[Greylist-users] How do you know when you are ready?

Franck Arnaud franck at nenie.org
Wed Feb 25 20:25:45 PST 2004

Tom Haapanen:

> familiarity with MySQL, it's easy to do ad hoc queries and there is a 
> lot of added value to the database.  e.g.

You can also get a lot of mileage from unix tools, surely 
it's not as complete and clean as SQL, but with data in 
friendly format, it's quite usable.

The examples below are on the log database as I use that 
more commonly, it has the same DB-in-filesystem structure 
(1 file per session) and contains more info than the greylist 
directory (which is really like a fast index/cache of the 
log database, it has no info which is not in the log DB.)

> Q: How many mail attempts were blocked yesterday?

grep REJECT log/20040225/* | wc -l

> Q: Which users get the most mail?

cat log/*/* | cut -d ' ' -f 5 |sort|uniq -c|sort

> Q: How much activity has there been each day?

du -s log/*


> Q: What servers have been getting through a lot?

grep OK log/*/* | cut -d ' ' -f 3 |sort|uniq -c|sort

> Finally, by having the data in the database will make it easier to 
> develop second-level defences by detecting servers that send mail to 
> spam traps etc.

Sure. The filesystem _is_ a database, just in a different 
format. It would not be appropriate for everything, but for 
that particular case it seems well suited and lightweight.

More information about the Greylist-users mailing list