Tracking the wild mailscanner stats
Kevin Miller
Kevin_Miller at CI.JUNEAU.AK.US
Fri Aug 15 21:30:39 IST 2003
I've got my 2nd mailscanner box running, but have a couple of hopefully easy
questions regarding tracking stats. I installed David While's mailstat.pl
program (http://staff.cie.uce.ac.uk/~id001869/mailstats/) which seems to be
more or less working OK, but the graphs for messages, viruses, and spam are
solid blobs, rather than the spikes normally seen on an MRTG graph. The
server load has peaks and valleys like I'd expect. On the
http://mail.boys-brigade.org.uk/mrtg/ page which David points to as an
example of mailstats.pl in use, the graphs appear as I'd expect. (They also
have two graphs that didn't appear in my installation - maybe custom tweaks
on their part?).
It appears that my install is also accumulates the totals from day one.
Thus, I get a steadily rising level, rather than a snapshot of what's
happened in the last 10 minutes (which is how often cron runs). Has someone
else out there using the program run into these issues? I really like the
text stats: at a glance one can see what viruses have attemtped to come
through, where spam is coming from, last time the virus sig was updated etc.
I also have a logrotate question - slightly tangential to the purpose of the
list, but it *is* my mail log that I want to rotate. My current
/etc/logrotate.d/syslog is thus:
/var/log/mail /var/log/warn /var/log/messages /var/log/allmessages
/var/log/localmessages /var/log/firewall {
compress
dateext
maxage 365
rotate 99
missingok
notifempty
size +4096k
create 644 root root
sharedscripts
postrotate
/etc/init.d/syslog reload
endscript
}
I'm getting a zillion old /var/log/mail-2003MMDD.gz files. I believe I'll
get up to 99 with the log settings. So, what I think I want to do is this:
/var/log/mail {
compress
dateext
maxage 365
rotate 4
missingok
notifempty
size +4096k
create 644 root root
sharedscripts
}
/var/log/warn /var/log/messages /var/log/allmessages /var/log/localmessages
/var/log/firewall {
compress
dateext
maxage 365
rotate 99
missingok
notifempty
size +4096k
create 644 root root
sharedscripts
postrotate
/etc/init.d/syslog reload
endscript
}
The changes being, that I create a seperate stanza for /var/log/mail, set
the rotate to 4 weeks, and take out the postrotate command. I'm assuming
that the mail stanza will execute first, then the other, and the last thing
done will be to reload syslog. Is this in fact what will happen, or do I
want the postrotate lines in the /var/log/mail stanza too?
Thanks much...
...Kevin
-------------------
Kevin Miller Registered Linux User No: 307357
CBJ MIS Dept. Network Systems Administrator, Mail
Administrator
155 South Seward Street ph: (907) 586-0242
Juneau, Alaska 99801 fax: (907 586-4500
More information about the MailScanner
mailing list