[Logwatch-Devel] Logwatch patches for solaris cron, mailscanner, and misc.

Mike Tremaine mgt@stellarcore.net
Fri, 23 Jan 2004 16:07:08 -0800


--=-MuzySAiTkfS65Zd0QVRH
Content-Type: text/plain
Content-Transfer-Encoding: 7bit


Attached is another set of patches for mailscanner and sendmail it is a
diff -r -u and assumes you already applied the first set of patches and
installed the new mailscanner conf and service.

On Sun, 2004-01-11 at 12:52, Mike Tremaine wrote:
> http://www.stellarcore.net/downloads/logwatch_patches_mgt.zip
> 
> I'll probably add some more to this specifically su under solaris needs
> some work in secure and I have some more sendmail patches to total up
> some of the output. But this is a good start.

-- 
Mike Tremaine
mgt@stellarcore.net
http://www.stellarcore.net

--=-MuzySAiTkfS65Zd0QVRH
Content-Disposition: attachment; filename=logwatch.mgt01232004.patch
Content-Type: text/x-patch; name=logwatch.mgt01232004.patch; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

diff -r -u ./scripts/services/mailscanner ../../Projects/logwatch_scn/scripts/services/mailscanner
--- ./scripts/services/mailscanner	2004-01-23 15:52:57.000000000 -0800
+++ ../../Projects/logwatch_scn/scripts/services/mailscanner	2004-01-15 20:54:00.000000000 -0800
@@ -1,6 +1,6 @@
 #!/usr/bin/perl 
 ##########################################################################
-# $Id: mailscanner,v 1.00 2004/01/09 15:42:01 kirk Exp $
+# $Id: mailscanner,v 1.4 2004/01/16 02:57:44 mgt Exp $
 ##########################################################################
 
 ########################################################
@@ -17,7 +17,12 @@
 		 ( $ThisLine =~ m/^Sender Warnings:/ ) or
          ( $ThisLine =~ m/X-Spam/ ) or
          ( $ThisLine =~ m/Using locktype = flock/ ) or
+         ( $ThisLine =~ m/SpamAssassin timed out and was killed/ ) or
          ( $ThisLine =~ m/New Batch: Found/ ) or
+         ( $ThisLine =~ m/Attempting to disinfect/ ) or
+         ( $ThisLine =~ m/Rescan found/ ) or
+         ( $ThisLine =~ m/Virus Re-scanning:/ ) or
+         ( $ThisLine =~ m/Delete bayes lockfile/ ) or
          ( $ThisLine =~ m/MailScanner E-Mail Virus Scanner version/ ) or
          ( $ThisLine =~ m/MailScanner child dying of old age/ ) or
          ( $ThisLine =~ m/MailScanner child caught a SIGHUP/ ) or
@@ -33,6 +38,9 @@
       $MailScan_Spam = $MailScan_Spam + $1;
    } elsif ( $ThisLine =~ m/Virus Scanning: Found ([0-9]+) viruses/) {
       $MailScan_Virus = $MailScan_Virus + $1;
+   } elsif ( $ThisLine =~ m/infected message .+ came from (.*)/i) {
+      $MailScan_VirualHost = $MailScan_VirualHost + 1;  		
+      $Hostlist{$1}++;
    } elsif ( $ThisLine =~ m/Content Checks: Found ([0-9]+) problems/) {
       $MailScan_Content = $MailScan_Content + $1;
    } elsif ( $ThisLine =~ m/Other Checks: Found ([0-9]+) problems/) {
@@ -82,6 +90,14 @@
     }
 }
 
+
+if (keys %Hostlist) {
+    print "\nHost Report: (Total Seen = $MailScan_ViralHost )\n";
+    foreach $ThisOne (sort keys %Hostlist) {
+       print "    " . $ThisOne . ": " . $Hostlist{$ThisOne} . " Times(s)\n";
+    }
+}
+
 if (keys %ContentType) {
     print "\nContent Report: (Total Seen = $MailScan_Content )\n";
     foreach $ThisOne (sort keys %ContentType) {
diff -r -u ./scripts/services/sendmail ../../Projects/logwatch_scn/scripts/services/sendmail
--- ./scripts/services/sendmail	2004-01-23 15:51:10.000000000 -0800
+++ ../../Projects/logwatch_scn/scripts/services/sendmail	2004-01-15 20:54:00.000000000 -0800
@@ -1,6 +1,6 @@
 #!/usr/bin/perl 
 ##########################################################################
-# $Id: sendmail,v 1.32 2003/12/15 18:09:23 kirk Exp $
+# $Id: sendmail,v 1.6 2004/01/16 01:34:17 mgt Exp $
 ##########################################################################
 
 ########################################################
@@ -122,6 +122,8 @@
 		( $ThisLine =~ m/: Service unavailable$/) or 
 		( $ThisLine =~ m/Broken pipe|Connection (reset|timed out)/ ) or
 		( $ThisLine =~ m/X-Spam/ ) or
+		( $ThisLine =~ m/^SYSERR/ ) or
+		( $ThisLine =~ m/Flushing queue from/ ) or
 		( $ThisLine =~ m/Milter message: body replaced/ ) or
 		( $ThisLine =~ m/Milter: data/ ) or
 		( $ThisLine =~ m/Milter change: header/ ) or
@@ -508,6 +510,7 @@
    foreach $Usr (sort keys %UnknownUsers) {
       foreach $QueueID (sort keys %{ $UnknownUsers{$Usr} }) {
          $SortedUsers{$Usr}{$Msgs{$QueueID}{"Relay"}}++;
+         $ukusers++;
       }
       @v = values %{$SortedUsers{$Usr}};
    }
@@ -525,6 +528,7 @@
          }
       }
    }
+   print "\n\t Total: $ukusers\n";
 }
 
 if (keys %UnknownUserscheckrcpt) {
@@ -563,7 +567,9 @@
    print "\n\nRelay attempts from known spammers:\n";
    foreach $ThisOne (sort keys %KnownSpammer) {
       print "    " . $ThisOne . ": " . $KnownSpammer{$ThisOne} . " Times(s)\n";
+      $knspam = $knspam + $KnownSpammer{$ThisOne};
    }
+   print "\n\tTotal:  $knspam\n";
 }
 
 if (keys %RelayDenied) {
@@ -571,21 +577,27 @@
    my $count = CountOrder(%RelayDenied);
    foreach $ThisOne (sort $count keys %RelayDenied) {
       print "    " . $ThisOne . ": " . $RelayDenied{$ThisOne} . " Times(s)\n";
+      $rldeny = $rldeny + $RelayDenied{$ThisOne};
    }
+   print "\n\tTotal:  $rldeny\n";
 }
 
 if (keys %CheckMailReject) {
    print "\n\nRejected incoming mail:\n";
    foreach $ThisOne (keys %CheckMailReject) {
       print "    " . $ThisOne . ": " . $CheckMailReject{$ThisOne} . " Times(s)\n";
+      $chkmreject = $chkmreject + $CheckMailReject{$ThisOne};
    }
+   print "\n\tTotal:  $chkmreject\n";
 }
 
 if (keys %CheckRcptReject) {
    print "\n\nRejected outgoing mail:\n";
    foreach $ThisOne (keys %CheckRcptReject) {
       print "    " . $ThisOne . ": " . $CheckRcptReject{$ThisOne} . " Times(s)\n";
+      $chkrereject = $chkrereject + $CheckRcptReject{$ThisOne};
    }
+   print "\n\tTotal:  $chkrereject\n";
 }
 
 if (keys %LostInputChannel) {
@@ -627,10 +639,13 @@
    print "\n\nBlackHole Totals:\n";
    foreach $ThisOne (sort keys %BlackHoles) {
       print "    " . $ThisOne . ": " . $BlackHoles{$ThisOne} . " Times(s)\n";
+      $blktotal = $blktotal + $BlackHoles{$ThisOne};
    }
-   print "\nBlackholed:\n";
-   foreach $ThisOne (sort keys %BlackHoled) {
-      print "    " . $ThisOne . ": " . $BlackHoled{$ThisOne} . " Times(s)\n";
+   if ($Detail >= 10) {
+      print "\nBlackholed:\n";
+      foreach $ThisOne (sort keys %BlackHoled) {
+         print "    " . $ThisOne . ": " . $BlackHoled{$ThisOne} . " Times(s)\n";
+      }
    }
 }
 
@@ -639,7 +654,9 @@
    my $count = CountOrder(%DomainErrors);
    foreach $ThisOne (sort $count keys %DomainErrors) {
       print "    " . $ThisOne . ": " . $DomainErrors{$ThisOne} . " Times(s)\n";
+      $domainer = $domainer + $DomainErrors{$ThisOne};
    }
+   print "\n\tTotal:  $domainer\n";
 }
 
 if (keys %AuthWarns) {
@@ -654,7 +671,9 @@
    my $count = CountOrder(%UnknownHosts);
    foreach $ThisOne (sort $count keys %UnknownHosts) {
       print "    " . $ThisOne . ": " . $UnknownHosts{$ThisOne} . " Times(s)\n";
+      $uknhosts = $uknhosts + $UnknownHosts{$ThisOne};
    }
+   print "\n\tTotal:  $uknhosts\n";
 }
 
 if (keys %UnresolvedDomains) {
@@ -662,7 +681,9 @@
    my $count = CountOrder(%UnresolvedDomains);
    foreach $ThisOne (sort $count keys %UnresolvedDomains) {
       print "    " . $ThisOne . ": " . $UnresolvedDomains{$ThisOne} . " Times(s)\n";
+      $ukndomain = $ukndomain + $UnresolvedDomains{$ThisOne};
    }
+   print "\n\tTotal:  $ukndomain\n";
 }
 
 if (keys %Timeouts) {
@@ -747,6 +768,13 @@
    }
 }
 
+#Besure to add any newones to this total -mgt
+$TotalRejected = $ukusers + $rldeny + $knspam + $blktotal + $ukndomain + $uknhosts + $chkmreject + chkrereject;
+if ( $TotalRejected > 0 ) {
+   print "\n\nSummary:\n";
+   print "\tTotal Mail Rejected: $TotalRejected\n";
+}
+
 exit(0);
 
 # vi: shiftwidth=3 tabstop=3 et

--=-MuzySAiTkfS65Zd0QVRH--