Accounting for spam

Since I wrote about my new anti-spam measures, the spam has been furiously banging up against my virtual front door.

Talking to a colleague on IRC tonight, I was inspired to write a quick Ruby script to report the progress since last Sunday:

#!/usr/bin/ruby -w
 
reject = Hash.new( 0 )
 
while line = ARGF.gets
  case line
  when /un(verified|deliverable) address/
    next
  when /554 Service unavailable.* (blocked using .+?);/
    reject[$1] +=1
  when /NOQUEUE: reject:(?:.+?:.+?: )(.+?)[;:] from/
    reject[$1] +=1
  when /reject: header .+helo=.+?: (.+)$/
    reject[$1] +=1
  end
end
 
total = 0
reject = reject.to_a.sort { |a,b| a[1] <=> b[1] }
reject.each do |x|
  printf( "%-74s%5d\n", x[0], x[1] )
  total += x[1]
end
 
printf( "\n%-74s%5d\n", "Total blocked:", total )

Here are the results:

Bad attachment with file name extension: bat 1
Bad attachment with file name extension: cpl 1
Sender address rejected: need fully-qualified address 2
Sender address rejected: Improper use of SMTP command pipelining 3
Bad attachment with file name extension: exe 5
Bad attachment with file name extension: com 8
Relay access denied 9
Bad attachment with file name extension: scr 12
Bad attachment with file name extension: pif 25
Helo command rejected: Improper use of SMTP command pipelining 27
blocked using sbl-xbl.spamhaus.org 30
Helo command rejected: Host not found 58
Helo command rejected: need fully-qualified hostname 124
blocked using dnsbl.sorbs.net 155
blocked using bl.spamcop.net 290
Sender address rejected: Domain not found 1619
Recipient address rejected: User unknown in local recipient table 6659
Total blocked 9028

All in all, I’m very pleased. Very little spam is making it through now. For the spam that does make it into the system, I also upgraded to a recent CVS snapshot of SpamAssassin this afternoon, so most of it still gets zapped before making it to the in-box of any of my users.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>