Скрипт для отправки статистики Amavisd (SpamAssassin) (ежедневные отчеты об эффективности антиспама)
Постановка задачи
Есть почтовый сервер с установленным Amavisd (SpamAssassin).
Необходимо ежедневно направлять отчет об эффективности работы антиспама по почте.
Решение
Перед ротацией лога, в который пишет amavisd будем запускать скрипт-анализатор.
Настраиваем amavisd для записи лога в файл
Для этого в amavisd.conf добавим:
$log_level = 1; $do_syslog = 1; $syslog_facility = 'local6';
в /etc/syslog/syslog.conf:
local6.* -/var/log/amavisd.log
рестартуем syslog:
service syslogd restart
Создаем скрипт /usr/local/bin/amavisd_stat:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 | #! /bin/bash ADMIN_MAIL='admin@exapmle.com' LOGFILE="/var/log/amavisd.log" cat $LOGFILE | awk '/Passed CLEAN/ {passed_clean++}; /Passed SPAMMY/ {passed_spammy++}; /Passed SPAM / {passed_spam++}; /Blocked SPAM/ {blocked_spam++} END {total_scanned=passed_clean + passed_spammy + passed_spam + blocked_spam total_spam=passed_spammy + passed_spam + blocked_spam "hostname" | getline host; close("hostname") print "Subject: AmavisSpamassassin report from " host "\n\n" \ "Total scanned: " total_scanned " (100%)" \ "\nClean e-mails: " passed_clean " (" int(passed_clean/(total_scanned/100))"%)" \ "\nSpam found: " total_spam " (" int(total_spam/(total_scanned/100))"%)" \ "\n\nIncluding:" \ "\n\tBlocked (quarantined): " blocked_spam " (" int(blocked_spam/(total_scanned/100))"%)" \ "\n\tPassed to local recipients but tagged as spam: " passed_spammy " (" int(passed_spammy/(total_scanned/100))"%)" \ "\n\tForwarded by zimbra but tagged as spam: " passed_spam " (" int(passed_spam/(total_scanned/100))"%)" \ }'| /opt/zimbra/postfix/sbin/sendmail $ADMIN_MAIL |
Создаем конфиг файл для logrotate:
vim /etc/logrotate.d/amavisd
с таким содержанием
/var/log/amavisd.log
{
sharedscripts
daily
missingok
compress
rotate 10
create 644
prerotate
/usr/local/bin/amavisd_stat >/dev/null 2>&1
endscript
postrotate
/bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null || true
endscript
}
После этого на почту $ADMIN_MAIL будем получать вот такие отчеты:
Total scanned: 69640 (100%)
Clean e-mails: 42063 (60%)
Spam found: 27577 (39%)
Including:
Blocked (quarantined): 14579 (20%)
Passed to local recipients but tagged as spam: 12424 (17%)
Forwarded by zimbra but tagged as spam: 574 (0%)
Готово!