security-scripts/mail/mailreport.sh

#!/bin/sh -
set -a
MAILTO=postmaster@commcare.ch
LOGS='/var/log/maillog*'
SECMAX=999
#############################################################################
#               spamrep_today                marquis@roble.com              #
# $Id: spamrep_postfix_today,v 1.16 2001/10/25 16:16:30 marquis Exp marquis $
# Usage A: spamrep_today                                                    #
#          (prints report to screen)                                        #
# Usage B: spamrep_today mail                                               #
#          (mails report to $MAILTO, recommended for crontabs)              #
#############################################################################
# Solaris needs /usr/ucb/mail for the -s flag
PATH=/usr/ucb:/bin:/usr/bin:/usr/sbin:/sbin
umask 077
#--------------------------------------------------------------------
if [ "$1" != "" ] && [ "$1" != mail ]; then
	echo "USAGE: `basename $0` [mail]"
	exit 1
fi
#------------------[ summary header ]--------------------------------
host="`/bin/hostname`.`/bin/dnsdomainname`"
LOGDATE="`date|cut -c5-10|sed 's/ /./g'`"
DAY="`date|awk '{print $1, $2, $3, $NF}'`"
TMP="/tmp/stats.$$"
trap "rm -f $TMP.spam $TMP.sum $TMP ; exit 1" 0 1 2 3 15
rm -f $TMP.spam $TMP.sum $TMP
echo "" >> $TMP.sum
echo "------- $host mailstats for $DAY -------" >> $TMP.sum
echo "" >> $TMP.sum
#--------------------------------------------------------------------
grep -ih "blocked.using" $LOGS | grep "$LOGDATE" > $TMP.spam
if [ -s $TMP.spam ]; then
	SS="`wc -l $TMP.spam | awk '{print $1}'`"
	echo "" >> $TMP
	echo "------- $SS filtered by subscription -------" >> $TMP
	echo "        $SS filtered by subscription" >> $TMP.sum
	echo "" >> $TMP
	tail -${SECMAX} $TMP.spam >> $TMP
	rm -f $TMP.spam
fi
#--------------------------------------------------------------------
grep -ih "access.denied" $LOGS | grep "$LOGDATE" | \
 egrep -iv '(domain.not.found|service.unavailable|need.fully-qualified|sender.source.domain.mismatch)' > $TMP.spam
if [ -s $TMP.spam ]; then
	SS="`wc -l $TMP.spam | awk '{print $1}'`"
	echo "" >> $TMP
	echo "------- $SS filtered by localhost -------" >> $TMP
	echo "        $SS filtered by localhost" >> $TMP.sum
	echo "" >> $TMP
	tail -${SECMAX} $TMP.spam >> $TMP
	rm -f $TMP.spam
fi
#--------------------------------------------------------------------
egrep -ih "sender.source.domain.mismatch" $LOGS | grep "$LOGDATE" | \
 egrep -iv '(domain.not.found|service.unavailable|need.fully-qualified|access.denied|blocked.using)' > $TMP.spam
if [ -s $TMP.spam ]; then
	## per http://www.monkeys.com/anti-spam/filtering/additions.html
SS="`wc -l $TMP.spam | awk '{print $1}'`"
	echo "" >> $TMP
	echo "------- $SS dropped due to sender/source mismatch -------" >> $TMP
	echo "        $SS dropped due to sender/source mismatch" >> $TMP.sum
	echo "" >> $TMP
	tail -${SECMAX} $TMP.spam >> $TMP
	rm -f $TMP.spam
fi
#--------------------------------------------------------------------
egrep -ih '(domain.not.found|service.unavailable|need.fully-qualified)' $LOGS | \
 grep "$LOGDATE" | egrep -iv '(access.denied|blocked.using|sender.source.domain.mismatch)' > $TMP.spam
if [ -s $TMP.spam ]; then
	SS="`wc -l $TMP.spam | awk '{print $1}'`"
	echo "" >> $TMP
	echo "------- $SS dropped for SMTP or DNS protocol reasons -------" >> $TMP
	echo "        $SS dropped for SMTP or DNS protocol reasons" >> $TMP.sum
	echo "" >> $TMP
	tail -${SECMAX} $TMP.spam >> $TMP
	rm -f $TMP.spam
fi
#------------------[ finish header and view or mail ]----------------
echo "" >> $TMP
if [ '`grep -v ^$ "$TMP" 2>/dev/null`' = '' ]; then
	rm -f $TMP $TMP.spam $TMP.sum
	echo "ERROR: No data for $LOGDATE found in $LOGS ..."
	exit 1
else
	echo "        (statistics may not be 100% accurate)" >> $TMP.sum
	cat $TMP >> $TMP.sum
	rm -f $TMP $TMP.spam
fi
if [ "$1" = "mail" ]; then
	# ucb mail understands -s
	mail -s "$host mailstats for $DAY" $MAILTO < $TMP.sum
else
	more $TMP.sum
fi
rm -f $TMP $TMP.spam $TMP.sum