[Greylist-users] How do you know when you are ready?
Franck Arnaud
franck at nenie.org
Wed Feb 25 20:25:45 PST 2004
Tom Haapanen:
> familiarity with MySQL, it's easy to do ad hoc queries and there is a
> lot of added value to the database. e.g.
You can also get a lot of mileage from unix tools, surely
it's not as complete and clean as SQL, but with data in
friendly format, it's quite usable.
The examples below are on the log database as I use that
more commonly, it has the same DB-in-filesystem structure
(1 file per session) and contains more info than the greylist
directory (which is really like a fast index/cache of the
log database, it has no info which is not in the log DB.)
> Q: How many mail attempts were blocked yesterday?
grep REJECT log/20040225/* | wc -l
> Q: Which users get the most mail?
cat log/*/* | cut -d ' ' -f 5 |sort|uniq -c|sort
> Q: How much activity has there been each day?
du -s log/*
(crudely)
> Q: What servers have been getting through a lot?
grep OK log/*/* | cut -d ' ' -f 3 |sort|uniq -c|sort
> Finally, by having the data in the database will make it easier to
> develop second-level defences by detecting servers that send mail to
> spam traps etc.
Sure. The filesystem _is_ a database, just in a different
format. It would not be appropriate for everything, but for
that particular case it seems well suited and lightweight.
More information about the Greylist-users
mailing list