Page 1 of 1
sa-update report?
Posted: Fri Sep 19, 2008 9:57 pm
by Galactic Zero
When sa-update's during cron does it generate a report that could be picked up in log watch?
Also is there a way to see how much spam is being blocked from SA? Something akin to this:
Total Received:---------5,152,783
Blocked:----------------4,921,289
Blocked: Virus-----------------712
Rate Controlled:-------------6,692
Quarantined:---------------31,072
Allowed: Tagged------------36,235
Allowed:----------------156,783
Thanks...
Current output of sa-learn --dump magic -u qscand -C /var/spool/qscan'
[root@gz ~]# sal
0.000 0 3 0 non-token data: bayes db version
0.000 0 313552 0 non-token data: nspam
0.000 0 33617 0 non-token data: nham
0.000 0 120287 0 non-token data: ntokens
0.000 0 1221049848 0 non-token data: oldest atime
0.000 0 1221854491 0 non-token data: newest atime
0.000 0 0 0 non-token data: last journal sync atime
0.000 0 1221762032 0 non-token data: last expiry atime
0.000 0 742512 0 non-token data: last expire atime delta
0.000 0 0 0 non-token data: last expire reduction count
Posted: Fri Sep 26, 2008 11:13 am
by exi1ed0ne
http://www.rulesemporium.com/programs/sa-stats.txt
It won't get you everything, but it will give you a nice report that looks thusly
Code: Select all
Email: 756 Autolearn: 319 AvgScore: 10.71 AvgScanTime: 4.93 sec
Spam: 440 Autolearn: 268 AvgScore: 22.63 AvgScanTime: 4.90 sec
Ham: 316 Autolearn: 51 AvgScore: -5.90 AvgScanTime: 4.98 sec
Time Spent Running SA: 1.04 hours
Time Spent Processing Spam: 0.60 hours
Time Spent Processing Ham: 0.44 hours
TOP SPAM RULES FIRED
----------------------------------------------------------------------
RANK RULE NAME COUNT %OFMAIL %OFSPAM %OFHAM
----------------------------------------------------------------------
1 BAYES_99 403 53.31 91.59 0.00
2 AWL 350 82.67 79.55 87.03
3 MISSING_MID 317 76.46 72.05 82.59
4 DCC_CHECK 276 39.02 62.73 6.01
5 DIGEST_MULTIPLE 274 36.24 62.27 0.00
6 PYZOR_CHECK 243 34.66 55.23 6.01
7 RAZOR2_CHECK 242 32.01 55.00 0.00
8 RAZOR2_CF_RANGE_51_100 227 30.03 51.59 0.00
9 HTML_MESSAGE 172 42.06 39.09 46.20
10 RELAY_COUNTRY_US 162 57.54 36.82 86.39
11 RCVD_IN_BRBL 151 19.97 34.32 0.00
12 RAZOR2_CF_RANGE_E4_51_100 150 19.84 34.09 0.00
13 SUBJ_ALL_CAPS 143 18.92 32.50 0.00
14 BOTNET 135 19.44 30.68 3.80
15 SARE_FRAUD_X3 132 17.46 30.00 0.00
16 MIME_HTML_ONLY 123 16.93 27.95 1.58
17 FM_NO_TO 102 13.62 23.18 0.32
18 FORGED_MUA_OUTLOOK 91 13.23 20.68 2.85
19 SPF_PASS 91 21.96 20.68 23.73
20 SARE_CHARSET_W1251 90 11.90 20.45 0.00
21 HTML_MIME_NO_HTML_TAG 88 11.77 20.00 0.32
22 ADVANCE_FEE_2 87 11.51 19.77 0.00
23 SPF_SOFTFAIL 84 11.38 19.09 0.63
24 RELAY_COUNTRY_NG 82 10.85 18.64 0.00
25 URIBL_BLACK 82 10.85 18.64 0.00
26 RELAY_COUNTRY_ZA 82 10.85 18.64 0.00
27 RCVD_NUMERIC_HELO 81 10.71 18.41 0.00
28 RELAY_COUNTRY_GB 80 11.90 18.18 3.16
29 RAZOR2_CF_RANGE_E8_51_100 80 10.58 18.18 0.00
30 RCVD_IN_SBL 76 10.05 17.27 0.00
----------------------------------------------------------------------
TOP HAM RULES FIRED
----------------------------------------------------------------------
RANK RULE NAME COUNT %OFMAIL %OFSPAM %OFHAM
----------------------------------------------------------------------
1 BAYES_00 299 40.34 1.36 94.62
2 AWL 275 82.67 79.55 87.03
3 RELAY_COUNTRY_US 273 57.54 36.82 86.39
4 MISSING_MID 261 76.46 72.05 82.59
5 HTML_MESSAGE 146 42.06 39.09 46.20
6 DKIM_SIGNED 99 16.67 6.14 31.33
7 RCVD_IN_DNSWL_LOW 91 12.83 1.36 28.80
8 SPF_PASS 75 21.96 20.68 23.73
9 DBL_12_LETTER_FLDR 66 12.17 5.91 20.89
10 SPF_HELO_PASS 59 16.14 14.32 18.67
11 RELAY_COUNTRY_DK 34 7.14 4.55 10.76
12 RCVD_IN_DNSWL_MED 29 3.84 0.00 9.18
13 RCVD_IN_DNSWL_HI 21 2.78 0.00 6.65
14 PYZOR_CHECK 19 34.66 55.23 6.01
15 DCC_CHECK 19 39.02 62.73 6.01
16 RELAY_COUNTRY_CA 17 2.38 0.23 5.38
17 USER_IN_WHITELIST 14 1.85 0.00 4.43
18 FH_HOST_EQ_D_D_D_D 13 5.82 7.05 4.11
19 BOTNET 12 19.44 30.68 3.80
20 AS_USER_AUTH 11 1.46 0.00 3.48
21 RDNS_DYNAMIC 11 2.91 2.50 3.48
22 FM_MULTI_ODD2 11 4.63 5.45 3.48
23 TW_VC 10 1.32 0.00 3.16
24 RELAY_COUNTRY_GB 10 11.90 18.18 3.16
25 KAM_MX 10 1.46 0.23 3.16
26 FORGED_MUA_OUTLOOK 9 13.23 20.68 2.85
27 RCVD_IN_PBL 9 1.59 0.68 2.85
28 FM_NO_STYLE 8 1.19 0.23 2.53
29 RELAY_COUNTRY_NO 8 1.06 0.00 2.53
30 FH_HOST_EQ_VERIZON_P 7 0.93 0.00 2.22
----------------------------------------------------------------------