EXIM Outgoing SPAM Detection




 Note that this is of course not a one-step solution to dealing with outgoing SPAM – but it does help, and saves manual labour. The script itself is very simple, and what it does is:


It runs the following command:


grep cwd /var/log/exim_mainlog | grep -v /var/spool | awk -F”cwd=” ‘{print $2}’ | awk ‘{print $1}’ | sort | uniq -c | sort -n


It then parses the output of the above. If any output is above your pre-defined limit, it will send an e-mail alert.


There are two configuration files. One is whitelist.txt – in this file, you’ll add the full path to any script you wish to whitelist (which then won’t generate alerts). Use this for scripts that are above the limit, but that you’ve verified are not sending out SPAM. Add each exception on a new line.

domain name search

/home/user1/public_html/wp-content/

/home/user2/public_html

The second is mail_addr.txt, in which you add each e-mail you want alerts sent to. Each e-mail should be added on a new line.

Quote Originally Posted by Example mail_addr

alerts@yourcompany.com

contact@fbi.gov


The folder “logs” will contain the output of the script, basically any users above the limit that aren’t white-listed.


Here is the setup Instructions.

1. Open fetch.sh with your favorite text editor


LIMIT=

Set this to whatever number of e-mails the script should trigger alerts at. Defaults to 500.


MAIL_LIST=

Full path to the list of e-mails alerts should be sent to


WHITELIST=

Full path to the whitelist text file.


FETCH_FILE=

Temporary file, can be left as default.

SPAMMER_LIST=

Edit the path to reflect where you want logs stored.


2. Place the script at your desired location on the server, and set up a cron job for it to run.

The script can be called with parameters as well.

This is an example cron, running the script every 6 hours, with a limit of 1000.

0 */6 * * * /your/script/location/fetch.sh -l 1000

Comments

Post a Comment

Popular posts from this blog

Restart DNS Client Service Windows 10: Step By Step Guide

  Restart DNS client service windows 10 , connectivity is paramount. Whether you’re browsing the web, streaming content, or engaging in online gaming, a stable and efficient internet connection is indispensable. However, even the most robust systems can encounter hiccups, and one common issue that Windows 10 users may face is DNS-related problems. Fortunately, there’s a simple solution that often resolves such issues: restarting the DNS Client Service. Understanding DNS and Its Importance Before delving into the intricacies of the DNS Client Service in Windows 10, let’s first grasp the concept of DNS (Domain Name System). DNS is like the internet’s phonebook, translating human-readable domain names (e.g., www.example.com) into machine-readable IP addresses (e.g., 192.0.2.1). Every time you type a URL into your browser, your device consults DNS servers to locate the corresponding IP address and establish a connection. The Role of DNS Client Service in Windows 10 In Windows 10, the D...
Read more

Comprehensive Guide to Domain Hosting Services in Pickering

Image
In today's digital age, having an online presence is crucial for businesses of all sizes. Whether you're a startup or an established enterprise, your website acts as the face of your brand on the internet. To ensure your website is accessible and performs optimally, choosing the right domain hosting service is essential. If you're based in Pickering, Ontario, or serving clients in this area, understanding the local hosting landscape can give you a significant edge. This comprehensive guide explores domain hosting services in Pickering, highlighting key factors to consider and the benefits of local hosting. Why Choose Local Domain Hosting Services? Enhanced Performance and Speed Local hosting providers offer servers located near your target audience, reducing latency and improving load times. For businesses in Pickering, this means faster website performance for local visitors, leading to a better user experience. Improved SEO Rankings Search engines like Google consider web...
Read more

Advance Server Bangladesh

Image
With rapid advancement in technology, businesses, developers, and individuals need reliable server solutions to keep pace with increasing data requirements. An Advance Server gives optimum speed, flexibility, and control which is important for running applications, websites, and backend systems. If you’re looking for an Advance Server in Bangladesh, look no further than BDWEBIT; they are one of the best in the market. In this post, we are going to cover: the definition of an Advance Server, its associated benefits, and BDWEBIT’s key distinguishing factors among other server providers in Bangladesh. What is an Advance Server? As the name suggests, an Advance Server is a high-performance one and gives users dedicated resources like a CPU, RAM, and storage. Compared to shared hosting, an advance server gives more flexibility in server configuration, security, and software installation control. The following are a few use cases for these servers: Large scale website hosting Custom software...
Read more