My stat on a single server on 2006-01-27:
Run this command, you will get the count of the email filterred out:
grep -E 'is blocked|spam attack|dictionary attack|Hacked HELO|Forged HELO|Bad HELO|dsbl\.org|spamhaus\.org|ordb\.org|unknown user|If you meant to send this file|virus or other harmful|Spam score too high' /var/log/exim_mainlog | grep '2006-01-27' | wc -l
Change the date 2006-01-27 to the current date.
=======================
Total email filterred out: 23,872 emails
=======================
Spam mail blocked by manual blacklist sender at the SMTP time: 272
grep 'is blocked' /var/log/exim_mainlog | grep 'Sender' | grep '2006-01-27' | wc -l
Spam mail blocked by manual blacklist host address at the SMTP time: 0
grep 'is blocked' /var/log/exim_mainlog | grep 'Host' | grep '2006-01-27' | wc -l
Spam mail blocked by Auto black list SA high score at the SMTP time: 6,494
grep 'spam attack' /var/log/exim_mainlog | grep '2006-01-27' | wc -l
Spam mail blocked by Auto black list after dictionary attack the SMTP time: 343
grep 'dictionary attack' /var/log/exim_mainlog | grep '2006-01-27' | wc -l
Spam mail blocked by invalid HELO at the SMTP time: 4,137
grep -E 'Hacked HELO|Forged HELO|Bad HELO' /var/log/exim_mainlog | grep '2006-01-27' | wc -l
Spam mail blocked by RBL at the SMTP time: 3,036
grep -E 'dsbl\.org|spamhaus\.org|ordb\.org' /var/log/exim_mainlog | grep '2006-01-27' | wc -l
Spam mail blocked by setting default address to :fail: at the SMTP time: 2,395
grep 'unknown user' /var/log/exim_mainlog | grep '2006-01-27' | wc -l
Spam mail blocked by illegal File extension at the SMTP time: 532
grep 'If you meant to send this file' /var/log/exim_mainlog | grep '2006-01-27' | wc -l
Spam mail blocked by Virus scanner at the SMTP time: 909
grep 'virus or other harmful' /var/log/exim_mainlog | grep '2006-01-27' | wc -l
grep -E 'SPAM\.' /var/log/exim_mainlog | grep '2006-01-27' | wc -l
Spam mail blocked by SA at the SMTP time: 5,754 -121 = 5,633
grep -E 'Spam score too high' /var/log/exim_mainlog | grep '2006-01-27' | wc -l
minus with
grep 'discarded: Spam score' /var/log/exim_mainlog | grep '2006-01-27' | wc -l
Spam mail discared by SA high score (12-15) after recieve emai: 121
grep 'discarded: Spam score' /var/log/exim_mainlog | grep '2006-01-27' | wc -l
NOTE: My SA is running RAZOR, DCC, Pyzor, SARE, Custom SA rules, My own SURBL.
Feel free to post your stat here.
Full Version: 23,872 Spam Mail was filterred out on a server
I get ZERO on all those hits. Boy, really seems like you have serious spam issues. Alot of us have different wording in our logs and may not match yours therefore we will get Zero hits from our logs without some type of modification to those commands.
All of my servers have filterred spam email between 14,000 - 24,000 email / server /day.
Do you have configure your server using this instruction: http://www.rvskin.com/index.php?page=public/antispam.
The grep command also count the blocked email and only work on the server configure same as my instruction. If you have configured it your way, you may need to change the words in the grep command.
Do you have configure your server using this instruction: http://www.rvskin.com/index.php?page=public/antispam.
The grep command also count the blocked email and only work on the server configure same as my instruction. If you have configured it your way, you may need to change the words in the grep command.
aussie you might want to verify you logs path; mine is at exim/mainlog.
Mine are measly compared to your stats, pairote. I get about 4k-6k average per server; but I'm happy with that!
Now I need to subscribe to this thread to keep them in mind. Thanks for the contribution..
Mine are measly compared to your stats, pairote. I get about 4k-6k average per server; but I'm happy with that!
Now I need to subscribe to this thread to keep them in mind. Thanks for the contribution..
i'm filtering about 15,000 a day right now
what a nifty lititle grep, thanks!
what a nifty lititle grep, thanks!
QUOTE(pairote @ Jan 31 2006, 11:37 AM) 
My stat on a single server on 2006-01-27:
Run this command, you will get the count of the email filterred out:
grep -E 'is blocked|spam attack|dictionary attack|Hacked HELO|Forged HELO|Bad HELO|dsbl\.org|spamhaus\.org|ordb\.org|unknown user|If you meant to send this file|virus or other harmful|Spam score too high' /var/log/exim_mainlog | grep '2006-01-27' | wc -l
Run this command, you will get the count of the email filterred out:
grep -E 'is blocked|spam attack|dictionary attack|Hacked HELO|Forged HELO|Bad HELO|dsbl\.org|spamhaus\.org|ordb\.org|unknown user|If you meant to send this file|virus or other harmful|Spam score too high' /var/log/exim_mainlog | grep '2006-01-27' | wc -l
Hi pairote, I copy and paste this grep command, with today's date, and I don't get the output like in your example. I just returns a number like 7620, and then returns me to the prompt.
If I copy and past each individual grep command like in your output file it just returns a number for each one.
I do have your Server-Wide Spam and Virus Protection on the server. Could you tell me why I'm not getting the output?
thanks
Ivan
yeah, it returns only the number.
QUOTE(pairote @ May 19 2006, 12:27 PM)
yeah, it returns only the number.
Thanks pairote, sorry, I can't help it if I'm a little dense.
Ivan
Closed. Please check the newest thread hee.
http://forums.rvskin.com/index.php?showtopic=1308
http://forums.rvskin.com/index.php?showtopic=1308
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.