I guess you all know by now that I love graphs I found a new tool: http://people.ee.ethz.ch/~dws/software/mailgraph/ its called mailgraph and is supposed to display mail statistics like sent/received/rejected/spam/virus and bounced... unfortunately it will not really show spam for me and it shows a little bit too few of my virus mails ;-( first of all it is set to monitor the syslog file but I changed that to the /var/log/mail.log.ispconfigsave which seemed a better idea to me - right? I added one line to catch viruses is this ok? are there other lines indicating virus? the standard line to find infected mails is this but it does not work for me: any other idea on how to identify spam? ###edit### Or maybe you know another tool to display this kind of information graphically?
anyone got an update on this? I am using the perfect debian 3.1 setup no graphs show up at all,.... while I followed this tutorial: http://www.howtoforge.com/mail_statistics_mailgraph_pflogsumm although I must admit I had a manually installed version of rrdtool, but right now I also installed the apt-get version and still no graphs to be seen here: http://www.web-designerz.de/cgi-bin/mailgraph.cgi also the pflogsumm has this entry: which seems to be a legitimate email from ebay - does it not? on the other hand it seems its a forgery, sorry for misusing this post in case you want to help I have some more hints: it seems like an 500 server error but I can see the basic page, just not the graphs... Ok this is solved too: the mailgraph was trying to store its images here: /var/lib/mailgraph/,cgi-bin meaning inside /var/lib/mailgraph which was by default owned by www-data:www-data so I had to change to the user the suexec of that virtualhost was running no I am just wondering why the directory looks this strange: /var/lib/mailgraph/,cgi-bin?? well does not matter, but what about this: I thought I could just download the newest version 1.12 and replace the 3 files of which mailgraph consists with the newer version as debian stable is using version 1.10 but if I do this I do not see any graphs, no idea why as the directories and the owners and groups stay the same... any chance to get SA and clamav to make logs that could be used to count spam and viruses instead of having to somehow implement amavis?
I found severall issues: a) saying spamd is faster and better than spamassassin: http://mail-archives.apache.org/mod...rs/200607.mbox/<[email protected]> b) Mail::SpamAssassin::Logger http://www.annocpan.org/~FELICITY/Mail-SpamAssassin-3.1.5/lib/Mail/SpamAssassin/Logger.pm can you look at those links? there is also a Mail::SpamAssassin::Logger::File http://www.annocpan.org/~FELICITY/Mail-SpamAssassin-3.1.5/lib/Mail/SpamAssassin/Logger/File.pm and a Mail::SpamAssassin::Logger::Syslog http://www.annocpan.org/~FELICITY/Mail-SpamAssassin-3.1.5/lib/Mail/SpamAssassin/Logger/Syslog.pm I do not have any clue how to use b) and I do not know much about a)... maybe someone interested too can get me going...
Spamd is faster, but we can not simply switch from spamassassin to spamd as the spamc command that is used to send the messages to spamd does not support the commandline switch for specifying the spamassassin configuartion file that ISPConfig uses. There is a workaround for that by symlinking the spamassassin config files in every users directory but I we will have to test that in the dev branch if it is reliable.
ok thx for explaining, but how about those SA "modules" I linked above? I am not sure how these modules are to be used.. but they seem to be doing what we need: bring logging to spamassassin
I've never tested one of them, but I see no reason why they should not work if you load them in the spamassassin configuration uder /home/admispconfig/ispconfig/tools/spamassassin
hi, I'll try out Mail::SpamAssassin::Logger::Syslog that seems the most appropiate one to use but can you give me some hints about where to put?
When you search in /home/admispconfig/ispconfig/tools/spamassassin, you should find a directory with .pm (Perl modules) files in it. Put it into that directory.
Is it not a simple perl -MCPAN -e shell and than an install Mail::SpamAssassin::Logger::Syslog (I've done it on a virtula Debain OS, and it installed fine as far as I can see "/usr/bin/make install -- OK") I do also see "spamd" in the mail log files, but as it's a virtual system, and as I do not have a working mailserver setup on it I can not test the rest!
Spamassassin I am very happy with Spamassassin, read my motivation here: http://www.howtoforge.com/forums/showthread.php?t=6075&highlight=SPAMD
what I did was use the cpan method and loaded this: into the init.pre file but I see no spam log trace anywhere... neither inside mail.* neither inside syslog....
Here is an easy way how to configure mailgraph with ISPConfig. The main problem with ISPConfig's spam and virus detection system is that nor clamassassin neither spamassassin log to syslog, so mailgraph won't know anything about found spams and viruses. We will use procmail and logger to send entries to syslog files (logger is a part of bsdutils package on debian based distributions, which means it is probably already installed). First, install mailgraph: Code: apt-get install mailgraph (or use your distributions default package installer) (If you installing it from source be sure that you start it with "--ignore-localhost" option.) Start the daemon: Code: /etc/init.d/mailgraph start Copy mailgraph.cgi to a cgi-bin directory of an ISPConfig configured website which has CGI enabled. Check mailgraph in a browser. If it is working keep reading, if not, go back and doublecheck everything. Configure spam detection: add the following lines to a user's .spamassassin.rc file: Code: :0 c * ^X-Spam-Status: Yes | logger -p mail.info -t spamd spamd: identified spam Add it after the line starting with "| /home/admispconfig/ispconf...", don't forget to put an empty line between them. Configure virus detection: add the following lines to a user's .antivirus.rc file: Code: :0: * ^X-Virus-Status: Yes { :0 c | logger -p mail.info -t smtp-vilter clamd: found virus :0 /dev/null } Add it after the line starting with "| /home/admispconfig/ispconf...", don't forget to put an empty line between them. Now you have a user, with whom you can test mailgraph. Use his/her email address to test spam and virus detection: Code: mail -s spamtest [email protected] XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X . Check /var/log/mail.log. You should see a new entry, something like that: Code: Mar 7 12:20:27 isp spamd: spamd: identified spam Check mailgraph in the browser. In few minutes you should see that number of found spam is increasing. Test virus detection too, send an EICAR anti-virus test message to the same user. (you can download test files form here. Don't be afraid, it's not a virus, just a test!). Check /var/log/mail.log again. You should see a new entry, something like that: Code: Mar 7 11:37:46 isp smtp-vilter: clamd: found virus Check mailgraph in the browser. In few minutes you should see that number of found viruses is increasing. If everything is working fine you can enable configurations server-wide. Do the same changes in /root/ispconfig/isp/conf/antivirus.rc.master and /root/ispconfig/isp/conf/spamassassin.rc.master files (or use the included patch files) Keep a copy from original files, just in case... A user's config file will be updated when you change any setting on that user in ISPConfig. (or you can use this link to see how to update them in one step.) Hope it helps. T.
I woudl like to try this but I am having more serious problems: here is the url: http://www.web-designerz.de/cgi-bin/mailgraph.cgi this is web1, the suexec entry in the vhost looks like: and this entry is inside my vhost entry too: this is the output of a ls -al: so why do I get 403 errors? here is the error log of the site: why is it trying to read a .htaccess file inside cgi-bin? even saving an empty .htaccess into cgi-bin did not solve anything...
I do have an .htaccess inside /var/www/web1/web and as the scriptalias redirects from /var/www/web1/web/cgi-bin to: /var/www/web1/cgi-bin the .htaccess from there might be making problems: I have wordpress installed inside this web - can you help?
