Chris, would you, by chance, share your modified scripts? I've been looking for a tool to test the effectiveness of rules since a long time ago, and your comment on the ability to test the effectiveness of RBLs has just stunned me... BTW, I'm no Perl guru, or anything close to that...
Thanks, Luix 2007/4/4, Chris St. Pierre <[EMAIL PROTECTED]>:
On Wed, 4 Apr 2007, maillist wrote: > I have seen a few people present, on this mail list, nicely detailed graphs, > that obviously were the result of some server output, but they focused on > email, mainly spam. I am interested in having the same. Does anyone have any > recommendations for a good package that can do this? > > All I currently use is logwatch. It's nice for my needs to administer, but > the boss would like to see something that he can understand without having to > do so much thinking. Maybe he wants to replace me with a bar-graph. IMO, more statistics == better. Your boss would probably agree. I use a heavily modified version of Mailgraph to get not just the stock mailgraph stuff, but a bunch of other data, including the effectiveness of our different RBLs, messages greylisted, etc. I also use a heavily modified version of sa-stats to figure out which of our rules are most effective, which hit the most spam/ham, etc. I've also written a custom log analyzer to get data from ClamAV on which viruses we're seeing the most, and a great big log analysis tool to generate tons and tons of email statistics. You can see sample output here: http://www.nebrwesleyan.edu/people/stpierre/spam-stats.html (Note the downtime that MX node experienced last week.) The code is pretty unpolished, and would really only be useful to someone with the same setup as us, but it gives you an idea of things you might look at graphing. The Perl is really pretty simple -- File::Tail, Parse::Syslog, and GD::Graph are your friend in this endeavor. I'd also recommend, if you end up writing your own tool, generating hard numbers as well as pretty graphs. You can put the graph showing the increase in spam|mail volume|whatever in your slideshow and mention the hard numbers in your presentation on why you need N more servers and X more sysadmins. Good luck! Chris St. Pierre Unix Systems Administrator Nebraska Wesleyan University ---------------------------- Never send mail to [EMAIL PROTECTED]
-- ------------------------------------------------- GNU-GPL: "May The Source Be With You... -------------------------------------------------
