Free Software

Back to resources.
Back to web site.

 

mrtg-spamscorer.pl

v.1.3 - 1/1/2004

Send a notice to this e-mail address when software is updated:

Overview

Mrtg-spamscorer uses MRTG to graph the average junk mail score during a given interval by MailScanner and SpamAssassin by examining the system mail log. (It may also work with minor modification on standalone SpamAssassin installations.)

We define the MRTG redline to divide SPAM between "low" and "high" scoring based on your rules. (You will need to set this accordingly.) On our system, any mail above the redline is automatically deleted and forwarded to our blackhole for the record. This provides a good visual borderline so that we see what percentage of mail is going where.

Each average (low scoring vs. high scoring) is represented by a different color. In the example, low scoring is lighter blue and high scoring is darker blue.

Downloading

The perl script can be found here. Refer to the next section for configuration information.

mrtg-spamscorer.pl  (v1.3 - 4.6k)

Implementation

Modify the high score and interval lines in the mrtg-spamscorer.pl file to suit your configuration. We have found that the results are more readable when using a 30 minute average rather than 5 mins.

# Global Vars
$IntMins = "30"; # Set this to your MRTG interval
$HighScore = "9"; # Set this to your MailScanner high score

Place the mrtg-spamscorer.pl file wherever you like to keep your MRTG scripts. Add a similar entry to your mrtg.cfg file and you'll be graphing...

# Spam Score Averages
Target[ssavg]: `/usr/local/mrtg-2/bin/mrtg-spamscorer.pl`
Title[ssavg]: Average Spam Scores
PageTop[ssavg]: <H1>Average Spam Scores</H1>
XSize[ssavg]: 360
YSize[ssavg]: 75
MaxBytes[ssavg]: 9
AbsMax[ssavg]: 100
YLegend[ssavg]: scores
ShortLegend[ssavg]: scores
Options[ssavg]: growright,nopercent,gauge
Legend1[ssavg]: Points
Legend2[ssavg]: Points
LegendI[ssavg]: &nbsp;Probable Spam Avg Score&nbsp;
LegendO[ssavg]: &nbsp;Definite Spam Avg Score&nbsp;
Colours[ssavg]: DKBLUE#61A0DF,DKBLUE#0000DD,RED#FF0000,RED#FF0000

Take Note: the MaxBytes number should be your "high scoring" SPAM number.

Sample Graphs

Here are some sample graphs: (v1.2 will produce slightly different results. Be patient as we update.)

`Daily' Graph (5 Minute Average)
day
Max  Score    37.0 score Average  Score    11.0 score Current  Score    24.0 score
`Weekly' Graph (30 Minute Average)
week
Max  Score    16.0 score Average  Score    10.0 score Current  Score    15.0 score

Here are some from a couple more systems:

`Daily' Graph (5 Minute Average)
day
Max  Score    7.0 score Average  Score    1.0 score Current  Score    0.0 score

The Monthly graph is even more obvious: (we haven't been running this long, so please excuse the mess)

`Monthly' Graph (2 Hour Average)
month
Max  Score   14.0 score Average  Score   6.0 score Current  Score   0.0 score

Feedback / Questions

This is a very basic program providing only one set of information on SpamAssassin and MailScanner filtering. See MailScanner-MRTG for scripts to graph spam and viruses caught, as well as other useful info.

Anyhow, if you find this script useful, please let us know.

E-Mail: contact@csma.biz.

 
Copyright (c) 2003, Corey S. McFadden & Associates. All rights reserved.
 For more information, please contact contact@csma.biz. Served via ewrgga-hst01 .