23,872 Spam Mail was filterred out on a server, How well the solution protect yours |
  |
 Jan 31 2006, 11:37 AM
Post
#1
|
|
|
Administrator  Group: Admin Posts: 4,252 Joined: 13-June 03 Member No.: 1  |
My stat on a single server on 2006-01-27:
Run this command, you will get the count of the email filterred out: grep -E 'is blocked|spam attack|dictionary attack|Hacked HELO|Forged HELO|Bad HELO|dsbl\.org|spamhaus\.org|ordb\.org|unknown user|If you meant to send this file|virus or other harmful|Spam score too high' /var/log/exim_mainlog | grep '2006-01-27' | wc -l Change the date 2006-01-27 to the current date. ======================= Total email filterred out: 23,872 emails ======================= Spam mail blocked by manual blacklist sender at the SMTP time: 272 grep 'is blocked' /var/log/exim_mainlog | grep 'Sender' | grep '2006-01-27' | wc -l Spam mail blocked by manual blacklist host address at the SMTP time: 0 grep 'is blocked' /var/log/exim_mainlog | grep 'Host' | grep '2006-01-27' | wc -l Spam mail blocked by Auto black list SA high score at the SMTP time: 6,494 grep 'spam attack' /var/log/exim_mainlog | grep '2006-01-27' | wc -l Spam mail blocked by Auto black list after dictionary attack the SMTP time: 343 grep 'dictionary attack' /var/log/exim_mainlog | grep '2006-01-27' | wc -l Spam mail blocked by invalid HELO at the SMTP time: 4,137 grep -E 'Hacked HELO|Forged HELO|Bad HELO' /var/log/exim_mainlog | grep '2006-01-27' | wc -l Spam mail blocked by RBL at the SMTP time: 3,036 grep -E 'dsbl\.org|spamhaus\.org|ordb\.org' /var/log/exim_mainlog | grep '2006-01-27' | wc -l Spam mail blocked by setting default address to :fail: at the SMTP time: 2,395 grep 'unknown user' /var/log/exim_mainlog | grep '2006-01-27' | wc -l Spam mail blocked by illegal File extension at the SMTP time: 532 grep 'If you meant to send this file' /var/log/exim_mainlog | grep '2006-01-27' | wc -l Spam mail blocked by Virus scanner at the SMTP time: 909 grep 'virus or other harmful' /var/log/exim_mainlog | grep '2006-01-27' | wc -l grep -E 'SPAM\.' /var/log/exim_mainlog | grep '2006-01-27' | wc -l Spam mail blocked by SA at the SMTP time: 5,754 -121 = 5,633 grep -E 'Spam score too high' /var/log/exim_mainlog | grep '2006-01-27' | wc -l minus with grep 'discarded: Spam score' /var/log/exim_mainlog | grep '2006-01-27' | wc -l Spam mail discared by SA high score (12-15) after recieve emai: 121 grep 'discarded: Spam score' /var/log/exim_mainlog | grep '2006-01-27' | wc -l NOTE: My SA is running RAZOR, DCC, Pyzor, SARE, Custom SA rules, My own SURBL. Feel free to post your stat here. |
 |
 
|
|
Feb 1 2006, 12:18 AM
Post
#2
|
|
|
Advanced Member Group: Members Posts: 88 Joined: 20-November 03 Member No.: 61 |
I get ZERO on all those hits. Boy, really seems like you have serious spam issues. Alot of us have different wording in our logs and may not match yours therefore we will get Zero hits from our logs without some type of modification to those commands.
|
|
|
|
|
Feb 1 2006, 12:23 AM
Post
#3
|
|
|
Administrator Group: Admin Posts: 4,252 Joined: 13-June 03 Member No.: 1 |
All of my servers have filterred spam email between 14,000 - 24,000 email / server /day.
Do you have configure your server using this instruction: http://www.rvskin.com/index.php?page=public/antispam. The grep command also count the blocked email and only work on the server configure same as my instruction. If you have configured it your way, you may need to change the words in the grep command. |
|
|
|
|
Feb 1 2006, 01:49 AM
Post
#4
|
|
|
Advanced Member Group: Members Posts: 147 Joined: 4-February 04 Member No.: 116 |
aussie you might want to verify you logs path; mine is at exim/mainlog.
Mine are measly compared to your stats, pairote. I get about 4k-6k average per server; but I'm happy with that!  Now I need to subscribe to this thread to keep them in mind. Thanks for the contribution.. -------------------- ProficientHost
http://www.proficienthost.com Delivering Quality Hosting & Design Services |
|
|
|
|
Feb 16 2006, 10:49 PM
Post
#5
|
|
|
Member Group: Members Posts: 13 Joined: 14-February 06 Member No.: 892 |
i'm filtering about 15,000 a day right now
what a nifty lititle grep, thanks! |
|
|
|
|
May 19 2006, 03:04 AM
Post
#6
|
|
|
Member Group: Members Posts: 14 Joined: 27-September 05 Member No.: 716 |
QUOTE(pairote @ Jan 31 2006, 11:37 AM)  My stat on a single server on 2006-01-27: Run this command, you will get the count of the email filterred out: grep -E 'is blocked|spam attack|dictionary attack|Hacked HELO|Forged HELO|Bad HELO|dsbl\.org|spamhaus\.org|ordb\.org|unknown user|If you meant to send this file|virus or other harmful|Spam score too high' /var/log/exim_mainlog | grep '2006-01-27' | wc -l Hi pairote, I copy and paste this grep command, with today's date, and I don't get the output like in your example. I just returns a number like 7620, and then returns me to the prompt. If I copy and past each individual grep command like in your output file it just returns a number for each one. I do have your Server-Wide Spam and Virus Protection on the server. Could you tell me why I'm not getting the output? thanks Ivan |
|
|
|
|
May 19 2006, 12:27 PM
Post
#7
|
|
|
Administrator Group: Admin Posts: 4,252 Joined: 13-June 03 Member No.: 1 |
yeah, it returns only the number.
|
|
|
|
|
May 20 2006, 05:52 AM
Post
#8
|
|
|
Member Group: Members Posts: 14 Joined: 27-September 05 Member No.: 716 |
QUOTE(pairote @ May 19 2006, 12:27 PM) yeah, it returns only the number. Thanks pairote, sorry, I can't help it if I'm a little dense.  Ivan |
|
|
|
|
May 30 2006, 05:57 PM
Post
#9
|
|
|
Administrator Group: Admin Posts: 4,252 Joined: 13-June 03 Member No.: 1 |
Closed. Please check the newest thread hee.
http://forums.rvskin.com/index.php?showtopic=1308 |
|
|
|
|
| Lo-Fi Version | Time is now: 3rd September 2010 - 01:04 AM |