WARNING: Ignoring deprecated option --unzip

[Steve Freegard]

Simon Jones wrote:
> does anyone know a king kong ding-a-ling command to show if some pesky
> spammer has hooked on to the system and is pumping masses of mail at
> it?  I can see lots of connections on 25 from random IP's but I'd
> expect this netstat -an shows me this, I could perhaps use something
> to narrow it down a little or even show high traffic from a particular
> IP etc... not sure, I don't think my config is bad, it just seems the
> systems are working really hard to keep up with the flow of junk.

Run the following SQL against your MailWatch database:

SELECT clientip, COUNT(*) AS count, SUM(IF isspam>0 THEN 1 ELSE 0 END)
AS spam FROM maillog WHERE date=CURRENT_DATE() GROUP BY clientip ORDER
BY count DESC LIMIT 50;

Will give you the Top 50 connecting IP addresses by the number of
messages and will also show you a number of spam messages from the host
as well.

As for diagnosing the 'slowness' of your machine - I would suggest that
you restart MailScanner with the 'Log Speed = yes' option set; then run:

tail /var/log/maillog | grep 'Batch .* processed in'

Then paste the last 10 results here.

Regards,
Steve.