[Mimedefang] TCL stats scripts url?

Tim Kramer kramer.tim at cox.net
Tue Aug 6 20:39:00 EDT 2002


We use a slightly different method.  When a virus is detected,
the entire message is quarantined, a message sent to the
sender and an additional message is sent to "virus at mydomain.com"
containing (to, from, time, date, virus, msgID, etc.).  Another
script parses message from that mailbox and loads the data into
a MySQL server which also provides other data to our internal
web server.  Questions from management are minimized because
they have a website they can log into and print nice graphs and
tables from.  It's also nice not to have to manually type in 
the monthly virus report.  Instead a script does it.

Pros:

No additional ports need to be opened.
Able to track multiple mail servers (we use 5).
Able to survice network outages (messages containing the data
  spool up on whichever server).
Data is easily queried/sorted/reported once it's in the database.
*nix-based so highly adaptable

Cons:
Requires modifying the MD filter.
Not real time. (10-15 minutes delay, depending on the servers
  involved)
Need to know some Perl and MySQL.
Some customizing required
  wrapper needed for plotting program
  scripts that handle data and generate reports are
     specific for the site (people, e-mail addresses,
     programs involved, etc.)
*nix-based so highly adaptable (spend too much time playing
  with the code)

Most of the "cons" are trivial if you already know Perl and
some form of SQL.  It's also doable in TCL or any other
scripting language capable of conecting to mail and database
servers.

- Tim


On Tue, 2002-08-06 at 11:22, David F. Skoll wrote:
> On Tue, 6 Aug 2002, Douglas J Hunley wrote:
> 
> > where can I download the TCL scripts to generate the purdy graphs like on
> > roaringpenguin.org? thanks!
> 
> I posted one at
> http://lists.roaringpenguin.com/pipermail/mimedefang/2002-May/001192.html
> 
> The scripts rely on certain messages in the syslog, so you have to modify
> your filter to cooperate with them.
> 
> Regards,
> 
> David.
> 
> _______________________________________________
> MIMEDefang mailing list
> MIMEDefang at lists.roaringpenguin.com
> http://lists.roaringpenguin.com/mailman/listinfo/mimedefang





More information about the MIMEDefang mailing list