root / plugins / mail / spamdyke @ e5ce7492
Historique | Voir | Annoter | Télécharger (10,9 ko)
| 1 |
#!/bin/bash |
|---|---|
| 2 |
# |
| 3 |
# Plugin to monitor spamdyke |
| 4 |
# |
| 5 |
# Spamdyke logs expected to be inside /var/log/mail.info |
| 6 |
# logtail must be installed |
| 7 |
# Plugin state stored in /var/lib/munin/plugin-state |
| 8 |
# (statedir as defined in munin debian packages) |
| 9 |
# |
| 10 |
# You may override spamdyke logfile in plugin-conf.d/munin-node, and |
| 11 |
# give the user/group with enough rights to read your logs (group |
| 12 |
# adm on stock debian works fine) |
| 13 |
# |
| 14 |
# [spamdyke] |
| 15 |
# env.logfile /var/log/maillog |
| 16 |
# group adm |
| 17 |
# |
| 18 |
# |
| 19 |
# |
| 20 |
# Parameters understood: |
| 21 |
# |
| 22 |
# config (required) |
| 23 |
# autoconf (optional) |
| 24 |
# |
| 25 |
|
| 26 |
mktempfile () {
|
| 27 |
mktemp -t |
| 28 |
} |
| 29 |
|
| 30 |
MAIL_LOG=${logfile:-/var/log/mail.info}
|
| 31 |
LOGTAIL=${logtail:-`which logtail`}
|
| 32 |
STATEFILE=/var/lib/munin/plugin-state/spamdyke.offset |
| 33 |
|
| 34 |
if [ "$1" = "autoconf" ]; then |
| 35 |
if [ -f "${MAIL_LOG}" -a -n "${LOGTAIL}" -a -x "${LOGTAIL}" ] ; then
|
| 36 |
echo yes |
| 37 |
exit 0 |
| 38 |
else |
| 39 |
echo no |
| 40 |
exit 1 |
| 41 |
fi |
| 42 |
fi |
| 43 |
|
| 44 |
if [ "$1" = "config" ]; then |
| 45 |
echo 'graph_title spamdyke filtering' |
| 46 |
echo 'graph_category mail' |
| 47 |
echo 'graph_vlabel Count' |
| 48 |
echo 'graph_args --base 1000 -l 0' |
| 49 |
echo 'graph_total total' |
| 50 |
|
| 51 |
echo 'allowed.label ALLOWED' |
| 52 |
echo 'allowed.info The message passed all filters. qmail may still bounce the message for other reasons, however. ' |
| 53 |
echo 'allowed.min 1' |
| 54 |
echo 'allowedauthenticated.label ALLOWED_AUTHENTICATED' |
| 55 |
echo 'allowedauthenticated.info The remote client successfully authenticated using SMTP AUTH with spamdyke. If qmail is patched to provide SMTP AUTH, this code will never be used ' |
| 56 |
echo 'allowedauthenticated.min 1' |
| 57 |
echo 'allowedtls.label ALLOWED_TLS' |
| 58 |
echo 'allowedtls.info The remote client successfully started a TLS session with spamdyke ' |
| 59 |
echo 'allowedtls.min 1' |
| 60 |
echo 'timeout.label TIMEOUT' |
| 61 |
echo 'timeout.info The connection timed out, either in total time ("connection-timeout-secs") or idle time ("idle-timeout-secs"). If the connection was already being blocked for another reason, the code for that error is given as REALCODE '
|
| 62 |
echo 'timeout.min 1' |
| 63 |
echo 'deniedtoomanyrecipients.label DENIED_TOO_MANY_RECIPIENTS' |
| 64 |
echo 'deniedtoomanyrecipients.info The recipient was blocked because the limit ("max-recipients") was reached for this connection. The SMTP connection continues after this error occurs'
|
| 65 |
echo 'deniedtoomanyrecipients.min 1' |
| 66 |
echo 'deniedunqualifiedrecipient.label DENIED_UNQUALIFIED_RECIPIENT' |
| 67 |
echo 'deniedunqualifiedrecipient.info The recipient was blocked because the address had no domain name. The SMTP connection continues after this error occurs' |
| 68 |
echo 'deniedunqualifiedrecipient.min 1' |
| 69 |
echo 'deniedgraylisted.label DENIED_GRAYLISTED' |
| 70 |
echo 'deniedgraylisted.info recipient was blocked because the sender/recipient combination was graylisted ' |
| 71 |
echo 'deniedgraylisted.min 1' |
| 72 |
echo 'deniedrdnsmissing.label DENIED_RDNS_MISSING' |
| 73 |
echo 'deniedrdnsmissing.info The connection was blocked because the remote server has no rDNS name at all' |
| 74 |
echo 'deniedrdnsmissing.min 1' |
| 75 |
echo 'deniedrdnsresolve.label DENIED_RDNS_RESOLVE' |
| 76 |
echo 'deniedrdnsresolve.info The connection was blocked because the remote servers rDNS name does not resolve ' |
| 77 |
echo 'deniedrdnsresolve.min 1' |
| 78 |
echo 'deniedipinccrdns.label DENIED_IP_IN_CC_RDNS' |
| 79 |
echo 'deniedipinccrdns.info The connection was blocked because the remote servers IP address was found in the remote servers rDNS name _and_ the remote servers rDNS name ends in a country code ("reject-ip-in-cc-rdns"). '
|
| 80 |
echo 'deniedipinccrdns.min 1' |
| 81 |
echo 'deniedipinrdns.label DENIED_IP_IN_RDNS' |
| 82 |
echo 'deniedipinrdns.info The connection was blocked because the remote servers IP address was found in the remote servers rDNS name _and_ a prohibited keyword was found in the remote servers rDNS name ("ip-in-rdns-keyword-file"). '
|
| 83 |
echo 'deniedipinrdns.min 1' |
| 84 |
echo 'deniedearlytalker.label DENIED_EARLYTALKER' |
| 85 |
echo 'deniedearlytalker.info The connection was blocked because the remote server began sending data before the SMTP greeting was issued ("greeting-delay-secs"). '
|
| 86 |
echo 'deniedearlytalker.min 1' |
| 87 |
echo 'deniedblacklistname.label DENIED_BLACKLIST_NAME' |
| 88 |
echo 'deniedblacklistname.info The connection was blocked because the base domain of the remote servers rDNS name is blacklisted ("rdns-blacklist-file" or "rdns-blacklist-dir"). '
|
| 89 |
echo 'deniedblacklistname.min 1' |
| 90 |
echo 'deniedblacklistip.label DENIED_BLACKLIST_IP' |
| 91 |
echo 'deniedblacklistip.info The connection was blocked because the remote servers IP address is blacklisted ("ip-blacklist-file"). '
|
| 92 |
echo 'deniedblacklistip.min 1' |
| 93 |
echo 'deniedsenderblacklisted.label DENIED_SENDER_BLACKLISTED' |
| 94 |
echo 'deniedsenderblacklisted.info The connection was blocked because the senders email address is blacklisted ("sender-blacklist-file"). '
|
| 95 |
echo 'deniedsenderblacklisted.min 1' |
| 96 |
echo 'deniedrecipientblacklisted.label DENIED_RECIPIENT_BLACKLISTED' |
| 97 |
echo 'deniedrecipientblacklisted.info The recipient was blocked because the recipient email address is blacklisted ("recipient-blacklist-file"). '
|
| 98 |
echo 'deniedrecipientblacklisted.min 1' |
| 99 |
echo 'deniedrblmatch.label DENIED_RBL_MATCH' |
| 100 |
echo 'deniedrblmatch.info The connection was blocked because the remote servers IP address was found on a DNS RBL ("check-dnsrbl"). '
|
| 101 |
echo 'deniedrblmatch.min 1' |
| 102 |
echo 'deniedrhsblmatch.label DENIED_RHSBL_MATCH' |
| 103 |
echo 'deniedrhsblmatch.info The connection was blocked because the remote servers reverse DNS name was found on a righthand-side DNS blacklist (RHSBL) OR the connection was blocked because the senders domain name was found on a righthand-side DNS blacklist (RHSBL). ' |
| 104 |
echo 'deniedrhsblmatch.min 1' |
| 105 |
echo 'deniedsendernomx.label DENIED_SENDER_NO_MX' |
| 106 |
echo 'deniedsendernomx.info The connection was blocked because the senders domain has no mail exchanger, making the sender address invalid' |
| 107 |
echo 'deniedsendernomx.min 1' |
| 108 |
echo 'deniedccessdenied.label DENIED_ACCESS_DENIED' |
| 109 |
echo 'deniedaccessdenied.info The connection was blocked because the remote servers IP address or rDNS name was found in the access file with a "deny" command ("access-file"). '
|
| 110 |
echo 'deniedccessdenied.min 1' |
| 111 |
echo 'deniedrelaying.label DENIED_RELAYING' |
| 112 |
echo 'deniedrelaying.info The recipient was blocked because the recipients domain is not locally hosted ("local-domains-file") and the remote server is not allowed to relay ("access-file"). '
|
| 113 |
echo 'deniedrelaying.min 1' |
| 114 |
echo 'deniedother.label DENIED_OTHER' |
| 115 |
echo 'deniedother.info The connection was rejected by qmail (or another downstream filter), not spamdyke. ' |
| 116 |
echo 'deniedother.min 1' |
| 117 |
echo 'failedauth.label FAILED_AUTH' |
| 118 |
echo 'failedauth.info The remote server attempted to authenticate but the given username and/or password were incorrect ("smtp-auth-command" or "smtp-auth-command-encryption"). '
|
| 119 |
echo 'failedauth.min 1' |
| 120 |
echo 'unknownauth.label UNKNOWN_AUTH' |
| 121 |
echo 'unknownauth.info The remote server requested an authentication method spamdyke doesnt support. This shouldnt happen. ' |
| 122 |
echo 'unknownauth.min 1' |
| 123 |
echo 'failedtls.label FAILED_TLS' |
| 124 |
echo 'failedtls.info The remote client attempted to start a TLS session but SSL negotiation failed.' |
| 125 |
echo 'failedtls.min 1' |
| 126 |
exit 0 |
| 127 |
fi |
| 128 |
|
| 129 |
allowed=u |
| 130 |
allowedauthenticated=u |
| 131 |
allowedtls=u |
| 132 |
timeout=u |
| 133 |
deniedtoomanyrecipients=U |
| 134 |
deniedunqualifiedrecipient=U |
| 135 |
deniedgraylisted=U |
| 136 |
deniedrdnsmissing=U |
| 137 |
deniedrdnsresolve=U |
| 138 |
deniedipinccrdns=U |
| 139 |
deniedipinrdns=U |
| 140 |
deniedearlytalker=U |
| 141 |
deniedblacklistname=U |
| 142 |
deniedblacklistip=U |
| 143 |
deniedsenderblacklisted=U |
| 144 |
deniedrecipientblacklisted=U |
| 145 |
deniedrblmatch=U |
| 146 |
deniedrhsblmatch=U |
| 147 |
deniedsendernomx=U |
| 148 |
deniedccessdenied=U |
| 149 |
deniedrelaying=U |
| 150 |
deniedother=U |
| 151 |
failedauth=U |
| 152 |
unknownauth=U |
| 153 |
failedtls=U |
| 154 |
|
| 155 |
TEMP_FILE=`mktempfile munin.spamdyke.XXXXXX` |
| 156 |
|
| 157 |
if [ -n "$TEMP_FILE" -a -f "$TEMP_FILE" ] |
| 158 |
then |
| 159 |
$LOGTAIL ${MAIL_LOG} $STATEFILE | grep "spamdyke\[.*\]:" > ${TEMP_FILE}
|
| 160 |
|
| 161 |
allowed=`grep 'spamdyke\[[0-9\]*]: ALLOWED' ${TEMP_FILE} | wc -l`
|
| 162 |
allowedauthenticated=`grep 'spamdyke\[[0-9]*\]: ALLOWED_AUTHENTICATED' ${TEMP_FILE} | wc -l`
|
| 163 |
allowedtls=`grep 'spamdyke\[[0-9]\]: ALLOWED_TLS' ${TEMP_FILE} | wc -l`
|
| 164 |
timeout=`grep 'spamdyke\[[0-9]*\]: TIMEOUT' ${TEMP_FILE} | wc -l`
|
| 165 |
deniedtoomanyrecipients=`grep 'spamdyke\[[0-9]*\]: DENIED_TOO_MANY_RECIPIENTS' ${TEMP_FILE} | wc -l`
|
| 166 |
deniedunqualifiedrecipient=`grep 'spamdyke\[[0-9]*\]: DENIED_UNQUALIFIED_RECIPIENT' ${TEMP_FILE} | wc -l`
|
| 167 |
deniedgraylisted=`grep 'spamdyke\[[0-9]*\]: DENIED_GRAYLISTED' ${TEMP_FILE} | wc -l`
|
| 168 |
deniedrdnsmissing=`grep 'spamdyke\[[0-9]*\]: DENIED_RDNS_MISSING' ${TEMP_FILE} | wc -l`
|
| 169 |
deniedrdnsresolve=`grep 'spamdyke\[[0-9]*\]: DENIED_RDNS_RESOLVE' ${TEMP_FILE} | wc -l`
|
| 170 |
deniedipinccrdns=`grep 'spamdyke\[[0-9]*\]: DENIED_IP_IN_CC_RDNS' ${TEMP_FILE} | wc -l`
|
| 171 |
deniedipinrdns=`grep 'spamdyke\[[0-9]*\]: DENIED_IP_IN_RDNS' ${TEMP_FILE} | wc -l`
|
| 172 |
deniedearlytalker=`grep 'spamdyke\[[0-9]*\]: DENIED_EARLYTALKER' ${TEMP_FILE} | wc -l`
|
| 173 |
deniedblacklistname=`grep 'spamdyke\[[0-9]*\]: DENIED_BLACKLIST_NAME' ${TEMP_FILE} | wc -l`
|
| 174 |
deniedblacklistip=`grep 'spamdyke\[[0-9]*\]: DENIED_BLACKLIST_IP' ${TEMP_FILE} | wc -l`
|
| 175 |
deniedsenderblacklisted=`grep 'spamdyke\[[0-9]*\]: DENIED_SENDER_BLACKLISTED' ${TEMP_FILE} | wc -l`
|
| 176 |
deniedrecipientblacklisted=`grep 'spamdyke\[[0-9]*\]: DENIED_RECIPIENT_BLACKLISTED' ${TEMP_FILE} | wc -l`
|
| 177 |
deniedrblmatch=`grep 'spamdyke\[[0-9]*\]: DENIED_RBL_MATCH' ${TEMP_FILE} | wc -l`
|
| 178 |
deniedrhsblmatch=`grep 'spamdyke\[[0-9]*\]: DENIED_RHSBL_MATCH' ${TEMP_FILE} | wc -l`
|
| 179 |
deniedsendernomx=`grep 'spamdyke\[[0-9]*\]: DENIED_SENDER_NO_MX' ${TEMP_FILE} | wc -l`
|
| 180 |
deniedccessdenied=`grep 'spamdyke\[[0-9]*\]: DENIED_ACCESS_DENIED' ${TEMP_FILE} | wc -l`
|
| 181 |
deniedrelaying=`grep 'spamdyke\[[0-9]*\]: DENIED_RELAYING' ${TEMP_FILE} | wc -l`
|
| 182 |
deniedother=`grep 'spamdyke\[[0-9]*\]: DENIED_OTHER' ${TEMP_FILE} | wc -l`
|
| 183 |
failedauth=`grep 'spamdyke\[[0-9]*\]: FAILED_AUTH' ${TEMP_FILE} | wc -l`
|
| 184 |
unknownauth=`grep 'spamdyke\[[0-9]*\]: UNKNOWN_AUTH' ${TEMP_FILE} | wc -l`
|
| 185 |
failedtls=`grep 'spamdyke\[[0-9]*\]: FAILED_TLS' ${TEMP_FILE} | wc -l`
|
| 186 |
|
| 187 |
/bin/rm -f $TEMP_FILE |
| 188 |
fi |
| 189 |
|
| 190 |
echo "allowed.value ${allowed}"
|
| 191 |
echo "allowedauthenticated.value ${allowedauthenticated}"
|
| 192 |
echo "allowedtls.value ${allowedtls}"
|
| 193 |
echo "timeout.value ${timeout}"
|
| 194 |
echo "deniedtoomanyrecipients.value ${deniedtoomanyrecipients}"
|
| 195 |
echo "deniedunqualifiedrecipient.value ${deniedunqualifiedrecipient}"
|
| 196 |
echo "deniedgraylisted.value ${deniedgraylisted}"
|
| 197 |
echo "deniedrdnsmissing.value ${deniedrdnsmissing}"
|
| 198 |
echo "deniedrdnsresolve.value ${deniedrdnsresolve}"
|
| 199 |
echo "deniedipinccrdns.value ${deniedipinccrdns}"
|
| 200 |
echo "deniedipinrdns.value ${deniedipinrdns}"
|
| 201 |
echo "deniedearlytalker.value ${deniedearlytalker}"
|
| 202 |
echo "deniedblacklistname.value ${deniedblacklistname}"
|
| 203 |
echo "deniedblacklistip.value ${deniedblacklistip}"
|
| 204 |
echo "deniedsenderblacklisted.value ${deniedsenderblacklisted}"
|
| 205 |
echo "deniedrecipientblacklisted.value ${deniedrecipientblacklisted}"
|
| 206 |
echo "deniedrblmatch.value ${deniedrblmatch}"
|
| 207 |
echo "deniedrhsblmatch.value ${deniedrhsblmatch}"
|
| 208 |
echo "deniedsendernomx.value ${deniedsendernomx}"
|
| 209 |
echo "deniedccessdenied.value ${deniedccessdenied}"
|
| 210 |
echo "deniedrelaying.value ${deniedrelaying}"
|
| 211 |
echo "deniedother.value ${deniedother}"
|
| 212 |
echo "failedauth.value ${failedauth}"
|
| 213 |
echo "unknownauth.value ${unknownauth}"
|
| 214 |
echo "failedtls.value ${failedtls}"
|