Changes

Jump to navigation Jump to search
108 bytes added ,  15:30, 10 May 2019
→‎Display messages that would have been blocked via DNSBL: - modify to include remote IP and prevent line breaks for multiple A results
Line 260: Line 260:     
You can use the output to decide if the new DNSBL service is appropriate for your users, or if it is too aggressive.
 
You can use the output to decide if the new DNSBL service is appropriate for your users, or if it is too aggressive.
  <nowiki>if [ -z $DAYS ]; then DAYS=1; fi; \
+
  <nowiki>f [ -z $DAYS ]; then DAYS=1; fi; \
 
if [ -z $TESTBL ]; then TESTBL=zen.spamhaus.org; fi; \
 
if [ -z $TESTBL ]; then TESTBL=zen.spamhaus.org; fi; \
 
echo -n "Days of logfiles to scan [$DAYS]: "; read NEWDAYS; \
 
echo -n "Days of logfiles to scan [$DAYS]: "; read NEWDAYS; \
Line 266: Line 266:  
if [ $NEWDAYS ]; then DAYS=$NEWDAYS; fi; \
 
if [ $NEWDAYS ]; then DAYS=$NEWDAYS; fi; \
 
if [ $NEWTESTBL ]; then TESTBL=$NEWTESTBL; fi; \
 
if [ $NEWTESTBL ]; then TESTBL=$NEWTESTBL; fi; \
grep -h logging::logterse  \
+
grep -h logging::logterse  $(find /var/log/qpsmtpd /var/log/sqpsmtpd -ctime -$DAYS -name "@*" -o -name current) \
$(find /var/log/qpsmtpd /var/log/sqpsmtpd -ctime -$DAYS -name "@*" -o -name current) \
   
|grep -v dnsbl.903 \
 
|grep -v dnsbl.903 \
 
|tai64nlocal \
 
|tai64nlocal \
|awk -v DNSBL=$TESTBL -F"\t" '{split($1,intro," "); intro[6] == "`" ? split(intro[7],ip,".") : split(intro[8],ip,"."); split($9,hits," "); split( intro[2],time,"."); \
+
|awk -v DNSBL=$TESTBL -F"\t" '{split($1,intro," "); \
print "echo -ne \"" intro[1] " " time[1] "\t" $6 "\t" (hits[2]) \
+
intro[6] == "`" ? split(intro[7],ip,".") : split(intro[8],ip,"."); split($9,hits," "); \
"\tFrom: " gensub("[<>]","","g",$4) \
+
split( intro[2],time,"."); \
"\tTo: " gensub("[<>]","","g",$5) \
+
print \
"\tA: `dig +short " ip[4] "." ip[3] "." ip[2] "." ip[1] "." DNSBL \
+
  "echo -ne \"" intro[1] " " time[1] \
"`\tTXT: \" ; echo -e \"`dig +short txt " ip[4] "." ip[3] "." ip[2] "." ip[1] "." DNSBL "`\""}' |bash | grep 127\.0</nowiki>
+
  "\t" $6 \
 +
  "\t" ip[1] "." ip[2] "." ip[3] "." ip[4] \
 +
  "\t" (hits[2]) \
 +
  "\tFrom: " gensub("[<>]","","g",$4) \
 +
  "\tTo: " gensub("[<>]","","g",$5) \
 +
  "\tA: `dig +short " ip[4] "." ip[3] "." ip[2] "." ip[1] "." DNSBL " |tr \"\n\" \",\" |sed \"s/,$//\" `"\
 +
  "\tTXT: \" ; echo -e \"`dig +short txt " ip[4] "." ip[3] "." ip[2] "." ip[1] "." DNSBL "`\""}'\
 +
|bash\
 +
|grep 127\.0</nowiki>
    
===List Recent Emails with sending IP===
 
===List Recent Emails with sending IP===

Navigation menu