Monitor and notify of email floods?
Posted: Thu Jul 15, 2010 12:59 pm
Anyone know of a script/app that monitors incoming mail and can notify when a flood is detected? Would be similar to BFD for APF.
I have one customer in particular who receives 300+ spam per day that is not getting picked up by spamassassin for some bloody reason. I've got dcc/pyzor/razor, as current rules as possible, and its well trained. Also using spamhaus/spamcob DNSBL and greylisting ... so who knows.
The emails they receive seem to come in chunks from the same domain, then it switches to another domain, so I'd like to setup something to monitor incoming mail at the server level and notify me when X amount of emails come in from the same domain, within a X amount of time ...
I could do it by forwarding emails to a PHP script, but that would be very CPU intensive... even more so I beleive.
Anyhow - any suggestions would be great.
Luke
I have one customer in particular who receives 300+ spam per day that is not getting picked up by spamassassin for some bloody reason. I've got dcc/pyzor/razor, as current rules as possible, and its well trained. Also using spamhaus/spamcob DNSBL and greylisting ... so who knows.
The emails they receive seem to come in chunks from the same domain, then it switches to another domain, so I'd like to setup something to monitor incoming mail at the server level and notify me when X amount of emails come in from the same domain, within a X amount of time ...
I could do it by forwarding emails to a PHP script, but that would be very CPU intensive... even more so I beleive.
Anyhow - any suggestions would be great.
Luke