copy of rejected mail from blacklist ?
Andre Addicks
is there a possibility that I can get a copy of the mail, in a local mailbox,
from all the mail that has been rejected by a blacklist (RSS, RBL or DUL) ?
I somehow want to track the number of real spam messages coming from sites
which are on the blacklists.
BTW I'm using sendmail 8.9.0.
grtx
Andre Addicks
Claus Assmann
> is there a possibility that I can get a copy of the mail, in a local mailbox,
> from all the mail that has been rejected by a blacklist (RSS, RBL or DUL) ?
> I somehow want to track the number of real spam messages coming from sites
> which are on the blacklists.
Do you want a copy or do you want to count them?
Counting is easy: just see your logfile (grep check_relay .. | wc).
--
If you feel the urgent wish to send me a courtesy copy of a Usenet
posting, then make sure it's recognizable as such!
RHS Linux User
errors you might want to look at the following perl script. Sorry about
the lack of comments, and sloppy coding.
--Larry
Claus Assmann (ca+se...@mine.informatik.uni-kiel.de) wrote:
: Andre Addicks wrote:
: > is there a possibility that I can get a copy of the mail, in a local mailbox,
: > from all the mail that has been rejected by a blacklist (RSS, RBL or DUL) ?
: > I somehow want to track the number of real spam messages coming from sites
: > which are on the blacklists.
: Do you want a copy or do you want to count them?
: Counting is easy: just see your logfile (grep check_relay .. | wc).
#!/usr/bin/perl
$LOGFILE="/var/log/maillog";
@REJECT=("Sender domain must exist", "Sender domain must resolve", "Relaying denied", "we do not relay", "Domain name required", "Cheeseburger, Cheeseburger, Pepsi... No Spam!", "http://www.mail-abuse.org/rss/", "http://maps.vix.com/dul/",
"http://maps.vix.com/rbl/");
$REJECTNO=scalar(@REJECT);
open(INFILE, $LOGFILE) or die "Can't open log file.\n";
while(<INFILE>) {
$LINE=$_;
if ( $LINE =~ /reject=/ ) {
$COUNT++;
for ($LOOP=0 ; $LOOP < $REJECTNO ; $LOOP++) {
if ( $LINE =~ $REJECT[$LOOP]) {
$TOTAL[$LOOP]++;
}
}
}
}
close(INFILE);
print "\n -------- Rejected mail totals --------\n\n";
for ($LOOP=0; $LOOP < $REJECTNO; $LOOP++) {
if ($TOTAL[$LOOP] > 0) {
printf ("%-46s%s%4d\n", $REJECT[$LOOP], " -- ", $TOTAL[$LOOP]);
}
$ADD+=$TOTAL[$LOOP];
$UNKNOWN=$COUNT-$ADD;
}
print "\nTotal rejects = $COUNT\n";
print "Total unknown = $UNKNOWN\n";
Andre Addicks
ca+se...@mine.informatik.uni-kiel.de says...
>
>Andre Addicks wrote:
>
>> is there a possibility that I can get a copy of the mail, in a local
mailbox,
>> from all the mail that has been rejected by a blacklist (RSS, RBL or DUL) ?
>> I somehow want to track the number of real spam messages coming from sites
>> which are on the blacklists.
>
>
>Do you want a copy or do you want to count them?
>Counting is easy: just see your logfile (grep check_relay .. | wc).
I want a copy of the mail. Counting the number of rejects is easy, I already
have a awk script that does that.
What I want is to calculate the percentage of real spam in relation to the
total number of rejects.
grtx
Andre Addicks
Claus Assmann
[Please DON'T send me a copy of postings!]
> I want a copy of the mail. Counting the number of rejects is easy, I already
> have a awk script that does that.
Two possibilities:
1. disable the check in sendmail, use procmail to do this.
2. use sendmail 8.10: its new features allow you to do this.
Check the RBL: if it matches: set a macro.
During delivery (LOCAL_RULESET_0): check the macro:
if it is set: change the recipient.
Easy, isn't it? 8.10 makes it possible...