in reply to Strange Behavior while Parsing Sendmail logs

I ran your regex over my sendmail logs and it behaved pretty much as expected. The only lines it missed were emails directed at multiple recipients, like so:

Jul 19 02:43:29 zoom1 sendmail[26193]: CAA26174: to=<>,<>,<>, ctladdr=<XXX@TelePath.Com> (13408/40), delay=00:01:14, xdelay=00:00:01, mailer=esmtp, [], stat=Sent (OK)

Modifying the regex a bit cleared that up and I didn't get any more anomalous behavior. Here's the test code I used:

#!/usr/bin/perl while (<STDIN>) { # Only match lines that have a " to=" in them. # The leading space is important because many # lines have a "proto=" if (/ to=/) { #($to_addr = $_) =~ s/.* to=([^,]+), .*/$1/; ($to_addr = $_) =~ s/.* to=(.+?), .*/$1/; print "$to_addr"; } }