Небольшой скрипт на тему отчетов об активности спамеров. Полезно для отладки антиспама и просто для повседневного использования. Нуждается в заточке под каждый конкретный почтовый сервер!
#!/bin/csh
#
#
# no spam in the game
echo "__BEGIN__"
echo
echo "***********Spam Report**********"
echo
foreach str ( `/usr/bin/gzcat /var/log/maillog.0.gz |/usr/bin/grep "result: Y" | /usr/bin/cut -f2 -d'<' | /usr/bin/cut -f1 -d'@'` )
foreach str1 (`/usr/bin/gzcat /var/log/maillog.0.gz |/usr/bin/grep $str |/usr/bin/grep -e "cleanup"|/usr/bin/cut -f4 -d':'| /usr/bin/sort | /usr/bin/uniq`)
/usr/bin/gzcat /var/log/maillog.0.gz |/usr/bin/grep $str1 | /usr/bin/grep "client="| /usr/bin/grep -v localhost |/usr/bin/cut -f2 -d'='| /usr/bin/sort | /usr/
bin/uniq -c
end
end
echo
echo "*********Spam activity**********"
echo
/usr/bin/gzcat /var/log/maillog.0.gz |/usr/bin/grep "result: Y" | /usr/bin/wc -l
echo
echo "***Unknown hostname rejects*****"
echo
/usr/bin/gzcat /var/log/maillog.0.gz | /usr/bin/grep "cannot find your reverse hostname" | /usr/bin/awk '{print $21,$22,$23}' | /usr/bin/sort | /usr/bin/uniq
-c
echo
echo "*******Helo rejects report******"
echo
/usr/bin/gzcat /var/log/maillog.0.gz | /usr/bin/grep "Dont play" | /usr/bin/grep -o -i "from .*\[.*\]" | /usr/bin/awk '{print $2}'|/usr/bin/sort|/usr/bin/uniq
-c
echo
echo "*****Delayed delivery report****"
echo
/usr/bin/gzcat /var/log/maillog.0.gz |/usr/bin/grep "delayed"
echo
echo "******Greylisting report********"
echo
/usr/bin/gzcat /var/log/maillog.0.gz | /usr/bin/grep NOQUEUE | /usr/bin/grep "Temporary_not_available" | /usr/bin/awk '{print $18,$19}'
echo
echo "**********RBL Blocks************"
/usr/bin/gzcat /var/log/maillog.0.gz |/usr/bin/grep "we dont need a spam" | /usr/bin/awk '{print $23,$24}'
echo
echo "__End__"
Powered by WackoWiki R4.2