Mailscanner statistics
Kelly Hamlin
fizz at BOMB.NET
Thu Jul 18 14:48:00 IST 2002
Ok, I think I figured out half of whats wronge.. I forgot to change that
sweep function in sweep.pl.
Also, is there more then one line for sophos scan, I added this.
$Virus{$1}++ if /Virus (\S+) found in file/;
but my output still isn't totally right, but I think its because I need
to wait for the output from AFTER I made that change to sweep.pl
//////
( o o )
+--.oooO--(_)--Oooo.-----------------+
| [Kelly Hamlin]
| support at cyberstreet.com
| http://www.cyberstreet.com
| .oooO
| ( ) Oooo.
+--- (----( )----------------------------+
\_) ) /
(_/
-----Original Message-----
From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK] On
Behalf Of Joris Trooster / Interstroom
Sent: Thursday, July 18, 2002 8:14 AM
To: MAILSCANNER at JISCMAIL.AC.UK
Subject: Mailscanner statistics
Hello,
I changed the script from Peter Peters (thanks!), to include virus
statistics. Example output:
mailscannerstats.pl /var/log/mail.log
------------------------------------------------
Virus / spam statistics
Period Jul 14 06:48:23 -> Jul 18 13:50:03
Total e-mails scanned : 1132
Total bytes scanned : 12230878
Total seconds : 96
Total virusses detected : 82
Total spams tagged : 91
Timespan (seconds) : 370900
Total SpamAssassin : 79
Total SpamAssassin score : 1003
Total Infinite-Monkeys : 3
Total Osirusoft : 13
Total ORDB-RBL : 7
Total WIREHUB-DNSBL : 2
Viruses found (top 10):
Exploit-MIME.gen.b.: 23
W32/Klez.h at MM: 21
W32/Yaha.g at MM: 10
goldfish.mp3.scr: 5
VALUE.pif: 2
TYPE.pif: 2
Ilvd.scr: 1
NAME.bat: 1
new.bat: 1
align.scr: 1
------------------------------------------------
To have the virus information included you need add a few lines to
sweep.pl as explained in the file (attachment). The script only extracts
information from the mailscanner log, so the script should work with
both exim and sendmail.
Regards,
Joris
More information about the MailScanner
mailing list