Since I wrote about my new anti-spam measures, the spam has been furiously banging up against my virtual front door.
Talking to a colleague on IRC tonight, I was inspired to write a quick Ruby script to report the progress since last Sunday:
#!/usr/bin/ruby -w
reject = Hash.new( 0 )
while line = ARGF.gets
case line
when /un(verified|deliverable) address/
next
when /554 Service unavailable.* (blocked using .+?);/
reject[$1] +=1
when /NOQUEUE: reject:(?:.+?:.+?: )(.+?)[;:] from/
reject[$1] +=1
when /reject: header .+helo=.+?: (.+)$/
reject[$1] +=1
end
end
total = 0
reject = reject.to_a.sort { |a,b| a[1] <=> b[1] }
reject.each do |x|
printf( "%-74s%5d\n", x[0], x[1] )
total += x[1]
end
printf( "\n%-74s%5d\n", "Total blocked:", total )
Here are the results:
Bad attachment with file name extension: bat 1
Bad attachment with file name extension: cpl 1
Sender address rejected: need fully-qualified address 2
Sender address rejected: Improper use of SMTP command pipelining 3
Bad attachment with file name extension: exe 5
Bad attachment with file name extension: com 8
Relay access denied 9
Bad attachment with file name extension: scr 12
Bad attachment with file name extension: pif 25
Helo command rejected: Improper use of SMTP command pipelining 27
blocked using sbl-xbl.spamhaus.org 30
Helo command rejected: Host not found 58
Helo command rejected: need fully-qualified hostname 124
blocked using dnsbl.sorbs.net 155
blocked using bl.spamcop.net 290
Sender address rejected: Domain not found 1619
Recipient address rejected: User unknown in local recipient table 6659
Total blocked: 9028
All in all, I'm very pleased. Very little spam is making it through now. For the spam that does make it into the system, I also upgraded to a recent CVS snapshot of SpamAssassin this afternoon, so most of it still gets zapped before making it to the in-box of any of my users.