1 |
diff -up smeserver-mailstats-1.0/root/usr/bin/spamfilter-stats-7.pl.628 smeserver-mailstats-1.0/root/usr/bin/spamfilter-stats-7.pl |
2 |
--- smeserver-mailstats-1.0/root/usr/bin/spamfilter-stats-7.pl.628 2016-04-10 13:15:15.814000000 -0400 |
3 |
+++ smeserver-mailstats-1.0/root/usr/bin/spamfilter-stats-7.pl 2016-04-10 13:16:35.427000000 -0400 |
4 |
@@ -16,6 +16,8 @@ |
5 |
# - correct Spamfilter details extract, as per Bug 8656 |
6 |
# - Add analysis table of Geoip results |
7 |
# bjr - 19Jun15 - Add totals for the League tables |
8 |
+# bjr and Unnilennium - 08Apr16 - Add in else for unrecognised plugin detection |
9 |
+# bjr - 08Apr16 - Add in link for SaneSecurity "extra" virus detection |
10 |
# |
11 |
############################################################################# |
12 |
# |
13 |
@@ -71,7 +73,7 @@ if ($cdb->get('mailstats')){ |
14 |
|
15 |
#Configuration section |
16 |
my %opt = ( |
17 |
- version => '0.6.28', # please update at each change. |
18 |
+ version => '0.6.29', # please update at each change. |
19 |
debug => 0, # guess what ? |
20 |
sendmail => '/usr/sbin/sendmail', # Path to sendmail stub |
21 |
from => 'spamfilter-stats', # Who is the mail from |
22 |
@@ -119,6 +121,7 @@ my %found_viruses = (); |
23 |
my %found_qpcodes = (); |
24 |
my %found_SARules = (); |
25 |
my %junkcount = (); |
26 |
+my %unrecog_plugin = (); |
27 |
|
28 |
# replaced by... |
29 |
my %counts = (); #Hold all counts in 2-D matrix |
30 |
@@ -445,59 +448,59 @@ LINE: while (<>) { |
31 |
|
32 |
if ($log_items[5] eq 'check_earlytalker') {$MiscDenyCount++;$counts{$abshour}{$CATNONCONF}++;mark_domain_rejected($proc);next LINE} |
33 |
|
34 |
- if ($log_items[5] eq 'check_relay') { $MiscDenyCount++;$counts{$abshour}{$CATNONCONF}++;mark_domain_rejected($proc);next LINE} |
35 |
+ elsif ($log_items[5] eq 'check_relay') { $MiscDenyCount++;$counts{$abshour}{$CATNONCONF}++;mark_domain_rejected($proc);next LINE} |
36 |
|
37 |
- if ($log_items[5] eq 'check_norelay') { $MiscDenyCount++;$counts{$abshour}{$CATNONCONF}++;mark_domain_rejected($proc);next LINE} |
38 |
+ elsif ($log_items[5] eq 'check_norelay') { $MiscDenyCount++;$counts{$abshour}{$CATNONCONF}++;mark_domain_rejected($proc);next LINE} |
39 |
|
40 |
- if ($log_items[5] eq 'require_resolvable_fromhost') { $MiscDenyCount++;$counts{$abshour}{$CATNONCONF}++;mark_domain_rejected($proc);next LINE} |
41 |
+ elsif ($log_items[5] eq 'require_resolvable_fromhost') { $MiscDenyCount++;$counts{$abshour}{$CATNONCONF}++;mark_domain_rejected($proc);next LINE} |
42 |
|
43 |
- if ($log_items[5] eq 'check_basicheaders') { $MiscDenyCount++;$counts{$abshour}{$CATNONCONF}++;mark_domain_rejected($proc);next LINE} |
44 |
+ elsif ($log_items[5] eq 'check_basicheaders') { $MiscDenyCount++;$counts{$abshour}{$CATNONCONF}++;mark_domain_rejected($proc);next LINE} |
45 |
|
46 |
- if ($log_items[5] eq 'rhsbl') { $RBLcount++;$counts{$abshour}{$CATRBLDNS}++;mark_domain_rejected($proc);next LINE} |
47 |
+ elsif ($log_items[5] eq 'rhsbl') { $RBLcount++;$counts{$abshour}{$CATRBLDNS}++;mark_domain_rejected($proc);next LINE} |
48 |
|
49 |
- if ($log_items[5] eq 'dnsbl') { $RBLcount++;$counts{$abshour}{$CATRBLDNS}++;mark_domain_rejected($proc);next LINE} |
50 |
+ elsif ($log_items[5] eq 'dnsbl') { $RBLcount++;$counts{$abshour}{$CATRBLDNS}++;mark_domain_rejected($proc);next LINE} |
51 |
|
52 |
- if ($log_items[5] eq 'check_badmailfrom') { $MiscDenyCount++;$counts{$abshour}{$CATNONCONF}++;mark_domain_rejected($proc);next LINE} |
53 |
+ elsif ($log_items[5] eq 'check_badmailfrom') { $MiscDenyCount++;$counts{$abshour}{$CATNONCONF}++;mark_domain_rejected($proc);next LINE} |
54 |
|
55 |
- if ($log_items[5] eq 'check_badrcptto_patterns') { $MiscDenyCount++;$counts{$abshour}{$CATNONCONF}++;mark_domain_rejected($proc);next LINE} |
56 |
+ elsif ($log_items[5] eq 'check_badrcptto_patterns') { $MiscDenyCount++;$counts{$abshour}{$CATNONCONF}++;mark_domain_rejected($proc);next LINE} |
57 |
|
58 |
- if ($log_items[5] eq 'check_badrcptto') { $MiscDenyCount++;$counts{$abshour}{$CATNONCONF}++;mark_domain_rejected($proc);next LINE} |
59 |
+ elsif ($log_items[5] eq 'check_badrcptto') { $MiscDenyCount++;$counts{$abshour}{$CATNONCONF}++;mark_domain_rejected($proc);next LINE} |
60 |
|
61 |
- if ($log_items[5] eq 'check_spamhelo') { $MiscDenyCount++;$counts{$abshour}{$CATNONCONF}++;mark_domain_rejected($proc);next LINE} |
62 |
+ elsif ($log_items[5] eq 'check_spamhelo') { $MiscDenyCount++;$counts{$abshour}{$CATNONCONF}++;mark_domain_rejected($proc);next LINE} |
63 |
|
64 |
- if ($log_items[5] eq 'check_goodrcptto extn') { $MiscDenyCount++;$counts{$abshour}{$CATNONCONF}++;mark_domain_rejected($proc);next LINE} |
65 |
+ elsif ($log_items[5] eq 'check_goodrcptto extn') { $MiscDenyCount++;$counts{$abshour}{$CATNONCONF}++;mark_domain_rejected($proc);next LINE} |
66 |
|
67 |
- if ($log_items[5] eq 'rcpt_ok') { $MiscDenyCount++;$counts{$abshour}{$CATNONCONF}++;mark_domain_rejected($proc);next LINE} |
68 |
+ elsif ($log_items[5] eq 'rcpt_ok') { $MiscDenyCount++;$counts{$abshour}{$CATNONCONF}++;mark_domain_rejected($proc);next LINE} |
69 |
|
70 |
- if ($log_items[5] eq 'pattern_filter') { $PatternFilterCount++;$counts{$abshour}{$CATEXECUT}++;mark_domain_rejected($proc);next LINE} |
71 |
+ elsif ($log_items[5] eq 'pattern_filter') { $PatternFilterCount++;$counts{$abshour}{$CATEXECUT}++;mark_domain_rejected($proc);next LINE} |
72 |
|
73 |
- if ($log_items[5] eq 'virus::pattern_filter') { $PatternFilterCount++;$counts{$abshour}{$CATEXECUT}++;mark_domain_rejected($proc);next LINE} |
74 |
+ elsif ($log_items[5] eq 'virus::pattern_filter') { $PatternFilterCount++;$counts{$abshour}{$CATEXECUT}++;mark_domain_rejected($proc);next LINE} |
75 |
|
76 |
- if ($log_items[5] eq 'check_goodrcptto') {$MiscDenyCount++;$counts{$abshour}{$CATNONCONF}++;mark_domain_rejected($proc);next LINE} |
77 |
+ elsif ($log_items[5] eq 'check_goodrcptto') {$MiscDenyCount++;$counts{$abshour}{$CATNONCONF}++;mark_domain_rejected($proc);next LINE} |
78 |
|
79 |
- if ($log_items[5] eq 'check_smtp_forward') {$MiscDenyCount++;$counts{$abshour}{$CATNONCONF}++;mark_domain_rejected($proc);next LINE} |
80 |
+ elsif ($log_items[5] eq 'check_smtp_forward') {$MiscDenyCount++;$counts{$abshour}{$CATNONCONF}++;mark_domain_rejected($proc);next LINE} |
81 |
|
82 |
- if ($log_items[5] eq 'count_unrecognized_commands') {$MiscDenyCount++;$counts{$abshour}{$CATNONCONF}++;mark_domain_rejected($proc);next LINE} |
83 |
+ elsif ($log_items[5] eq 'count_unrecognized_commands') {$MiscDenyCount++;$counts{$abshour}{$CATNONCONF}++;mark_domain_rejected($proc);next LINE} |
84 |
|
85 |
- if ($log_items[5] eq 'check_badcountries') {$MiscDenyCount++;$counts{$abshour}{$CATBADCOUNTRIES}++;mark_domain_rejected($proc);next LINE} |
86 |
+ elsif ($log_items[5] eq 'check_badcountries') {$MiscDenyCount++;$counts{$abshour}{$CATBADCOUNTRIES}++;mark_domain_rejected($proc);next LINE} |
87 |
|
88 |
- if ($log_items[5] eq 'tnef2mime') { next LINE} #Not expecting this one. |
89 |
+ elsif ($log_items[5] eq 'tnef2mime') { next LINE} #Not expecting this one. |
90 |
|
91 |
- if ($log_items[5] eq 'spamassassin') { $above15++;$counts{$abshour}{$CATSPAMDEL}++; |
92 |
+ elsif ($log_items[5] eq 'spamassassin') { $above15++;$counts{$abshour}{$CATSPAMDEL}++; |
93 |
# and extract the spam score |
94 |
if ($log_items[8] =~ "Yes, hits=(.*) required=([0-9\.]+)") {$rejectspamavg += $1} |
95 |
mark_domain_rejected($proc); |
96 |
next LINE |
97 |
} |
98 |
|
99 |
- if ($log_items[5] eq 'virus::clamav') { $infectedcount++;$counts{$abshour}{$CATVIRUS}++; |
100 |
+ elsif ($log_items[5] eq 'virus::clamav') { $infectedcount++;$counts{$abshour}{$CATVIRUS}++; |
101 |
#extract the virus name |
102 |
if ($log_items[7] =~ "Virus Found: (.*)" ) {$found_viruses{$1}++;} |
103 |
mark_domain_rejected($proc); |
104 |
next LINE |
105 |
} |
106 |
|
107 |
- if ($log_items[5] eq 'queued') { $Accepttotal++; |
108 |
+ elsif ($log_items[5] eq 'queued') { $Accepttotal++; |
109 |
#extract the spam score |
110 |
if ($log_items[8] =~ ".*hits=(.*) required=([0-9\.]+)") { |
111 |
$score = $1; |
112 |
@@ -516,13 +519,17 @@ LINE: while (<>) { |
113 |
} |
114 |
|
115 |
|
116 |
- if ($log_items[5] eq 'tls') {$MiscDenyCount++;$counts{$abshour}{$CATNONCONF}++;mark_domain_rejected($proc);next LINE} |
117 |
+ elsif ($log_items[5] eq 'tls') {$MiscDenyCount++;$counts{$abshour}{$CATNONCONF}++;mark_domain_rejected($proc);next LINE} |
118 |
|
119 |
- if ($log_items[5] eq 'auth::auth_cvm_unix_local') {$MiscDenyCount++;$counts{$abshour}{$CATNONCONF}++;mark_domain_rejected($proc);next LINE} |
120 |
+ elsif ($log_items[5] eq 'auth::auth_cvm_unix_local') {$MiscDenyCount++;$counts{$abshour}{$CATNONCONF}++;mark_domain_rejected($proc);next LINE} |
121 |
|
122 |
+ #Treat it as Unconf if not recognised |
123 |
+ else {$MiscDenyCount++;$counts{$abshour}{$CATNONCONF}++;mark_domain_rejected($proc);$unrecog_plugin{$log_items[5]}++;next LINE} |
124 |
|
125 |
+/* |
126 |
print "Unexpected failure string in log file: ".$log_items[5]."\n"; #Not detected |
127 |
next LINE |
128 |
+*/ |
129 |
|
130 |
} |
131 |
|
132 |
@@ -757,8 +764,16 @@ if ( !$disabled ) { |
133 |
|
134 |
if ($finaldisplay[$BadCountryCateg]){ |
135 |
$BadCountries = $cdb->get('qpsmtpd')->prop('BadCountries') || "*none*"; |
136 |
- print "*Geoip\.*:Bad Countries mask is:".$BadCountries."\n"; |
137 |
+ print "*Geoip\.*:Bad Countries mask is:".$BadCountries."\n"; |
138 |
} |
139 |
+ |
140 |
+ if (scalar keys %unrecog_plugin > 0){ |
141 |
+ #Show unrecog plugins found |
142 |
+ print "*Unrecognised plugins found - categorised as Non-Conf\n"; |
143 |
+ foreach my $unrec (keys %unrecog_plugin){ |
144 |
+ print "\t$unrec\t($unrecog_plugin{$unrec})\n"; |
145 |
+ } |
146 |
+ } |
147 |
|
148 |
if ($QueryNoLogTerse) { |
149 |
print "* - as no records where found, it looks as though you may not have the *logterse* \nplugin running as part of qpsmtpd \n"; |
150 |
@@ -1014,13 +1029,18 @@ sub show_virus_variants |
151 |
{ |
152 |
|
153 |
print("Virus Statistics by name:\n"); |
154 |
- print("---------------------------------------------\n"); |
155 |
+ print("------------------------------------------------------------------------\n"); |
156 |
foreach my $virus (sort { $found_viruses{$b} <=> $found_viruses{$a} } |
157 |
keys %found_viruses) |
158 |
{ |
159 |
- print "Rejected $found_viruses{$virus}\t$virus\n"; |
160 |
+ if (index($virus,"Sanesecurity")!=-1){ |
161 |
+ print "Rejected $found_viruses{$virus}\thttp://sane.mxuptime.com/s.aspx?id=$virus\n"; |
162 |
+ } else { |
163 |
+ print "Rejected $found_viruses{$virus}\t$virus\n"; |
164 |
+ } |
165 |
+ |
166 |
} |
167 |
- print("---------------------------------------------\n\n"); |
168 |
+ print("------------------------------------------------------------------------\n\n"); |
169 |
} |
170 |
|
171 |
sub show_qpsmtpd_codes |