if ( $line =~ /FOUND/ ) {
        ($loc, $vir) = ( split( / /, $line ) )[0, 1];
    }

##</code><code>##

#!/usr/bin/perl -W
#
# Descr: An amavis logfile/virusmail parser
# when using f-prot for linux, home edition or clamav
# should pretty easy to fix with others
#
# $Id: vircount v 0.02 2003/03/08 1:12:24 teabag Exp $

use strict;

# config
my $logfile  = "/var/amavis/amavis.log";
my $fprotdir = "/var/virusmails";
my $virprog  = "f-prot"; #or clamav
# end config

my ( @logbuffer, @logbuffer2, $loc, $vir, $file, $time, $month, $day, $date, $sserv2, $senderserv, $from, $to, $subject );
my $div = "-----------------------\n";

open( LOGFILE, "<$logfile" )
  || die "Error opening local log file: $!";
@logbuffer = <LOGFILE>;
close(LOGFILE) || die "Error closing local log file: $!";

foreach my $line (@logbuffer) {
    unless ( $line !~ /Infection:/ ) {
        $loc = ( split( / /, $line ) )[0];
        $vir = ( split( / /, $line ) )[3];
    }
    unless ( $line !~ /FOUND/) {
        $loc = ( split( / /, $line ) )[0];
        $vir = ( split( / /, $line ) )[1];
    }
    unless ( $line !~ /quarantined/ ) {
        $file  = ( split( / /, $line ) )[12];
        $time  = ( split( / /, $line ) )[3];
        $month = ( split( / /, $line ) )[0];
        $day   = ( split( / /, $line ) )[2];

        chomp( $time, $file, $loc, $vir, $month, $day );

        $date = "$day $month $time";
        print "At $date $virprog detected a virus\nfound in $loc\n";
        print "Name virus: $vir\nMessage saved as: $fprotdir/$file\n";
        &checkwhosi();
    }

}

    if ($vir eq "") {
        print "no viri received\n";
	exit;
    }


sub checkwhosi {
    open( VIRFILE, "<$fprotdir/$file" )
      || die "Error opening viral log file: $!";
    @logbuffer2 = <VIRFILE>;
    close(VIRFILE) || die "Error closing viral log file: $!";

    foreach my $line2 (@logbuffer2) {
        unless ( $line2 !~ /Received:/ ) {
            $senderserv = ( split( / /, $line2 ) )[2];
            $sserv2     = ( split( / /, $line2 ) )[3];
            $sserv2 =~ s/\[//;
            $sserv2 =~ s/\]//;
            $sserv2 =~ s/\(//;
            chomp( $senderserv, $sserv2 );
        }

        if ( $line2 =~ m/From:/ ) {
            $from = ( split( / /, $line2 ) )[1];
        }

        if ( $line2 =~ m/To:/ ) {
            $to = ( split( / /, $line2 ) )[1];
        }
        if ( $line2 =~ m/Subject:/ ) {
            $subject = ( split( / /, $line2 ) )[1];
        }
    }

            chomp( $from, $to, $subject );
            print "to: $to\nfrom: $from\nsubject: $subject\n";
            print "Virus Mailserver: $senderserv\nipadres server: $sserv2\n";
            print $div;

}