[IMail Forum] script development

[Rudy Pieruccini]

Hi all,   Just a little something I’ve been working on...   We wrote a little Perl script that breaks the log files every hour, and puts everything back in place by the end of the day.   Then it reads the partial log looking for connection errors, and it emails me the results with the ip addresses with most connection errors in that hour.   For ip addresses with more than +- 30 connection errors in that hour, we include it in the smtp block access file. Typically those ip addresses are from infected machines or mass mailers.   Even for my infected customers, this solution gave us a positive result.   The customer gets blocked, calls support, finds out that his machine is infected and needs to disinfect before he can get back to business. (* he can still get his email though) Before, customers either had no idea about the virus or just didn’t care much about it, and took to long to correct the problem. In this scenario he is obligated to fix the problem immediately.   Its been a real life saver, its been working great.   I was wondering if any of you guys are using a similar solution, and if possible give a hand on the following. I’m trying to find a way to automatically make my script write the the smtp block access file and restart the smtp service (easy). I thing it’s a binary file.   Also I’m trying to find a way to keep track of the blocked ip addresses so I could automatically block it for let’s say 24 hours and Then automatically unblock it. Too many dynamic ip’s.     If anybody want’s to take a look at the script, just let me know   Best Regards. Rudy Pieruccini Atenciosamente,   ----------------------------------------------- Rudy Pieruccini Netpoint - Internet com Qualidade Fone: (11) 3663-0300 [EMAIL PROTECTED] www.netpoint.com.br -----------------------------------------------