Jyri Hovila wrote: > Howdy! > > SpamGuardian is a Perl program that watches Qmail-Scanner's syslog > output. It maintains a table of hosts responsible for sending in spam > messages. It does simple trend analysis on this data, sending alerts > and/or running custom scripts when a) a new spamhost is detected or b) > any single spamhost shows significant activity.
Hello, Can this software be easily adapted to perform trend analysis for incoming viruses? I don't run spam assassin on my servers, but I do run virus scanners, and a few months ago I asked the list if anyone knew of a program that could analyze qmail-scanner's syslog and automatically add an IP address to /etc/tcp.smtp if that IP sends over x number of viruses through the mail server in y amount of time. I'd like to find a way to do this because I've frequently noticed that the vast majority of my daily viruses come from one or two DSL or Cable dialup IPs, and usually they arrive in a 30 minute or 1 hour burst. It would be great if I could just block such IPs in /etc/tcp.smtp after the first 5 or 10 viruses. Can SpamGuardian be easily adapted to do this? Thanks! -- Jesse Guardiani, Systems Administrator WingNET Internet Services, P.O. Box 2605 // Cleveland, TN 37320-2605 423-559-LINK (v) 423-559-5145 (f) http://www.wingnet.net ------------------------------------------------------- This SF.Net email is sponsored by OSTG. Have you noticed the changes on Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now, one more big change to announce. We are now OSTG- Open Source Technology Group. Come see the changes on the new OSTG site. www.ostg.com _______________________________________________ Qmail-scanner-general mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
