[Novalug] More on spam-fighting

unix@bikesn4x4s.com unix@bikesn4x4s.com
Fri Mar 7 09:58:27 EST 2008


On Fri, March 7, 2008 4:02 am, DonJr wrote:
> On Fri, 2008-03-07 at 01:40 -0500, unix@bikesn4x4s.com wrote:
>> On Wed, March 5, 2008 11:33 pm, DonJr wrote:
>> > On Wed, 2008-03-05 at 22:02 -0500, Paul wrote:
>> >> On Mon, March 3, 2008 1:30 pm, David A. Cafaro wrote:
>> >> > You make the change in your main.cf file (for postfix):
>> >> >
>  <SNIP see archives>
>
>> >> Cause right now, the "sbl-xbl.spamhaus.org" was't doing to great:
>> >> # awk '/reject/ && /spamhaus/ && /Mar  [4-5]/' maillog | wc -l;awk
>> >> '/reject/ && /sorbs/ && /Mar  [4-5]/' maillog | wc -l
>> >> 4
>> >> 9
>> >
>> > Why don't you get your count by:
>> >  # awk '/reject/ && /Mar  [4-5]/{shs+=($0 ~ /spamhaus/); sbs+=($0 ~
>> > /sorbs/);}END{print "spamhaus =",shs;print "sorbs =",sbs;}'  maillog
>> >
>> > Which only reads through the 'maillog' file one time.
>>
>> I'm still soaking that one in, nice.  I'm testing 3 lists now, and so
>> far,
>> spamhaus is kick'n ars.  Looks like I be dropping sorbs very soon.
>>
>> I add to yours:
>> # awk '/reject/ && /Mar  [6-9]/{shs+=($0 ~ /spamhaus/);dbl+=($0
>> ~/dbl/);sbs+=($0 ~/sorbs/);}END{print "spamhaus =",shs;print "sorbs
>> =",sbs;print "dsbl =",dbl;}'  maillog
>> spamhaus = 12
>> sorbs = 0
>> dsbl = 0
>>
>> It's always fun to read other's resolve.  I'm used to just whipping
>> scrips
>> up so fast on the fly, that I usually don't have time to find better
>> ways,
>> but here is another that comes to my mind:
>>
>> # VAR=`awk '/reject/ && /Mar  [6-9]/' maillog`;echo $VAR | sed 's/\
>> /\n/g'
>> | grep zen.spamhaus.org | wc -l;echo $VAR | sed 's/\ /\n/g' | grep
>> list.dsbl.org |wc -l;echo $VAR | sed 's/\ /\n/g' | grep dnsbl.sorbs.net
>> |
>> wc -l
>> 13
>> 0
>> 0
>>
>> But your's is definitely more clean and less convoluted than mine.  I
>> need
>> to soak it all in for a bit.  ;->
>
> Then how about
>   VAR=$(grep -c 'reject.*Mar  [4-5]' maillog | sed 's/\ /\n/g');
>   echo $VAR | grep --count zen.spamhaus.org;
>   echo $VAR | grep --count dnsbl.sorbs.net;
>
> "man grep"
>    -c, --count
>      Suppress normal output; instead print a count of matching lines
>      for each input file.
>
>
> And yes I do type lines like this in on the fly at times.

OK, rub it in.  I'll be there some day.  Thanks for that one, I like it. 
I missed that one,  Was doing all kind of man pages last night, lol.  OK,
now off to my virtual class...






More information about the Novalug mailing list