| Welcome to the Zimbra - Forums! | |
Welcome, if you would like to post a comment please register.
We also encourage you to explore all things Zimbra with our team and members of the community.
|
 | | 
06-30-2009, 08:04 AM
| | |  Spam ratio
How can I find out what is the spam ration (%) from my received emails? |
06-30-2009, 09:04 AM
| | Zimbra Consultant & Moderator | |
Posts: 12,395
| |
Right-click Show Original and look at the headers.
__________________
Regards
Bill
|
06-30-2009, 09:05 AM
| | |
Quote:
Originally Posted by phoenix  Right-click Show Original and look at the headers. | I mean... what % of the received emails from my server is actually SPAM? |
06-30-2009, 12:19 PM
| | Special Member | |
Posts: 137
| |
you will need a script to process the zimbra log file.
I use the attached perl script then place the results in a spreadsheet Code: #!/usr/bin/perl
# input is the current zimbra logfile
# this will read the zimbra logfile and create a summary report of
# postfix, spamassin, and clamAV events
# note that the default logrotation for zimbra (/etc/logrotate.d/zimbra in Red Hat clones) needs to have
# "delaycompress" set or I will not be able to read the logfile if used as part of the "postrotate scripts"
# this script bu JCrawford at AZ Structural Pest Control Commission to scratch an itch.
# it is Licensed as GPL v3 or later "jrefl5" ( yahoo ) <com> and others, No warrenty as to usability
# is provided. james
#
# format of zimbra log line is
# Field Position
# Month 0-2
# Day 4-5
# Time (HH:MM:SS) 7-14
# Server name 15-(14+length(server name))
# Data end of SNAme+1-> end of line (\n)
my $CVersion = "1.0";
my $Rejects = 0;
my $Security = 0;
my $Attach = 0;
my $SAddress = 0;
my $DAddress = 0;
my $Discards = 0;
my $DSN = 0;
my $Crylic = 0;
my $TheBat = 0;
my $Relay = 0;
my $Pipe = 0;
my $ConfErr = 0;
my $Relay = 0;
my $ConfErr = 0;
my $ConfErr = 0;
my $donknow = 0;
my $Blocked = 0;
my $BlockBounce = 0;
my $ClamAV = 0;
my $Passed = 0;
my $Spammy = 0;
my $Clean = 0;
my $StDate = "";
my $EDate = "";
my $inlines = 0;
my $currID = "";
my $Messages = 0;
my $Sender = "";
my $Dest = "";
my $amavis = 0;
my $DefCount = 0;
my $BHcount = 0;
my $VQueCount = 0;
my %Senders =();
my %Recivers =();
my %MailWare =();
my %Deferred =();
my %DefMessage =();
my %DefRelay =();
my %DefTo =();
my %DefTime =();
my @BadHeader =();
my @VirQuar =();
# my $emailsenderformat ="^[a-zA-Z][\w\.-]*[a-zA-Z0-9]@[a-zA-Z0-9][\w\.-]*[a-zA-Z0-9]\.[a-zA-Z][a-zA-Z\.]*[a-zA-Z]$";
InputLoop: while ( <> ) {
# check beginning of line
if ($inlines == 0) {
$StDate = substr $_, 0, 15; # Get the start time from the First line in the log
}
$inlines+=1;
$EDate = substr $_, 0, 15; # Get the time from each line in the log (it may be tha last)
if ($_ =~ /postfix\/cleanup/gi) { # start of new message processing
$Senders[$Sender]+=1 unless (length($Sender) <= 1);
$Recivers[$Dest]+=1 unless (length($Dest) <= 1);
if ($_ =~ / ([0-9A-F]{10,}): message-id=/i ) {
$currID = $1; # use this as a hash id for message threads?
$Messages+=1;
$Sender = "";
$Dest = "";
# add logic to handle mutilitple messages in process loop at same time
} elsif ($_ =~ /discard/i) { # track input messages that Postfix doen not queue for amavis
$Discards+=1;
if ($_ =~ /Crylic/i ) {
$Crylic+=1;
} elsif ($_ =~ /no third-party DSNs/) {
$DSN+=1;
} elsif ($_ =~ /The Bat as a Mailer/) {
$TheBat+=1;
} else {
print STDOUT "Discard type not Tracked for :\n\t" . $_;
}
}
} elsif ($_ =~ /Passed CLEAN/i) { # Spamassissin thinks its ok
$Passed+=1;
$Clean+=1;
} elsif ($_ =~ /Passed SPAMMY/i) { # Spamassissin thinks it may be spam (place in junk mail folder)
$Passed+=1;
$Spammy+=1;
} elsif ($_ =~ /Passed BAD-HEADER/i) { # bad header on incomming message, message placed in quarantine
if ( $_ =~ /quarantine: (badh-[-+a-zA-Z0-9]{10,15}), Message-ID:/g ) {
$BHcount += 1;
$BadHeader[$BHcount] = $1;
}
} elsif ($_ =~ /NOQUEUE: reject/i) { # not placed on queue by postfix bounced back to sending server
$Messages+=1;
$Rejects+=1;
# Use the first form if we choose to track the invalid senders <jhc>
# if ($_ =~ /Helo command rejected: need fully-qualified hostname; from=<($emailsenterformat)>/i) {
if ($_ =~ /Helo command rejected: need fully-qualified hostname; from=/i) {
$SAddress+=1;
# Track invalid senders?
} elsif ($_ =~ /Sender address rejected/i ) {
$SAddress+=1;
# Track invalid senders?
} elsif ($_ =~ /Recipient address rejected:/i) { # we don't have that email address localy
$DAddress+=1;
# Track invalid reciver?
} elsif ($_ =~ /Relay access denied/i) { # someone wants to relay (ain't no way)
$Relay+=1;
} elsif ($_ =~ /Server configuration error/i) { # we goofed on a change revert it ASAP
$ConfErr+=1;
} elsif ($_ =~ /Improper use of SMTP command pipelining/i) { # Sender is not forming SMTP correctly
$Pipe+=1;
} else {
$donknow+=1;
print STDOUT "Unknown Reject = \n\t" . $_ ;
}
} elsif ($_ =~ /Blocked SPAM/) {
$Blocked+=1;
} elsif ( $_ =~ /amavis\[\d*\]/i) {
if ($_ =~ /Checking:/i) {
$amavis+=1;
} elsif ($_ =~ /local delivery: <> -> <virus-quarantine/gi ) { # clamd had problems with it (encripted zip?)
# print STDERR "Debug found $_ \n";
if ( $_ =~ 'mbx=/opt/zimbra/data/amavisd/quarantine/(virus-[-+a-zA-Z0-9]{10,15})') {
$VQueCount += 1;
$VirQuar[$VQueCount] = $1;
}
}
} elsif ($_ =~ /clamd\[\d{1,}\]:/i) { # CalmAV message
# Strip out mailware name from log line.
if ( $_ =~ /FOUND/ ) { # Found malware
$ClamAV+= 1;
# use "'" in regexp instead of "/" due to path nameing in the regexp <jhc>
if ($_ =~ m'/opt/zimbra/data/amavisd/tmp/amavis-\d{8,8}T\d{6,6}-(\d{4,5})/parts/\w{1,}:\s{1,}((\w*\.*)*-{0,1}(\w*-*)*)'i) {
$MailWare{$2}+=1; # save the malware name and counter for the report
}
}
} elsif ($_ =~ /deferred/g ) { # its a deferred message we may see the same one many times
if ( $_ =~ 'postfix/smtp\[\d{3,5}\]: ([A-F0-9]{12,12}): to=<(\S{1,}?@\S{1,}?.\S{2,5}?)>, relay=([[:print:]]{1,}?)\[\d+\.\d+\.\d+\.\d+\]:25') {
my $msgid = $1;
my $address = $2;
my $relay = $3;
my $err = "I missed the error msg";
if ($_ =~ /said: ([[:print:]]{1,})$/) {
$err = $1;
} elsif ($_ =~ /talk to me: ([[:print:]]{1,})$/) {
$err = $1;
}
$Deferred{$msgid} +=1;
$DefMessage{$msgid} = $err;
$DefRelay{$msgid} = $relay;
$DefTo{$msgid} = $address;
$DefCount += 1 unless $Deferred{$msgid} > 1;
$DefTime{$msgid} = substr $EDate, 7, 8;
}
} elsif ($_ =~ /-> <virus-quarantine>/gi ) { # clamd had problems with it (encripted zip?)
if ( $_ =~ 'mbx=/opt/zimbra/data/amavisd/quarantine/(virus-[a-zA-Z0-9]{10,15})') {
$VirQuar[$VQueCount] = $1;
$VQueCount += 1;
}
# } else {
# # Unknown Line print it out
# print STDOUT "Line not counted\n\t>>>" . $_ . "<<<\n";
}
}
# full file processed now for the report
print STDOUT "Mail Log Report Ver. " . $CVersion . " for;\n " . $StDate . " Through " . $EDate . "\n";
print STDOUT " Log contains \t = " . $inlines . " Lines\n";
print STDOUT "\tTotal Messages processed = " . $Messages . "\n";
print STDOUT "\tDiscarded messages = " . $Discards . "\n";
print STDOUT "\t Crylic Discards = " . $Crylic . "\n";
print STDOUT "\t The Bat X-Mailer = " . $TheBat . "\n";
print STDOUT "\t BackScatter = " . $DSN . "\n";
print STDOUT "\tRejected Messages = " . $Rejects . "\n";
print STDOUT "\t Invalid From address = " . $SAddress . "\n";
print STDOUT "\t Invalid To Address = " . $DAddress . "\n";
print STDOUT "\t Relay Request = " . $Relay . "\n";
print STDOUT "\t Improper Pipelining = " . $Pipe . "\n";
if ($ConfErr > 0) {
print STDOUT "\t Config Error !!! !!! = " . $ConfErr . "\n";
}
if ($donkonw > 0) {
print STDOUT "\t Unknown Rej. = " . $donknow . "\n";
}
print STDOUT " Messages processed by CLAMAV &\n SpamAssissin\t\t = " . $amavis . "\n";
print STDOUT "\tBlocked SPAM ** = " . $Blocked . "\n";
print STDOUT "\tPassed Messages = " . $Passed . "\n";
print STDOUT "\t Passed Clean ? = " . $Clean . "\n";
print STDOUT "\t Passed Spammy = " . $Spammy . "\n";
print STDOUT "\tClamAV hits ** = " . $ClamAV . "\n";
if ($ClamAV > 0) {
foreach my $kval ( keys %MailWare ) {
print STDOUT "\t\t" . $kval . " found " . $MailWare{$kval} . " time";
print STDOUT "s" unless ($MailWare{$kval}<2);
print STDOUT "\n";
}
print STDOUT " ** Note that ClamAV hits are also counted as SPAM\n";
}
if ( ($BHcount > 0) || ($VQueCount > 0)) {
print STDOUT "\tQuarantined messages = " . ($BHcount+$VQueCount) . "\n";
print STDOUT "\t messages can be examined in /opt/zimbra/data/amavisd/quarantine/ \n";
if ( $BHcount > 0 ) {
my $bcount = 6;
print STDOUT "\t Bad Headers = " . $BHcount;
foreach my $msgid (@BadHeader ) {
if ( $bcount > 3 ) {
print STDOUT "\n\t\t" . $msgid ;
$bcount= 1;
} else {
print STDOUT ", " . $msgid ;
$bcount += 1;
}
}
print STDOUT "\n";
}
if ($VQueCount > 0) {
my $bcount = 6;
print STDOUT "\t Virus = " . $VQueCount;
foreach my $msgid ( @VirQuar) {
if ( $bcount > 3 ) {
print STDOUT "\n\t\t" . $msgid ;
$bcount= 1;
} else {
print STDOUT ", " . $msgid ;
$bcount += 1;
}
}
print STDOUT "\n";
}
}
if ($DefCount > 0) { # we had 1 or more deferred emails
print STDOUT "Unique Deferred messages = " . $DefCount . "\n";
foreach my $msgid ( keys %Deferred ) {
print STDOUT "\t" . $msgid . " occured " . $Deferred{$msgid} . " times\n\t\taddressed to ";
print STDOUT $DefTo{$msgid} . "\n\t\tvia relay " . $DefRelay{$msgid} . "\n\t\tLast responce at ". $DefTime{$msgid} . " was:\n";
print STDOUT "\t" . $DefMessage{$msgid} . "\n";
}
}
Last edited by jrefl5 : 06-30-2009 at 12:20 PM.
Reason: the attachement did not attach
|
06-30-2009, 12:25 PM
| | |
Quote:
Originally Posted by jrefl5 you will need a script to process the zimbra log file.
I use the attached perl script then place the results in a spreadsheet Code: #!/usr/bin/perl
# input is the current zimbra logfile
# this will read the zimbra logfile and create a summary report of
# postfix, spamassin, and clamAV events
# note that the default logrotation for zimbra (/etc/logrotate.d/zimbra in Red Hat clones) needs to have
# "delaycompress" set or I will not be able to read the logfile if used as part of the "postrotate scripts"
# this script bu JCrawford at AZ Structural Pest Control Commission to scratch an itch.
# it is Licensed as GPL v3 or later "jrefl5" ( yahoo ) <com> and others, No warrenty as to usability
# is provided. james
#
# format of zimbra log line is
# Field Position
# Month 0-2
# Day 4-5
# Time (HH:MM:SS) 7-14
# Server name 15-(14+length(server name))
# Data end of SNAme+1-> end of line (\n)
my $CVersion = "1.0";
my $Rejects = 0;
my $Security = 0;
my $Attach = 0;
my $SAddress = 0;
my $DAddress = 0;
my $Discards = 0;
my $DSN = 0;
my $Crylic = 0;
my $TheBat = 0;
my $Relay = 0;
my $Pipe = 0;
my $ConfErr = 0;
my $Relay = 0;
my $ConfErr = 0;
my $ConfErr = 0;
my $donknow = 0;
my $Blocked = 0;
my $BlockBounce = 0;
my $ClamAV = 0;
my $Passed = 0;
my $Spammy = 0;
my $Clean = 0;
my $StDate = "";
my $EDate = "";
my $inlines = 0;
my $currID = "";
my $Messages = 0;
my $Sender = "";
my $Dest = "";
my $amavis = 0;
my $DefCount = 0;
my $BHcount = 0;
my $VQueCount = 0;
my %Senders =();
my %Recivers =();
my %MailWare =();
my %Deferred =();
my %DefMessage =();
my %DefRelay =();
my %DefTo =();
my %DefTime =();
my @BadHeader =();
my @VirQuar =();
# my $emailsenderformat ="^[a-zA-Z][\w\.-]*[a-zA-Z0-9]@[a-zA-Z0-9][\w\.-]*[a-zA-Z0-9]\.[a-zA-Z][a-zA-Z\.]*[a-zA-Z]$";
InputLoop: while ( <> ) {
# check beginning of line
if ($inlines == 0) {
$StDate = substr $_, 0, 15; # Get the start time from the First line in the log
}
$inlines+=1;
$EDate = substr $_, 0, 15; # Get the time from each line in the log (it may be tha last)
if ($_ =~ /postfix\/cleanup/gi) { # start of new message processing
$Senders[$Sender]+=1 unless (length($Sender) <= 1);
$Recivers[$Dest]+=1 unless (length($Dest) <= 1);
if ($_ =~ / ([0-9A-F]{10,}): message-id=/i ) {
$currID = $1; # use this as a hash id for message threads?
$Messages+=1;
$Sender = "";
$Dest = "";
# add logic to handle mutilitple messages in process loop at same time
} elsif ($_ =~ /discard/i) { # track input messages that Postfix doen not queue for amavis
$Discards+=1;
if ($_ =~ /Crylic/i ) {
$Crylic+=1;
} elsif ($_ =~ /no third-party DSNs/) {
$DSN+=1;
} elsif ($_ =~ /The Bat as a Mailer/) {
$TheBat+=1;
} else {
print STDOUT "Discard type not Tracked for :\n\t" . $_;
}
}
} elsif ($_ =~ /Passed CLEAN/i) { # Spamassissin thinks its ok
$Passed+=1;
$Clean+=1;
} elsif ($_ =~ /Passed SPAMMY/i) { # Spamassissin thinks it may be spam (place in junk mail folder)
$Passed+=1;
$Spammy+=1;
} elsif ($_ =~ /Passed BAD-HEADER/i) { # bad header on incomming message, message placed in quarantine
if ( $_ =~ /quarantine: (badh-[-+a-zA-Z0-9]{10,15}), Message-ID:/g ) {
$BHcount += 1;
$BadHeader[$BHcount] = $1;
}
} elsif ($_ =~ /NOQUEUE: reject/i) { # not placed on queue by postfix bounced back to sending server
$Messages+=1;
$Rejects+=1;
# Use the first form if we choose to track the invalid senders <jhc>
# if ($_ =~ /Helo command rejected: need fully-qualified hostname; from=<($emailsenterformat)>/i) {
if ($_ =~ /Helo command rejected: need fully-qualified hostname; from=/i) {
$SAddress+=1;
# Track invalid senders?
} elsif ($_ =~ /Sender address rejected/i ) {
$SAddress+=1;
# Track invalid senders?
} elsif ($_ =~ /Recipient address rejected:/i) { # we don't have that email address localy
$DAddress+=1;
# Track invalid reciver?
} elsif ($_ =~ /Relay access denied/i) { # someone wants to relay (ain't no way)
$Relay+=1;
} elsif ($_ =~ /Server configuration error/i) { # we goofed on a change revert it ASAP
$ConfErr+=1;
} elsif ($_ =~ /Improper use of SMTP command pipelining/i) { # Sender is not forming SMTP correctly
$Pipe+=1;
} else {
$donknow+=1;
print STDOUT "Unknown Reject = \n\t" . $_ ;
}
} elsif ($_ =~ /Blocked SPAM/) {
$Blocked+=1;
} elsif ( $_ =~ /amavis\[\d*\]/i) {
if ($_ =~ /Checking:/i) {
$amavis+=1;
} elsif ($_ =~ /local delivery: <> -> <virus-quarantine/gi ) { # clamd had problems with it (encripted zip?)
# print STDERR "Debug found $_ \n";
if ( $_ =~ 'mbx=/opt/zimbra/data/amavisd/quarantine/(virus-[-+a-zA-Z0-9]{10,15})') {
$VQueCount += 1;
$VirQuar[$VQueCount] = $1;
}
}
} elsif ($_ =~ /clamd\[\d{1,}\]:/i) { # CalmAV message
# Strip out mailware name from log line.
if ( $_ =~ /FOUND/ ) { # Found malware
$ClamAV+= 1;
# use "'" in regexp instead of "/" due to path nameing in the regexp <jhc>
if ($_ =~ m'/opt/zimbra/data/amavisd/tmp/amavis-\d{8,8}T\d{6,6}-(\d{4,5})/parts/\w{1,}:\s{1,}((\w*\.*)*-{0,1}(\w*-*)*)'i) {
$MailWare{$2}+=1; # save the malware name and counter for the report
}
}
} elsif ($_ =~ /deferred/g ) { # its a deferred message we may see the same one many times
if ( $_ =~ 'postfix/smtp\[\d{3,5}\]: ([A-F0-9]{12,12}): to=<(\S{1,}?@\S{1,}?.\S{2,5}?)>, relay=([[:print:]]{1,}?)\[\d+\.\d+\.\d+\.\d+\]:25') {
my $msgid = $1;
my $address = $2;
my $relay = $3;
my $err = "I missed the error msg";
if ($_ =~ /said: ([[:print:]]{1,})$/) {
$err = $1;
} elsif ($_ =~ /talk to me: ([[:print:]]{1,})$/) {
$err = $1;
}
$Deferred{$msgid} +=1;
$DefMessage{$msgid} = $err;
$DefRelay{$msgid} = $relay;
$DefTo{$msgid} = $address;
$DefCount += 1 unless $Deferred{$msgid} > 1;
$DefTime{$msgid} = substr $EDate, 7, 8;
}
} elsif ($_ =~ /-> <virus-quarantine>/gi ) { # clamd had problems with it (encripted zip?)
if ( $_ =~ 'mbx=/opt/zimbra/data/amavisd/quarantine/(virus-[a-zA-Z0-9]{10,15})') {
$VirQuar[$VQueCount] = $1;
$VQueCount += 1;
}
# } else {
# # Unknown Line print it out
# print STDOUT "Line not counted\n\t>>>" . $_ . "<<<\n";
}
}
# full file processed now for the report
print STDOUT "Mail Log Report Ver. " . $CVersion . " for;\n " . $StDate . " Through " . $EDate . "\n";
print STDOUT " Log contains \t = " . $inlines . " Lines\n";
print STDOUT "\tTotal Messages processed = " . $Messages . "\n";
print STDOUT "\tDiscarded messages = " . $Discards . "\n";
print STDOUT "\t Crylic Discards = " . $Crylic . "\n";
print STDOUT "\t The Bat X-Mailer = " . $TheBat . "\n";
print STDOUT "\t BackScatter = " . $DSN . "\n";
print STDOUT "\tRejected Messages = " . $Rejects . "\n";
print STDOUT "\t Invalid From address = " . $SAddress . "\n";
print STDOUT "\t Invalid To Address = " . $DAddress . "\n";
print STDOUT "\t Relay Request = " . $Relay . "\n";
print STDOUT "\t Improper Pipelining = " . $Pipe . "\n";
if ($ConfErr > 0) {
print STDOUT "\t Config Error !!! !!! = " . $ConfErr . "\n";
}
if ($donkonw > 0) {
print STDOUT "\t Unknown Rej. = " . $donknow . "\n";
}
print STDOUT " Messages processed by CLAMAV &\n SpamAssissin\t\t = " . $amavis . "\n";
print STDOUT "\tBlocked SPAM ** = " . $Blocked . "\n";
print STDOUT "\tPassed Messages = " . $Passed . "\n";
print STDOUT "\t Passed Clean ? = " . $Clean . "\n";
print STDOUT "\t Passed Spammy = " . $Spammy . "\n";
print STDOUT "\tClamAV hits ** = " . $ClamAV . "\n";
if ($ClamAV > 0) {
foreach my $kval ( keys %MailWare ) {
print STDOUT "\t\t" . $kval . " found " . $MailWare{$kval} . " time";
print STDOUT "s" unless ($MailWare{$kval}<2);
print STDOUT "\n";
}
print STDOUT " ** Note that ClamAV hits are also counted as SPAM\n";
}
if ( ($BHcount > 0) || ($VQueCount > 0)) {
print STDOUT "\tQuarantined messages = " . ($BHcount+$VQueCount) . "\n";
print STDOUT "\t messages can be examined in /opt/zimbra/data/amavisd/quarantine/ \n";
if ( $BHcount > 0 ) {
my $bcount = 6;
print STDOUT "\t Bad Headers = " . $BHcount;
foreach my $msgid (@BadHeader ) {
if ( $bcount > 3 ) {
print STDOUT "\n\t\t" . $msgid ;
$bcount= 1;
} else {
print STDOUT ", " . $msgid ;
$bcount += 1;
}
}
print STDOUT "\n";
}
if ($VQueCount > 0) {
my $bcount = 6;
print STDOUT "\t Virus = " . $VQueCount;
foreach my $msgid ( @VirQuar) {
if ( $bcount > 3 ) {
print STDOUT "\n\t\t" . $msgid ;
$bcount= 1;
} else {
print STDOUT ", " . $msgid ;
$bcount += 1;
}
}
print STDOUT "\n";
}
}
if ($DefCount > 0) { # we had 1 or more deferred emails
print STDOUT "Unique Deferred messages = " . $DefCount . "\n";
foreach my $msgid ( keys %Deferred ) {
print STDOUT "\t" . $msgid . " occured " . $Deferred{$msgid} . " times\n\t\taddressed to ";
print STDOUT $DefTo{$msgid} . "\n\t\tvia relay " . $DefRelay{$msgid} . "\n\t\tLast responce at ". $DefTime{$msgid} . " was:\n";
print STDOUT "\t" . $DefMessage{$msgid} . "\n";
}
} | ./spam.pl to run? that's it?  |
07-01-2009, 10:50 AM
| | |
Quote:
Originally Posted by andremta I mean... what % of the received emails from my server is actually SPAM? | Have you looked at the graphs in the Admin GUI? See attached screen clip
__________________
Cheers,
Dan
|
07-01-2009, 11:13 AM
| | |
Quote:
Originally Posted by dwmtractor Have you looked at the graphs in the Admin GUI? See attached screen clip | Hello,
I can see the graphic perfectly, although that doesn't point me to specific values.
Example:
Total emails: 152
Spam emails: 92
Spam ration: 59% |
07-01-2009, 11:23 AM
| | |
Yeah, I've actually wondered why they don't put a simple text-numeric summary under those graphs. It's not like the calculations aren't being done. If you want, file an enhancement request on Bugzilla. It'd make sense.
__________________
Cheers,
Dan
|
07-01-2009, 11:31 AM
| | |
Quote:
Originally Posted by dwmtractor Yeah, I've actually wondered why they don't put a simple text-numeric summary under those graphs. It's not like the calculations aren't being done. If you want, file an enhancement request on Bugzilla. It'd make sense. | Another thing... I get ALOT of spam in my zimbra.log, as you can see: Quote:
andre@server:~$ dnsblcount /var/log/zimbra.log
zen.spamhaus.org 504
=================================
Total DNSBL rejections: 504
atenreiro@intranet:~$
| Although my spam graphic does not really show alot of spam: SS-20090701182804.png
Why the amavis is not showing the spam accordingly? |
07-01-2009, 11:41 AM
| | |
I may be wrong here, and I'd welcome correction by the more experienced Zimbrians, but I believe that this graph only shows you what was marked as spam by SpamAssassin. The RBLs result in rejections that hit using a separate subroutine before SA gets a crack at the message, and thus they don't get included in the total.
Perhaps they ought to. . .it would definitely make our graphs (and those numbers we are asking for  ) look more impressive, but I think that's how it works.
__________________
Cheers,
Dan
| | Thread Tools | | | | Display Modes |  Linear Mode | | Why Join? Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.   |
Bugzilla
Wiki
Source
