MRTG

Mike Kercher mike at CAMAROSS.NET
Mon Sep 30 22:55:38 IST 2002 

I found one problem:  The process changed from 'mailscanner' to
'MailScanner', so now my spams are being picked up.  Viruses are not
however.  One thing I noticed in grepping the log is that Viruses that
are detected are being listed twice:

[root at redline bin]# cat /var/log/maillog |grep ">>> Virus"
Sep 30 11:10:39 redline MailScanner[18225]: >>> Virus 'W32/Klez-H' found
in file ./g8UGAXv19493/install.exe
Sep 30 11:10:42 redline MailScanner[18225]: >>> Virus 'W32/Klez-H' found
in file ./g8UGAXv19493/install.exe
Sep 30 14:21:15 redline MailScanner[18225]: >>> Virus 'W32/Bugbear-A'
found in file ./g8UJLBv25275/BIRTHDAYS.xls.exe
Sep 30 14:21:18 redline MailScanner[18225]: >>> Virus 'W32/Bugbear-A'
found in file ./g8UJLBv25275/BIRTHDAYS.xls.exe
Sep 30 16:17:15 redline MailScanner[28976]: >>> Virus 'W32/Klez-H' found
in file ./g8ULH5v28971/CAYRKX0V.scr
Sep 30 16:17:17 redline MailScanner[28976]: >>> Virus 'W32/Klez-H' found
in file ./g8ULH5v28971/CAYRKX0V.scr

Will that not throw the count off by a multiple of 2?

Mike


-----Original Message-----
From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK] On
Behalf Of Mike Kercher
Sent: Monday, September 30, 2002 4:39 PM
To: MAILSCANNER at JISCMAIL.AC.UK
Subject: Re: MRTG


Hrm...that doesn't seem to be working for me...

    chomp;
    if (/sendmail/) {
      $TotalMails += $1 if /nrcpts=(\d+),/;
      next;
    }
    if (/mailscanner/) {
      $TotalViruses += $1 if />>> Virus/i;
      $TotalSpam++        if /actions are deliver/i;
    }
  }
  close LOG;
}

Does that look like what you have?

Mike


-----Original Message-----
From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK] On
Behalf Of Rose, Bobby
Sent: Monday, September 30, 2002 4:24 PM
To: MAILSCANNER at JISCMAIL.AC.UK
Subject: Re: MRTG


The logging has changed so you need to change string used to the regex
the sendmail.logs.pl script. I'm currently using

/actions are deliver/I for Spam and  />>> Virus/I for Viruses.  So far
that seems to be correct.

-----Original Message-----
From: Mike Kercher [mailto:mike at CAMAROSS.NET]
Sent: Monday, September 30, 2002 5:06 PM
To: MAILSCANNER at JISCMAIL.AC.UK
Subject: Re: MRTG


They used to be before I upgraded to 4.00  When I have some time, I'll
try to figure out why it's not working anymore.

Mike


-----Original Message-----
From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK] On
Behalf Of Matt
Sent: Monday, September 30, 2002 3:59 PM
To: MAILSCANNER at JISCMAIL.AC.UK
Subject: Re: MRTG


> I have it running at http://bladeware.com/  I haven't tweaked it since

> moving to v4.00 so for some reason, my Spam and Virus stats are out of

> date.  The mail is working though :)

I think it would be neat to have the SPAM and virus stats in the same
graph. Kind of like a T1 is graphed with upstream in one color and
downstream in another.

Matt

More information about the MailScanner mailing list