cut off by spamhaus free use?

[Denis Beauchemin]

Jeff Mills a écrit :
>  
>   
>> If you can provide me with sample RBL blocks in Postfix, I'm 
>> sure I could make it work for you in no time.  Same for Exim 
>> if I get log entries.
>>
>> Denis
>>
>>     
>
> Debnis,
>
> Here are a couple of examples.
> If you need more, I can send.
>
>
> Dec  5 10:19:02 proxy2 postfix/smtpd[4526]: NOQUEUE: reject: RCPT from unknown[200.181.195.102]: 554 5.7.1 Service unavailable; Client host [200.181.195.102] blocked using cbl.abuseat.org; Blocked - see http://cbl.abuseat.org/lookup.cgi?ip=200.181.195.102; from=<najib.Lockerby at chatanet.co.uk> to=<user at mydomain.com> proto=ESMTP helo=<201-40-92-107.cscgo701.dsl.brasiltelecom.net.br>
>
> Dec  5 10:18:46 proxy2 postfix/smtpd[5730]: NOQUEUE: reject: RCPT from 201-42-168-44.dsl.telesp.net.br[201.42.168.44]: 554 5.7.1 Service unavailable; Client host [201.42.168.44] blocked using list.dsbl.org; http://dsbl.org/listing?201.42.168.44; from=<agent at hush.com> to=<user at mydomain.com> proto=SMTP helo=<201-42-168-44.dsl.telesp.net.br>
>   
Jeff,

The included version can catch your log lines AND my sendmail ones.

Denis

#!/bin/bash
#
# Script qui liste toutes les sources des RBL qui ont bloque au moins
# un message dans le fichier de log parcouru.
#
# DB

if [[ -n "$1" ]]; then
    file="$1"
else
    file="/var/log/maillog"
fi
if [[ $file == ${file%.gz} ]]; then
    cmd="cat $file"
else
    cmd="zcat $file"
fi
# Postfix: Client host [200.181.195.102] blocked using cbl.abuseat.org;
# Sendmail: reject=554
$cmd | LANG=C egrep "reject=554| blocked using " | perl -ne '
  $h{$1}++ if /found in (.*?)\s*$/;
  $h{$1}++ if /Client host .*? blocked using (.*?);/;
  END{
    for $i (sort keys %h){
        $t += $h{$i};
    }
    for $i (sort keys %h){
        printf "%25s : %6d (%3d %%)\n", $i, $h{$i}, $h{$i}*100/$t;
    }
    printf "%25s : %d\n", "*** Total blocked conns", $t;
  }'