S25R 拒絶ログソーティングスクリプト
をテンプレートにして作成
[
トップ
] [
新規
|
一覧
|
検索
|
最終更新
|
ヘルプ
|
ログイン
]
開始行:
[[阻止率99%のスパム対策方式の研究報告]]
https://www.thousand-winds.jp/cgi-bin/s25r_s.cgi
http://mail.kuji-clinic.info/cgi-bin/s25r/s25r_s.cgi
http://mail.smb.net/cgi-bin/s25r_s.cgi
http://mail.smb.net/cgi-bin/s25r_s7.cgi
http://mail.smb.net/cgi-bin/s25r.cgi
CONTENTS
#contents
----
Lastmodified &lastmod;
----
*特定の from アドレスを許可する [#a2845d3d]
http://www.aishinsys.co.jp/wordpress/?p=102
*white-list.txt [#ga2915be]
http://www.gabacho-net.jp/anti-spam/white-list.html
ダウンロードしたwhite-list.txtファイルを/usr/local/etc/po...
/usr/local/etc/postfix/main.cf
smtpd_client_restrictions =
permit_mynetworks,
check_client_access regexp:/usr/local/etc/postfix/white...
check_client_access regexp:/usr/local/etc/postfix/white...
check_client_access regexp:/usr/local/etc/postfix/rejec...
*s25rのログ検索のためpermisssion変更 [#w2e6b7e8]
/etc/newsyslog.conf
#/var/log/maillog 640 7 * @T00 C
########## s25r log検索のため 644 へ 20120823 ######...
/var/log/maillog 644 7 * @T00 C
*/var/log/mail.0.log.bz2 の解凍 [#vd52c456]
解析可能にするために既に圧縮済みであれば、解凍する。
-rw-r----- 1 root wheel 19915 Aug 11 07:13 mail...
-rw-r----- 1 root wheel 11867 Aug 11 00:00 mail...
-rw-r----- 1 root wheel 11825 Aug 10 00:00 mail...
-rw-r----- 1 root wheel 14997 Aug 9 00:00 mail...
-rw-r----- 1 root wheel 16721 Aug 8 00:00 mail...
-rw-r----- 1 root wheel 91912 Aug 7 00:00 mail...
-rw-r----- 1 root wheel 24205 Aug 6 00:00 mail...
-rw-r----- 1 root wheel 28757 Aug 5 00:00 mail...
# bunzip2 maillog.*.bz2
# chmod 644 maillog*
*拒絶ログソーティングスクリプト FreeBSD 9.0用 [#b93f1357]
オリジナルのままだとエラーするので、ちょっと改訂。
#ref(s25r_s.cgi)
【変えた所】
-何故か手元のmail server だと、charset=iso-8859-1をいれな...
-あと、gawkをインストールしても、broken pipeになるっぽい...
--- s25r_orig.cgi 2012-08-23 12:55:46.000000000 +0900
+++ s25r.cgi 2012-08-23 10:44:07.000000000 +0900
@@ -1,12 +1,14 @@
#!/bin/sh
-echo "Content-Type: text/plain"
+echo "Content-type: text/plain; charset=iso-8859-1"
+#echo "Content-Type: text/plain"
echo
echo "Mail rejection log"
echo
-cat /var/log/maillog.4 /var/log/maillog.3 /var/log/mail...
- /var/log/maillog.1 /var/log/maillog | \
+cat /var/log/maillog.4 /var/log/maillog.3 /var/log/mail...
+#cat /var/log/maillog | \
grep 'reject:' | \
-gawk '
+#gawk '
+awk '
BEGIN {
count=0
}
--- s25r_s_orig.cgi 2012-08-23 12:56:33.000000000 +0900
+++ s25r_s.cgi 2012-08-23 11:16:48.000000000 +0900
@@ -1,5 +1,6 @@
#!/bin/sh
-echo "Content-Type: text/plain"
+echo "Content-type: text/plain; charset=iso-8859-1"
+#echo "Content-Type: text/plain"
echo
echo "Mail rejection log (450 Client host rejected) - s...
echo
@@ -14,10 +15,10 @@
#
# (3) Extract essential items.
#
-gawk '
+awk '
{
client=substr($0, match($0, /from [^]]+\]/)+5, RLENGT...
- sub(/\[/, " [", client)
+ gsub(/\[/, " [", client)
sender=substr($0, match($0, /from=<[^>]*>/), RLENGTH)
rcpt=substr($0, match($0, /to=<[^>]*>/), RLENGTH)
helo=substr($0, match($0, /helo=<[^>]*>/), RLENGTH)
@@ -27,7 +28,7 @@
#
# (4) Convert month names into month numbers.
#
-gawk '
+awk '
BEGIN {
month_num["Jan"]=1
month_num["Feb"]=2
@@ -59,7 +60,7 @@
#
# (6) Insert a blank line between records with a differ...
#
-gawk '
+awk '
BEGIN {
prev_triplet=""
}
@@ -75,7 +76,7 @@
#
# (7) Convert retry records in a sequence into one line.
#
-gawk '
+awk '
BEGIN {
RS=""
}
@@ -91,7 +92,7 @@
#
# (9) Reconvert retry records in a sequence into multip...
#
-gawk '
+awk '
{
gsub(/\036/, "\n")
print
@@ -101,7 +102,7 @@
#
# (10) Reconvert month numbers into month names.
#
-gawk '
+awk '
BEGIN {
month_name[1]="Jan"
month_name[2]="Feb"
@@ -128,7 +129,7 @@
#
# (11) Output sorted records with counting.
#
-gawk '
+awk '
BEGIN {
Suppress_single_access_records=0
RS=""
*拒絶ログソーティングスクリプト [#he3ee23b]
オリジナルは、こちら。
http://www.gabacho-net.jp/anti-spam/log-sorting-script.html
試しに実行してみると、
[Thu Aug 23 08:26:18 2012] [error] [client 210.255.122.2...
というエラー(´・ω・`)なので、
hotshot# portinstall japanese/gawk
hotshot# rehash
した。けど、何故か broken pipe の嵐になるので、gawk やめ...
**必要な設定 [#i5ce8efc]
HTTPデーモンの権限でメールログファイルが読めるようにア...
hotshot# chmod 644 /var/log/maillog*
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
----
Total access &counter(total);:本日 &counter(today);:昨...
#counter([total|today|yesterday]);
終了行:
[[阻止率99%のスパム対策方式の研究報告]]
https://www.thousand-winds.jp/cgi-bin/s25r_s.cgi
http://mail.kuji-clinic.info/cgi-bin/s25r/s25r_s.cgi
http://mail.smb.net/cgi-bin/s25r_s.cgi
http://mail.smb.net/cgi-bin/s25r_s7.cgi
http://mail.smb.net/cgi-bin/s25r.cgi
CONTENTS
#contents
----
Lastmodified &lastmod;
----
*特定の from アドレスを許可する [#a2845d3d]
http://www.aishinsys.co.jp/wordpress/?p=102
*white-list.txt [#ga2915be]
http://www.gabacho-net.jp/anti-spam/white-list.html
ダウンロードしたwhite-list.txtファイルを/usr/local/etc/po...
/usr/local/etc/postfix/main.cf
smtpd_client_restrictions =
permit_mynetworks,
check_client_access regexp:/usr/local/etc/postfix/white...
check_client_access regexp:/usr/local/etc/postfix/white...
check_client_access regexp:/usr/local/etc/postfix/rejec...
*s25rのログ検索のためpermisssion変更 [#w2e6b7e8]
/etc/newsyslog.conf
#/var/log/maillog 640 7 * @T00 C
########## s25r log検索のため 644 へ 20120823 ######...
/var/log/maillog 644 7 * @T00 C
*/var/log/mail.0.log.bz2 の解凍 [#vd52c456]
解析可能にするために既に圧縮済みであれば、解凍する。
-rw-r----- 1 root wheel 19915 Aug 11 07:13 mail...
-rw-r----- 1 root wheel 11867 Aug 11 00:00 mail...
-rw-r----- 1 root wheel 11825 Aug 10 00:00 mail...
-rw-r----- 1 root wheel 14997 Aug 9 00:00 mail...
-rw-r----- 1 root wheel 16721 Aug 8 00:00 mail...
-rw-r----- 1 root wheel 91912 Aug 7 00:00 mail...
-rw-r----- 1 root wheel 24205 Aug 6 00:00 mail...
-rw-r----- 1 root wheel 28757 Aug 5 00:00 mail...
# bunzip2 maillog.*.bz2
# chmod 644 maillog*
*拒絶ログソーティングスクリプト FreeBSD 9.0用 [#b93f1357]
オリジナルのままだとエラーするので、ちょっと改訂。
#ref(s25r_s.cgi)
【変えた所】
-何故か手元のmail server だと、charset=iso-8859-1をいれな...
-あと、gawkをインストールしても、broken pipeになるっぽい...
--- s25r_orig.cgi 2012-08-23 12:55:46.000000000 +0900
+++ s25r.cgi 2012-08-23 10:44:07.000000000 +0900
@@ -1,12 +1,14 @@
#!/bin/sh
-echo "Content-Type: text/plain"
+echo "Content-type: text/plain; charset=iso-8859-1"
+#echo "Content-Type: text/plain"
echo
echo "Mail rejection log"
echo
-cat /var/log/maillog.4 /var/log/maillog.3 /var/log/mail...
- /var/log/maillog.1 /var/log/maillog | \
+cat /var/log/maillog.4 /var/log/maillog.3 /var/log/mail...
+#cat /var/log/maillog | \
grep 'reject:' | \
-gawk '
+#gawk '
+awk '
BEGIN {
count=0
}
--- s25r_s_orig.cgi 2012-08-23 12:56:33.000000000 +0900
+++ s25r_s.cgi 2012-08-23 11:16:48.000000000 +0900
@@ -1,5 +1,6 @@
#!/bin/sh
-echo "Content-Type: text/plain"
+echo "Content-type: text/plain; charset=iso-8859-1"
+#echo "Content-Type: text/plain"
echo
echo "Mail rejection log (450 Client host rejected) - s...
echo
@@ -14,10 +15,10 @@
#
# (3) Extract essential items.
#
-gawk '
+awk '
{
client=substr($0, match($0, /from [^]]+\]/)+5, RLENGT...
- sub(/\[/, " [", client)
+ gsub(/\[/, " [", client)
sender=substr($0, match($0, /from=<[^>]*>/), RLENGTH)
rcpt=substr($0, match($0, /to=<[^>]*>/), RLENGTH)
helo=substr($0, match($0, /helo=<[^>]*>/), RLENGTH)
@@ -27,7 +28,7 @@
#
# (4) Convert month names into month numbers.
#
-gawk '
+awk '
BEGIN {
month_num["Jan"]=1
month_num["Feb"]=2
@@ -59,7 +60,7 @@
#
# (6) Insert a blank line between records with a differ...
#
-gawk '
+awk '
BEGIN {
prev_triplet=""
}
@@ -75,7 +76,7 @@
#
# (7) Convert retry records in a sequence into one line.
#
-gawk '
+awk '
BEGIN {
RS=""
}
@@ -91,7 +92,7 @@
#
# (9) Reconvert retry records in a sequence into multip...
#
-gawk '
+awk '
{
gsub(/\036/, "\n")
print
@@ -101,7 +102,7 @@
#
# (10) Reconvert month numbers into month names.
#
-gawk '
+awk '
BEGIN {
month_name[1]="Jan"
month_name[2]="Feb"
@@ -128,7 +129,7 @@
#
# (11) Output sorted records with counting.
#
-gawk '
+awk '
BEGIN {
Suppress_single_access_records=0
RS=""
*拒絶ログソーティングスクリプト [#he3ee23b]
オリジナルは、こちら。
http://www.gabacho-net.jp/anti-spam/log-sorting-script.html
試しに実行してみると、
[Thu Aug 23 08:26:18 2012] [error] [client 210.255.122.2...
というエラー(´・ω・`)なので、
hotshot# portinstall japanese/gawk
hotshot# rehash
した。けど、何故か broken pipe の嵐になるので、gawk やめ...
**必要な設定 [#i5ce8efc]
HTTPデーモンの権限でメールログファイルが読めるようにア...
hotshot# chmod 644 /var/log/maillog*
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.2...
----
Total access &counter(total);:本日 &counter(today);:昨...
#counter([total|today|yesterday]);
ページ名:
![[PukiWiki]](image/pukiwiki.png "[PukiWiki]")
