Matthias Šubik, 10.11.2006 10:42: > granted, and I would like to have the possibility to run such a > setup, but I would like to hear more about your experience in > statistics of spam, how did you generate this graph (http:// > www.tyldum.com/spam-year.png) you mentioned earlier? > > thanks for bringing more light into the spam-statistics corner if > possible ...
Quite simple, but can also be CPU-intensitive the way I do it. I'm basicly just grep'ing the logfiles for INFECTED and SPAM that amavisd-new tags. A shellscript returns those values and MRTG picks them up. If TSL upgrades amavisd-new this could be done a bit better by having amavisd-new log this to seperate files and just count lines instead of grep'ing. Maybe even the sql.backend can be analyzed and used, I haven't had the need to look into that. Shellscript: ************************************** #!/bin/sh TYPE=$1 if [ "$TYPE" = "virii" ]; then OUTDATA=`/bin/egrep -c Passed\|Blocked /var/log/mail/notice` INDATA=`/bin/egrep -c "Blocked INFECTED" /var/log/mail/notice` fi if [ "$TYPE" = "spam" ]; then OUTDATA=`/bin/egrep -c Passed\|Blocked /var/log/mail/notice` INDATA=`/bin/egrep -c "Blocked SPAM" /var/log/mail/notice` fi echo $INDATA echo $OUTDATA echo `uptime | cut -d',' -f1,2` echo $TYPE ******************************************************* MRTG-configs: Target[virii]: `/etc/mrtg/system.sh virii` Title[virii]: Mailborne virii PageTop[virii]: <h1>Mailborne virii</h1> YLegend[virii]: Mail per hour ShortLegend[virii]: mails LegendI[virii]: infected LegendO[virii]: incoming Options[virii]: nopercent,growright,nobanner,nolegend,noinfo,integer,perhour Target[spam]: `/etc/mrtg/system.sh spam` Title[spam]: Mailborne spam PageTop[spam]: <h1>Mailborne spam</h1> YLegend[spam]: Mail per hour ShortLegend[spam]: mails LegendI[spam]: spam LegendO[spam]: incoming Options[spam]: nopercent,growright,nobanner,nolegend,noinfo,integer,perhour Been forever since I made this, and I think the MRT-options need tweaking to reflect the correct numbers, but the ratio is correct. _______________________________________________ tsl-discuss mailing list [email protected] http://lists.trustix.org/mailman/listinfo/tsl-discuss
