security-scripts/mail/mailreport.sh
2013-06-04 15:54:38 +02:00

97 lines
3.9 KiB
Bash
Executable file

#!/bin/sh -
set -a
MAILTO=postmaster@commcare.ch
LOGS='/var/log/maillog*'
SECMAX=999
#############################################################################
# spamrep_today marquis@roble.com #
# $Id: spamrep_postfix_today,v 1.16 2001/10/25 16:16:30 marquis Exp marquis $
# Usage A: spamrep_today #
# (prints report to screen) #
# Usage B: spamrep_today mail #
# (mails report to $MAILTO, recommended for crontabs) #
#############################################################################
# Solaris needs /usr/ucb/mail for the -s flag
PATH=/usr/ucb:/bin:/usr/bin:/usr/sbin:/sbin
umask 077
#--------------------------------------------------------------------
if [ "$1" != "" ] && [ "$1" != mail ]; then
echo "USAGE: `basename $0` [mail]"
exit 1
fi
#------------------[ summary header ]--------------------------------
host="`/bin/hostname`.`/bin/dnsdomainname`"
LOGDATE="`date|cut -c5-10|sed 's/ /./g'`"
DAY="`date|awk '{print $1, $2, $3, $NF}'`"
TMP="/tmp/stats.$$"
trap "rm -f $TMP.spam $TMP.sum $TMP ; exit 1" 0 1 2 3 15
rm -f $TMP.spam $TMP.sum $TMP
echo "" >> $TMP.sum
echo "------- $host mailstats for $DAY -------" >> $TMP.sum
echo "" >> $TMP.sum
#--------------------------------------------------------------------
grep -ih "blocked.using" $LOGS | grep "$LOGDATE" > $TMP.spam
if [ -s $TMP.spam ]; then
SS="`wc -l $TMP.spam | awk '{print $1}'`"
echo "" >> $TMP
echo "------- $SS filtered by subscription -------" >> $TMP
echo " $SS filtered by subscription" >> $TMP.sum
echo "" >> $TMP
tail -${SECMAX} $TMP.spam >> $TMP
rm -f $TMP.spam
fi
#--------------------------------------------------------------------
grep -ih "access.denied" $LOGS | grep "$LOGDATE" | \
egrep -iv '(domain.not.found|service.unavailable|need.fully-qualified|sender.source.domain.mismatch)' > $TMP.spam
if [ -s $TMP.spam ]; then
SS="`wc -l $TMP.spam | awk '{print $1}'`"
echo "" >> $TMP
echo "------- $SS filtered by localhost -------" >> $TMP
echo " $SS filtered by localhost" >> $TMP.sum
echo "" >> $TMP
tail -${SECMAX} $TMP.spam >> $TMP
rm -f $TMP.spam
fi
#--------------------------------------------------------------------
egrep -ih "sender.source.domain.mismatch" $LOGS | grep "$LOGDATE" | \
egrep -iv '(domain.not.found|service.unavailable|need.fully-qualified|access.denied|blocked.using)' > $TMP.spam
if [ -s $TMP.spam ]; then
## per http://www.monkeys.com/anti-spam/filtering/additions.html
SS="`wc -l $TMP.spam | awk '{print $1}'`"
echo "" >> $TMP
echo "------- $SS dropped due to sender/source mismatch -------" >> $TMP
echo " $SS dropped due to sender/source mismatch" >> $TMP.sum
echo "" >> $TMP
tail -${SECMAX} $TMP.spam >> $TMP
rm -f $TMP.spam
fi
#--------------------------------------------------------------------
egrep -ih '(domain.not.found|service.unavailable|need.fully-qualified)' $LOGS | \
grep "$LOGDATE" | egrep -iv '(access.denied|blocked.using|sender.source.domain.mismatch)' > $TMP.spam
if [ -s $TMP.spam ]; then
SS="`wc -l $TMP.spam | awk '{print $1}'`"
echo "" >> $TMP
echo "------- $SS dropped for SMTP or DNS protocol reasons -------" >> $TMP
echo " $SS dropped for SMTP or DNS protocol reasons" >> $TMP.sum
echo "" >> $TMP
tail -${SECMAX} $TMP.spam >> $TMP
rm -f $TMP.spam
fi
#------------------[ finish header and view or mail ]----------------
echo "" >> $TMP
if [ '`grep -v ^$ "$TMP" 2>/dev/null`' = '' ]; then
rm -f $TMP $TMP.spam $TMP.sum
echo "ERROR: No data for $LOGDATE found in $LOGS ..."
exit 1
else
echo " (statistics may not be 100% accurate)" >> $TMP.sum
cat $TMP >> $TMP.sum
rm -f $TMP $TMP.spam
fi
if [ "$1" = "mail" ]; then
# ucb mail understands -s
mail -s "$host mailstats for $DAY" $MAILTO < $TMP.sum
else
more $TMP.sum
fi
rm -f $TMP $TMP.spam $TMP.sum