###
# Logging format
##################
  
  # rcpt
  Dec  2 20:40:05 localhost policyd: rcpt=8712, greylist=update, host=192.168.0.2
    (localhost), from=cami@mweb.co.za, to=camis@mweb.co.za

  rcpt is the number of times that Postfix has connected to policyd and issued
  a valid Policy Daemon service request.

  # throttling
  throttle=new          <- first mail from a sender
  throttle=update       <- update mail quota
  throttle=abuse        <- user limit has been reached
  throttle=clear        <- user time has expired

  # greylisting
  greylist=new          <- 1st attempt to delivery mail to a user
  greylist=new_train    <- 1st attempt to delivery mail to a user (training mode)
  greylist=update       <- 2nd or more mail delivery attempts
  greylist=update_train <- 2nd or more mail delivery attempts (training mode)
  greylist=awl          <- autowhitelist enabled & triggered
  greylist=abl          <- autoblacklist enabled & triggered
  greylist=pass         <- mysql has failed, but failover mode is enabled
  greylist=fail         <- mysql has failed, failover mode is disabled
  greylist=abuse        <- 2 or more mail delivery attempts within defined
                           TRIPLET_TIME (policyd.conf) 5 minutes of first attempt
  Example:
   Dec  2 20:40:05 localhost policyd: greylist=update, host=192.168.0.2
     (localhost), from=cami@mweb.co.za, to=camis@mweb.co.za 

  # spamtrap / other
  type=spamtrap         <- delivery attempt to a spamtrap address
  type=whitelist        <- whitelisted host/netblock
  type=blacklist        <- blacklisted host/netblock
  type=blacklist_helo   <- host caught using forged HELO

  # failures  
  whitelist=pass        <- failed in whitelist module.
  blacklist=pass        <- failed in whitelist module.