Небольшой скрипт на тему отчетов об активности спамеров. Полезно для отладки антиспама и просто для повседневного использования. Нуждается в заточке под каждый конкретный почтовый сервер!
#!/bin/csh # # # no spam in the game echo "__BEGIN__" echo echo "***********Spam Report**********" echo foreach str ( `/usr/bin/gzcat /var/log/maillog.0.gz |/usr/bin/grep "result: Y" | /usr/bin/cut -f2 -d'<' | /usr/bin/cut -f1 -d'@'` ) foreach str1 (`/usr/bin/gzcat /var/log/maillog.0.gz |/usr/bin/grep $str |/usr/bin/grep -e "cleanup"|/usr/bin/cut -f4 -d':'| /usr/bin/sort | /usr/bin/uniq`) /usr/bin/gzcat /var/log/maillog.0.gz |/usr/bin/grep $str1 | /usr/bin/grep "client="| /usr/bin/grep -v localhost |/usr/bin/cut -f2 -d'='| /usr/bin/sort | /usr/ bin/uniq -c end end echo echo "*********Spam activity**********" echo /usr/bin/gzcat /var/log/maillog.0.gz |/usr/bin/grep "result: Y" | /usr/bin/wc -l echo echo "***Unknown hostname rejects*****" echo /usr/bin/gzcat /var/log/maillog.0.gz | /usr/bin/grep "cannot find your reverse hostname" | /usr/bin/awk '{print $21,$22,$23}' | /usr/bin/sort | /usr/bin/uniq -c echo echo "*******Helo rejects report******" echo /usr/bin/gzcat /var/log/maillog.0.gz | /usr/bin/grep "Dont play" | /usr/bin/grep -o -i "from .*\[.*\]" | /usr/bin/awk '{print $2}'|/usr/bin/sort|/usr/bin/uniq -c echo echo "*****Delayed delivery report****" echo /usr/bin/gzcat /var/log/maillog.0.gz |/usr/bin/grep "delayed" echo echo "******Greylisting report********" echo /usr/bin/gzcat /var/log/maillog.0.gz | /usr/bin/grep NOQUEUE | /usr/bin/grep "Temporary_not_available" | /usr/bin/awk '{print $18,$19}' echo echo "**********RBL Blocks************" /usr/bin/gzcat /var/log/maillog.0.gz |/usr/bin/grep "we dont need a spam" | /usr/bin/awk '{print $23,$24}' echo echo "__End__"