/plugins/mail/spamdyke - Annoter - Munin contributed plugins - Koumbit's Redmine

e5fccd49

Sebastien Guilbaud

#!/bin/bash

2

3

# Plugin to monitor spamdyke

4

5

#    Spamdyke logs expected to be inside /var/log/mail.info

6

#    logtail must be installed

7

#    Plugin state stored in /var/lib/munin/plugin-state

8

#      (statedir as defined in munin debian packages)

9

10

#    You may override spamdyke logfile in plugin-conf.d/munin-node, and

11

#    give the user/group with enough rights to read your logs (group

12

#    adm on stock debian works fine)

13

14

#    [spamdyke]

15

#    env.logfile /var/log/maillog

16

#    group adm

# Parameters understood:

21

22

# 	config   (required)

23

# 	autoconf (optional)

24

25

26

mktempfile () {

27

mktemp -t

28

29

30

MAIL_LOG=${logfile:-/var/log/mail.info}

31

LOGTAIL=${logtail:-`which logtail`}

32

STATEFILE=/var/lib/munin/plugin-state/spamdyke.offset

33

34

if [ "$1" = "autoconf" ]; then

35

        if [ -f "${MAIL_LOG}" -a -n "${LOGTAIL}" -a -x "${LOGTAIL}" ] ; then

36

		echo yes

37

		exit 0

38

	else

39

		echo no

40

		exit 1

41

fi

42

fi

43

44

if [ "$1" = "config" ]; then

45

	echo 'graph_title spamdyke filtering'

46

	echo 'graph_category mail'

47

	echo 'graph_vlabel Count'

48

	echo 'graph_args --base 1000 -l 0'

49

	echo 'graph_total total'

50

51

	echo 'allowed.label ALLOWED'

52

	echo 'allowed.info The message passed all filters. qmail may still bounce the message for other reasons, however. '

53

	echo 'allowed.min 1'

54

	echo 'allowedauthenticated.label ALLOWED_AUTHENTICATED'

55

	echo 'allowedauthenticated.info The remote client successfully authenticated using SMTP AUTH with spamdyke. If qmail is patched to provide SMTP AUTH, this code will never be used '

56

	echo 'allowedauthenticated.min 1'

57

	echo 'allowedtls.label ALLOWED_TLS'

58

	echo 'allowedtls.info The remote client successfully started a TLS session with spamdyke '

59

	echo 'allowedtls.min 1'

60

	echo 'timeout.label TIMEOUT'

61

	echo 'timeout.info The connection timed out, either in total time ("connection-timeout-secs") or idle time ("idle-timeout-secs"). If the connection was already being blocked for another reason, the code for that error is given as REALCODE '

62

	echo 'timeout.min 1'

63

	echo 'deniedtoomanyrecipients.label DENIED_TOO_MANY_RECIPIENTS'

64

	echo 'deniedtoomanyrecipients.info The recipient was blocked because the limit ("max-recipients") was reached for this connection. The SMTP connection continues after this error occurs'

65

	echo 'deniedtoomanyrecipients.min 1'

66

	echo 'deniedunqualifiedrecipient.label DENIED_UNQUALIFIED_RECIPIENT'

67

	echo 'deniedunqualifiedrecipient.info The recipient was blocked because the address had no domain name. The SMTP connection continues after this error occurs'

68

	echo 'deniedunqualifiedrecipient.min 1'

69

	echo 'deniedgraylisted.label DENIED_GRAYLISTED'

70

	echo 'deniedgraylisted.info  recipient was blocked because the sender/recipient combination was graylisted '

71

	echo 'deniedgraylisted.min 1'

72

	echo 'deniedrdnsmissing.label DENIED_RDNS_MISSING'

73

	echo 'deniedrdnsmissing.info The connection was blocked because the remote server has no rDNS name at all'

74

	echo 'deniedrdnsmissing.min 1'

75

	echo 'deniedrdnsresolve.label DENIED_RDNS_RESOLVE'

76

	echo 'deniedrdnsresolve.info The connection was blocked because the remote servers rDNS name does not resolve '

77

	echo 'deniedrdnsresolve.min 1'

78

	echo 'deniedipinccrdns.label DENIED_IP_IN_CC_RDNS'

79

	echo 'deniedipinccrdns.info The connection was blocked because the remote servers IP address was found in the remote servers rDNS name _and_ the remote servers rDNS name ends in a country code ("reject-ip-in-cc-rdns"). '

80

	echo 'deniedipinccrdns.min 1'

81

	echo 'deniedipinrdns.label DENIED_IP_IN_RDNS'

82

	echo 'deniedipinrdns.info The connection was blocked because the remote servers IP address was found in the remote servers rDNS name _and_ a prohibited keyword was found in the remote servers rDNS name ("ip-in-rdns-keyword-file"). '

83

	echo 'deniedipinrdns.min 1'

84

	echo 'deniedearlytalker.label DENIED_EARLYTALKER'

85

	echo 'deniedearlytalker.info The connection was blocked because the remote server began sending data before the SMTP greeting was issued ("greeting-delay-secs"). '

86

	echo 'deniedearlytalker.min 1'

87

	echo 'deniedblacklistname.label DENIED_BLACKLIST_NAME'

88

	echo 'deniedblacklistname.info The connection was blocked because the base domain of the remote servers rDNS name is blacklisted ("rdns-blacklist-file" or "rdns-blacklist-dir"). '

89

	echo 'deniedblacklistname.min 1'

90

	echo 'deniedblacklistip.label DENIED_BLACKLIST_IP'

91

	echo 'deniedblacklistip.info The connection was blocked because the remote servers IP address is blacklisted ("ip-blacklist-file"). '

92

	echo 'deniedblacklistip.min 1'

93

	echo 'deniedsenderblacklisted.label DENIED_SENDER_BLACKLISTED'

94

	echo 'deniedsenderblacklisted.info The connection was blocked because the senders email address is blacklisted ("sender-blacklist-file"). '

95

	echo 'deniedsenderblacklisted.min 1'

96

	echo 'deniedrecipientblacklisted.label DENIED_RECIPIENT_BLACKLISTED'

97

	echo 'deniedrecipientblacklisted.info The recipient was blocked because the recipient email address is blacklisted ("recipient-blacklist-file"). '

98

	echo 'deniedrecipientblacklisted.min 1'

99

	echo 'deniedrblmatch.label DENIED_RBL_MATCH'

100

	echo 'deniedrblmatch.info The connection was blocked because the remote servers IP address was found on a DNS RBL ("check-dnsrbl"). '

101

	echo 'deniedrblmatch.min 1'

102

	echo 'deniedrhsblmatch.label DENIED_RHSBL_MATCH'

103

	echo 'deniedrhsblmatch.info The connection was blocked because the remote servers reverse DNS name was found on a righthand-side DNS blacklist (RHSBL) OR the connection was blocked because the senders domain name was found on a righthand-side DNS blacklist (RHSBL). '

104

	echo 'deniedrhsblmatch.min 1'

105

	echo 'deniedsendernomx.label DENIED_SENDER_NO_MX'

106

	echo 'deniedsendernomx.info The connection was blocked because the senders domain has no mail exchanger, making the sender address invalid'

107

	echo 'deniedsendernomx.min 1'

108

	echo 'deniedccessdenied.label DENIED_ACCESS_DENIED'

109

	echo 'deniedaccessdenied.info The connection was blocked because the remote servers IP address or rDNS name was found in the access file with a "deny" command ("access-file"). '

110

	echo 'deniedccessdenied.min 1'

111

	echo 'deniedrelaying.label DENIED_RELAYING'

112

	echo 'deniedrelaying.info The recipient was blocked because the recipients domain is not locally hosted ("local-domains-file") and the remote server is not allowed to relay ("access-file"). '

113

	echo 'deniedrelaying.min 1'

114

	echo 'deniedother.label DENIED_OTHER'

115

	echo 'deniedother.info The connection was rejected by qmail (or another downstream filter), not spamdyke. '

116

	echo 'deniedother.min 1'

117

	echo 'failedauth.label FAILED_AUTH'

118

	echo 'failedauth.info The remote server attempted to authenticate but the given username and/or password were incorrect ("smtp-auth-command" or "smtp-auth-command-encryption"). '

119

	echo 'failedauth.min 1'

120

	echo 'unknownauth.label UNKNOWN_AUTH'

121

	echo 'unknownauth.info The remote server requested an authentication method spamdyke doesnt support. This shouldnt happen. '

122

	echo 'unknownauth.min 1'

123

	echo 'failedtls.label FAILED_TLS'

124

	echo 'failedtls.info The remote client attempted to start a TLS session but SSL negotiation failed.'

125

	echo 'failedtls.min 1'

126

        exit 0

127

fi

128

129

allowed=u

130

allowedauthenticated=u

131

allowedtls=u

132

timeout=u

133

deniedtoomanyrecipients=U

134

deniedunqualifiedrecipient=U

135

deniedgraylisted=U

136

deniedrdnsmissing=U

137

deniedrdnsresolve=U

138

deniedipinccrdns=U

139

deniedipinrdns=U

140

deniedearlytalker=U

141

deniedblacklistname=U

142

deniedblacklistip=U

143

deniedsenderblacklisted=U

144

deniedrecipientblacklisted=U

145

deniedrblmatch=U

146

deniedrhsblmatch=U

147

deniedsendernomx=U

148

deniedccessdenied=U

149

deniedrelaying=U

150

deniedother=U

151

failedauth=U

152

unknownauth=U

153

failedtls=U

154

155

TEMP_FILE=`mktempfile munin.spamdyke.XXXXXX`

156

157

if [ -n "$TEMP_FILE" -a -f "$TEMP_FILE" ]

158

then

159

	$LOGTAIL ${MAIL_LOG} $STATEFILE | grep "spamdyke\[.*\]:" > ${TEMP_FILE}

160

161

	allowed=`grep 'spamdyke\[[0-9\]*]: ALLOWED'  ${TEMP_FILE} | wc -l`

162

	allowedauthenticated=`grep 'spamdyke\[[0-9]*\]: ALLOWED_AUTHENTICATED'  ${TEMP_FILE} | wc -l`

163

	allowedtls=`grep 'spamdyke\[[0-9]\]: ALLOWED_TLS'  ${TEMP_FILE} | wc -l`

164

	timeout=`grep 'spamdyke\[[0-9]*\]: TIMEOUT'  ${TEMP_FILE} | wc -l`

165

	deniedtoomanyrecipients=`grep 'spamdyke\[[0-9]*\]: DENIED_TOO_MANY_RECIPIENTS' ${TEMP_FILE} | wc -l`

166

	deniedunqualifiedrecipient=`grep 'spamdyke\[[0-9]*\]: DENIED_UNQUALIFIED_RECIPIENT' ${TEMP_FILE} | wc -l`

167

	deniedgraylisted=`grep 'spamdyke\[[0-9]*\]: DENIED_GRAYLISTED' ${TEMP_FILE} | wc -l`

168

	deniedrdnsmissing=`grep 'spamdyke\[[0-9]*\]: DENIED_RDNS_MISSING' ${TEMP_FILE} | wc -l`

169

	deniedrdnsresolve=`grep 'spamdyke\[[0-9]*\]: DENIED_RDNS_RESOLVE' ${TEMP_FILE} | wc -l`

170

	deniedipinccrdns=`grep 'spamdyke\[[0-9]*\]: DENIED_IP_IN_CC_RDNS' ${TEMP_FILE} | wc -l`

171

	deniedipinrdns=`grep 'spamdyke\[[0-9]*\]: DENIED_IP_IN_RDNS' ${TEMP_FILE} | wc -l`

172

	deniedearlytalker=`grep 'spamdyke\[[0-9]*\]: DENIED_EARLYTALKER' ${TEMP_FILE} | wc -l`

173

	deniedblacklistname=`grep 'spamdyke\[[0-9]*\]: DENIED_BLACKLIST_NAME' ${TEMP_FILE} | wc -l`

174

	deniedblacklistip=`grep 'spamdyke\[[0-9]*\]: DENIED_BLACKLIST_IP' ${TEMP_FILE} | wc -l`

175

	deniedsenderblacklisted=`grep 'spamdyke\[[0-9]*\]: DENIED_SENDER_BLACKLISTED' ${TEMP_FILE} | wc -l`

176

	deniedrecipientblacklisted=`grep 'spamdyke\[[0-9]*\]: DENIED_RECIPIENT_BLACKLISTED' ${TEMP_FILE} | wc -l`

177

	deniedrblmatch=`grep 'spamdyke\[[0-9]*\]: DENIED_RBL_MATCH' ${TEMP_FILE} | wc -l`

178

	deniedrhsblmatch=`grep 'spamdyke\[[0-9]*\]: DENIED_RHSBL_MATCH' ${TEMP_FILE} | wc -l`

179

	deniedsendernomx=`grep 'spamdyke\[[0-9]*\]: DENIED_SENDER_NO_MX' ${TEMP_FILE} | wc -l`

180

	deniedccessdenied=`grep 'spamdyke\[[0-9]*\]: DENIED_ACCESS_DENIED' ${TEMP_FILE} | wc -l`

181

	deniedrelaying=`grep 'spamdyke\[[0-9]*\]: DENIED_RELAYING' ${TEMP_FILE} | wc -l`

182

	deniedother=`grep 'spamdyke\[[0-9]*\]: DENIED_OTHER' ${TEMP_FILE} | wc -l`

183

	failedauth=`grep 'spamdyke\[[0-9]*\]: FAILED_AUTH' ${TEMP_FILE} | wc -l`

184

	unknownauth=`grep 'spamdyke\[[0-9]*\]: UNKNOWN_AUTH' ${TEMP_FILE} | wc -l`

185

	failedtls=`grep 'spamdyke\[[0-9]*\]: FAILED_TLS' ${TEMP_FILE} | wc -l`

186

187

	/bin/rm -f $TEMP_FILE

188

fi

189

190

echo "allowed.value ${allowed}"

191

echo "allowedauthenticated.value ${allowedauthenticated}"

192

echo "allowedtls.value ${allowedtls}"

193

echo "timeout.value ${timeout}"

194

echo "deniedtoomanyrecipients.value ${deniedtoomanyrecipients}"

195

echo "deniedunqualifiedrecipient.value ${deniedunqualifiedrecipient}"

196

echo "deniedgraylisted.value ${deniedgraylisted}"

197

echo "deniedrdnsmissing.value ${deniedrdnsmissing}"

198

echo "deniedrdnsresolve.value ${deniedrdnsresolve}"

199

echo "deniedipinccrdns.value ${deniedipinccrdns}"

200

echo "deniedipinrdns.value ${deniedipinrdns}"

201

echo "deniedearlytalker.value ${deniedearlytalker}"

202

echo "deniedblacklistname.value ${deniedblacklistname}"

203

echo "deniedblacklistip.value ${deniedblacklistip}"

204

echo "deniedsenderblacklisted.value ${deniedsenderblacklisted}"

205

echo "deniedrecipientblacklisted.value ${deniedrecipientblacklisted}"

206

echo "deniedrblmatch.value ${deniedrblmatch}"

207

echo "deniedrhsblmatch.value ${deniedrhsblmatch}"

208

echo "deniedsendernomx.value ${deniedsendernomx}"

209

echo "deniedccessdenied.value ${deniedccessdenied}"

210

echo "deniedrelaying.value ${deniedrelaying}"

211

echo "deniedother.value ${deniedother}"

212

echo "failedauth.value ${failedauth}"

213

echo "unknownauth.value ${unknownauth}"

214

echo "failedtls.value ${failedtls}"

Projet

Général

Profil

Munin contributed plugins

root / plugins / mail / spamdyke @ e5ce7492