: \(bad jpeg: Invalid marker segm len"
 - Ignore lines from upcoming 2.5.0 version:
     "adding SA score \S+ to existing"
     "Turning AV infection into a spam report:"
 - Correct bad syntax of "$#{@$aref}" with "$#$aref"
 - Enable "use strict"
 - Declare global vars
 - Thanks: Mark Martinec

2007-02-02
 - Fixed Banned RE, which would fail to capture a banned filename
   that contained an right paren.

2007-02-02
 - Revision 1.40  2007/02/02 18:41:09  mrc

2007-02-01
 - Revision 1.39  2007/02/01 20:16:52  mrc
 - Removed inadvertent debug prints, and extra newline from timing reports.

2007-02-01
 - Revision 1.38  2007/02/01 19:58:50  mrc
 - Changed amavis timing report to display percentiles
   instead of mean.  Percentiles are user configurable.
   Suggested by: Mark Martinec

2007-02-01
 - Removed Min/Max columns, and replaced them instead
   by adding 0 and 100 percentiles to the default list.
 - Allow for multiple continuation lines
 - Fixed issue with unmatched lines that contain a %

2007-01-31
 - Revision 1.37  2007/01/31 06:38:43  mrc
 - Minor updates for amavis 2.4.5 log messages changes
 - Capture and summarize panic messages in new Panic section

2007-01-30
 - Revision 1.36  2007/01/31 02:50:15  mrc
 - Provide amavis timing report (detail >= 5)
 - Correctly capture amavis log continuation lines
 - Capture additional ClamAV warnings

2007-01-27
 - Revision 1.35  2007/01/27 20:29:21  mrc
 - Pin important errors to top of report
 - Handle IPv6 addresses
 - Thanks: Harald Geiger, Geert Janssens, Leon Kolchinsky, Mark Richards

2007-01-26
 - Add Recipient key in Malware Blocked section
 - Lowercase Recipient email addresses

2007-01-24
 - Added Malware by Scanner section

2007-01-23
 - Capture and summarize:
     All "(!+)..." debug lines, placed in warning section
     DSN Notification debug lines

2007-01-22
 - Capture and summarize:
     "(!)WARN: ..." lines
     "INFO: truncated N header line(s) longer than 998 characters"
 - Ignore "...email.txt no longer exists, can't re-use it" lines

2007-01-19
 - Use same tree-building and reporting code as postfix filter
 - Detailed summary lines are sorted first by count, then by IP and lexically
 - Provide ability to configure per section maximum detail
 - Added bytes scanned summary
 - Ignore additional log lines:
     "Waiting for the process [NNN] to terminate"
     "do_notify_and_quarantine: rec_ccat"
     "Valid PID file (younger than sys uptime ..."
     "Sending SIGxxx to amavisd"
     "Daemon [NNN] terminated by SIG..."
 - Capture and report on missed or ignored log lines
     additional "SA TIMED OUT" messages
     A/V timeouts
     encrypted archive members
    "logging initialized, log level N, syslog: amavis.mail"
 - Make "extra code modules loaded" report consistent with others
 - Spam discarded (not quarantined) percentage is now shown as
   percentage of Total scanned instead of Spam blocked

# old logwatch amavis CVS log

Revision 1.34  2006/11/12 18:39:34  bjorn
Change by MrC:
- Catches more amavis continuation lines
- Reports on mail released from quarantine via "amavisd-release"
- Reports supplemental minor bad headers available in amavisd 2.4.4+
- Suppresses empty detail lines in generic doReport routine

Revision 1.33  2006/10/16 22:19:05  mike
Amavis patch for protocols from Mike Cappella -mgt

Revision 1.32  2006/07/06 00:25:00  bjorn
Additional filtering and counting, by Geert Janssens

Revision 1.31  2006/06/29 16:02:05  bjorn
Corrected two previous log entries.

Revision 1.30  2006/06/27 15:17:53  bjorn
Improved parsing and counting from Geert Janssens.

Revision 1.29  2006/06/24 16:06:12  bjorn
Major rewrite from Mike Cappella.

Revision 1.28  2006/05/26 18:32:50  bjorn
Additional regexp adjustment, by 'Who Knows'.

Revision 1.27  2006/05/21 18:17:41  bjorn
Complies with recent amavis releases, by Who Knows.

Revision 1.26  2006/04/02 17:26:52  kirk
fixed spelling error

Revision 1.25  2006/01/29 23:52:53  bjorn
Print out virus names and sender, by Felix Schwarz.

Revision 1.24  2005/12/07 19:15:56  bjorn
Detect and count timeouts, by 'Who Knows'.

Revision 1.23  2005/11/30 05:34:10  bjorn
Corrected regexp with space, by Markus Lude.

Revision 1.22  2005/11/22 18:34:32  bjorn
Recognize 'Passed' bad headers, by "Who Knows".

Revision 1.21  2005/10/26 05:40:43  bjorn
Additional patches for amavisd-new, by Mike Cappella