Re: [spamdyke-users] Spam Stats
Sergio, Eric, It's nothing really worth worldwide attention. It's a simple php script that collects data from various sources and aggregates them. Here is the relevant part: $res = sprintf( Antispam Statistics for: .date('d/m/Y', time()-86400). \n\n. Good : % 6d = %6.2f %%\n. Unsure : % 6d = %6.2f %%\n. Virus : % 6d = %6.2f %%\n. BAD Sender: % 6d = %6.2f %%\n. BAD Rcpt : % 6d = %6.2f %%\n. Pure SPAM : % 6d = %6.2f %%\n. SPAMMER : % 6d = %6.2f %%\n%s. --\n. Total : % 6d = 100.00 %%\n\n, $pure_good, 100.0 * $pure_good / $total_mails, $unsure, 100.0 * $unsure / $total_mails, $virus, 100.0 * $virus / $total_mails, $pure_spam, 100.0 * $pure_spam / $total_mails, $bad_sender, 100.0 * $bad_sender / $total_mails, $bad_rcpt, 100.0 * $bad_rcpt / $total_mails, $intrusion, 100.0 * $intrusion / $total_mails, $spamdyke, $total_mails ); It's not based on any other statistics script, as it need to serve only my own purposes. Virus stats are collected through clamav, bad_sender/rcpt are chkuser GREPs, and so on. Mirko At 16:10 02/09/2009 -0700, you wrote: Sergio Minini (NETKEY) wrote: Mirko Buffoni escribió: div class=moz-text-flowed style=font-family: -moz-fixedGoods average between 500 and 2000 daily. Figures are however pretty standard. Spamdyke filters out about 60k attempts daily. Here are yesterday stats: Good : 1025 = 0.68 % Unsure :183 = 0.12 % Virus : 62 = 0.04 % BAD Sender: 5114 = 3.40 % BAD Rcpt :212 = 0.14 % Pure SPAM : 45997 = 30.56 % SPAMMER : 97940 = 65.06 % | \.BLACKLISTED_KEYWORD : 29608 = 30.23 % \..DENIED_EARLYTALKER : 3 = 0.00 % \...DENIED_IP_IN_RDNS : 30447 = 31.09 % \DENIED_RBL_MATCH : 23268 = 23.76 % \.DENIED_SENDER_NO_MX : 13070 = 13.34 % \..DENIED_TOO_MANY_RECIPIENTS : 1 = 0.00 % \DENIED_UNQUALIFIED_RECIPIENT : 1 = 0.00 % \.TIMEOUT : 1542 = 1.57 % -- Total : 150533 = 100.00 % Mirko, nice layout of stats. Could you please share the script you are using to get them? Thanks! -Sergio Ditto! Somebody did a nice job! (I wonder if this is this based on the spamdyke-stats.pl script that Felix Buenemann did last October) Pleeeze Mirko? I'd like to include in with the qmailtoaster-plus scripts. -- -Eric 'shubes' ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Spam Stats
Mirko, That answers the 'pretty formatting' part, but the meat of the sandwich is collecting the stats. I'm afraid that Virus stats are collected through clamav, bad_sender/rcpt are chkuser GREPs, and so on leaves us hanging. :( The data collection code is what I'm most interested in. Are the stats gathered continually and stored, or are they gathered dynamically on demand? This is the code I'm most interested in. The $spamdyke part is particularly mysterious. If it's a bit disjointed that's ok. I'm sure that we can work with it. Thanks again. Mirko Buffoni wrote: Sergio, Eric, It's nothing really worth worldwide attention. It's a simple php script that collects data from various sources and aggregates them. Here is the relevant part: $res = sprintf( Antispam Statistics for: .date('d/m/Y', time()-86400). \n\n. Good : % 6d = %6.2f %%\n. Unsure : % 6d = %6.2f %%\n. Virus : % 6d = %6.2f %%\n. BAD Sender: % 6d = %6.2f %%\n. BAD Rcpt : % 6d = %6.2f %%\n. Pure SPAM : % 6d = %6.2f %%\n. SPAMMER : % 6d = %6.2f %%\n%s. --\n. Total : % 6d = 100.00 %%\n\n, $pure_good, 100.0 * $pure_good / $total_mails, $unsure, 100.0 * $unsure / $total_mails, $virus, 100.0 * $virus / $total_mails, $pure_spam, 100.0 * $pure_spam / $total_mails, $bad_sender, 100.0 * $bad_sender / $total_mails, $bad_rcpt, 100.0 * $bad_rcpt / $total_mails, $intrusion, 100.0 * $intrusion / $total_mails, $spamdyke, $total_mails ); It's not based on any other statistics script, as it need to serve only my own purposes. Virus stats are collected through clamav, bad_sender/rcpt are chkuser GREPs, and so on. Mirko At 16:10 02/09/2009 -0700, you wrote: Sergio Minini (NETKEY) wrote: Mirko Buffoni escribió: div class=moz-text-flowed style=font-family: -moz-fixedGoods average between 500 and 2000 daily. Figures are however pretty standard. Spamdyke filters out about 60k attempts daily. Here are yesterday stats: Good : 1025 = 0.68 % Unsure :183 = 0.12 % Virus : 62 = 0.04 % BAD Sender: 5114 = 3.40 % BAD Rcpt :212 = 0.14 % Pure SPAM : 45997 = 30.56 % SPAMMER : 97940 = 65.06 % | \.BLACKLISTED_KEYWORD : 29608 = 30.23 % \..DENIED_EARLYTALKER : 3 = 0.00 % \...DENIED_IP_IN_RDNS : 30447 = 31.09 % \DENIED_RBL_MATCH : 23268 = 23.76 % \.DENIED_SENDER_NO_MX : 13070 = 13.34 % \..DENIED_TOO_MANY_RECIPIENTS : 1 = 0.00 % \DENIED_UNQUALIFIED_RECIPIENT : 1 = 0.00 % \.TIMEOUT : 1542 = 1.57 % -- Total : 150533 = 100.00 % Mirko, nice layout of stats. Could you please share the script you are using to get them? Thanks! -Sergio Ditto! Somebody did a nice job! (I wonder if this is this based on the spamdyke-stats.pl script that Felix Buenemann did last October) Pleeeze Mirko? I'd like to include in with the qmailtoaster-plus scripts. -- -Eric 'shubes' ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users -- -Eric 'shubes' ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Spam Stats
Hi Eric, At 06:50 03/09/2009 -0700, you wrote: Mirko, That answers the 'pretty formatting' part, but the meat of the sandwich is collecting the stats. I'm afraid that Virus stats are collected through clamav, bad_sender/rcpt are chkuser GREPs, and so on leaves us hanging. :( You can collect data in a various amount of ways. For continuous collection I suggest to use collectd package, altough for spam/mail statistics I'm afraid you'll have to write your own plugins. To count the entries in a daily rotated log file a simple grep VIRUS FOUND clamav/current.1 | wc -l is enough. The same applies to other patterns in the log file. The data collection code is what I'm most interested in. Are the stats gathered continually and stored, or are they gathered dynamically on Since they are a daily statistic, they are collected after logfile rotation and stored/processed. Mirko ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Spam Stats
Mirko Buffoni wrote: Hi Eric, At 06:50 03/09/2009 -0700, you wrote: Mirko, That answers the 'pretty formatting' part, but the meat of the sandwich is collecting the stats. I'm afraid that Virus stats are collected through clamav, bad_sender/rcpt are chkuser GREPs, and so on leaves us hanging. :( You can collect data in a various amount of ways. For continuous collection I suggest to use collectd package, altough for spam/mail statistics I'm afraid you'll have to write your own plugins. To count the entries in a daily rotated log file a simple grep VIRUS FOUND clamav/current.1 | wc -l is enough. The same applies to other patterns in the log file. I'm very familiar with this sort of thing. The data collection code is what I'm most interested in. Are the stats gathered continually and stored, or are they gathered dynamically on Since they are a daily statistic, they are collected after logfile rotation and stored/processed. Can you share the code that does this collecting and storing?? Mirko -- -Eric 'shubes' ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Spam Stats
Hey list, I just looked at those stats and compared the output to what I am having on our boxes and I started wondering: When I check the log files, Spamdyke logs the following FILTER_RBL_MATCH : When listed in the RDNS DENIED_RBL_MATCH : For each recipient address in the mail So basically it will result in 1 FILTER match but 1 DENIED match for each mail address. Doesn't that mean that using the DENIED match will not result in the actual denied mails but rather in a much higher number? I am currently looking for both FILTER_ and DENIED_ flags and sum those up to find out how many mails I rejected - but I am guessing here that looking for FILTER_ alone would make more sense. Here my output, wrote the script today - Mirkos' output inspired me :) It's tailored to work for our environment though. Total : 1571(100.%) Legitimate : 123 (7.8200%) | |-FILTER_WHITELIST : 61 (49.5900%) | |-_RECIPIENT_WHITELIST : 61 (100.%) Rejected : 1448 (92.1700%) | |-FILTER : 539 (37.2200%) || ||- _RDNS_MISSING : 192 (35.6200%) ||- _OTHER: 12 (2.2200%) ||- _RBL_MATCH: 297 (55.1000%) || ||- _RBL_MATCH_SPAMHAUS: 171 (57.5700%) ||- _RBL_MATCH_SPAMCOP : 126 (42.4200%) | |-DENIED : 905 (62.5000%) || ||- _RDNS_MISSING : 415 (45.8500%) ||- _RBL_MATCH: 446 (49.2800%) ||- _EARLYTALKER : 0 (0%) ||- _SENDER_NO_MX : 14 (1.5400%) ||- _TOO_MANY_RECIPIENTS : 0 (0%) ||- _UNQUALIFIED_RECIPIENT: 0 (0%) | |-Clamav : 4 (.2700%) | |- Phishing : 4 (100.%) |- Trojan: 0 (0%) On Tue, 2009-09-01 at 15:52 -0500, Sam Clippinger wrote: -Original Message- From: spamdyke-users-boun...@spamdyke.org [mailto:spamdyke-users-boun...@spamdyke.org] On Behalf Of Mirko Buffoni Sent: 01 September 2009 14:27 To: spamdyke users Subject: Re: [spamdyke-users] Spam Stats Goods average between 500 and 2000 daily. Figures are however pretty standard. Spamdyke filters out about 60k attempts daily. Here are yesterday stats: Good : 1025 = 0.68 % Unsure :183 = 0.12 % Virus : 62 = 0.04 % BAD Sender: 5114 = 3.40 % BAD Rcpt :212 = 0.14 % Pure SPAM : 45997 = 30.56 % SPAMMER : 97940 = 65.06 % | \.BLACKLISTED_KEYWORD : 29608 = 30.23 % \..DENIED_EARLYTALKER : 3 = 0.00 % \...DENIED_IP_IN_RDNS : 30447 = 31.09 % \DENIED_RBL_MATCH : 23268 = 23.76 % \.DENIED_SENDER_NO_MX : 13070 = 13.34 % \..DENIED_TOO_MANY_RECIPIENTS : 1 = 0.00 % \DENIED_UNQUALIFIED_RECIPIENT : 1 = 0.00 % \.TIMEOUT : 1542 = 1.57 % -- Total : 150533 = 100.00 % -- Sebastian Grewe Jammicron | Experts in Powering Online Sales Phone 604.331.0586 x 104 Fax 604.331.0587 www.jammicron.com | www.qwik.ca ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Spam Stats
I don't have any FILTER_RBL messages. I'm using log-level=2. What log level are you using? I think that it's appropriate to count each recipient as a separate email. If the message came from a qmail server, it would be that way anyhow. And after all, that's how many messages end up being delivered. Sebastian Grewe wrote: Hey list, I just looked at those stats and compared the output to what I am having on our boxes and I started wondering: When I check the log files, Spamdyke logs the following FILTER_RBL_MATCH : When listed in the RDNS DENIED_RBL_MATCH : For each recipient address in the mail So basically it will result in 1 FILTER match but 1 DENIED match for each mail address. Doesn't that mean that using the DENIED match will not result in the actual denied mails but rather in a much higher number? I am currently looking for both FILTER_ and DENIED_ flags and sum those up to find out how many mails I rejected - but I am guessing here that looking for FILTER_ alone would make more sense. Here my output, wrote the script today - Mirkos' output inspired me :) It's tailored to work for our environment though. Total : 1571(100.%) Legitimate : 123 (7.8200%) | |-FILTER_WHITELIST : 61 (49.5900%) | |-_RECIPIENT_WHITELIST : 61 (100.%) Rejected : 1448 (92.1700%) | |-FILTER : 539 (37.2200%) || ||- _RDNS_MISSING : 192 (35.6200%) ||- _OTHER: 12 (2.2200%) ||- _RBL_MATCH: 297 (55.1000%) || ||- _RBL_MATCH_SPAMHAUS: 171 (57.5700%) ||- _RBL_MATCH_SPAMCOP : 126 (42.4200%) | |-DENIED : 905 (62.5000%) || ||- _RDNS_MISSING : 415 (45.8500%) ||- _RBL_MATCH: 446 (49.2800%) ||- _EARLYTALKER : 0 (0%) ||- _SENDER_NO_MX : 14 (1.5400%) ||- _TOO_MANY_RECIPIENTS : 0 (0%) ||- _UNQUALIFIED_RECIPIENT: 0 (0%) | |-Clamav : 4 (.2700%) | |- Phishing : 4 (100.%) |- Trojan: 0 (0%) On Tue, 2009-09-01 at 15:52 -0500, Sam Clippinger wrote: -Original Message- From: spamdyke-users-boun...@spamdyke.org [mailto:spamdyke-users-boun...@spamdyke.org] On Behalf Of Mirko Buffoni Sent: 01 September 2009 14:27 To: spamdyke users Subject: Re: [spamdyke-users] Spam Stats Goods average between 500 and 2000 daily. Figures are however pretty standard. Spamdyke filters out about 60k attempts daily. Here are yesterday stats: Good : 1025 = 0.68 % Unsure :183 = 0.12 % Virus : 62 = 0.04 % BAD Sender: 5114 = 3.40 % BAD Rcpt :212 = 0.14 % Pure SPAM : 45997 = 30.56 % SPAMMER : 97940 = 65.06 % | \.BLACKLISTED_KEYWORD : 29608 = 30.23 % \..DENIED_EARLYTALKER : 3 = 0.00 % \...DENIED_IP_IN_RDNS : 30447 = 31.09 % \DENIED_RBL_MATCH : 23268 = 23.76 % \.DENIED_SENDER_NO_MX : 13070 = 13.34 % \..DENIED_TOO_MANY_RECIPIENTS : 1 = 0.00 % \DENIED_UNQUALIFIED_RECIPIENT : 1 = 0.00 % \.TIMEOUT : 1542 = 1.57 % -- Total : 150533 = 100.00 % -- -Eric 'shubes' ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Spam Stats
Hey Eric, Yeah, my log level is higher - didn't think about that. I was more thinking about a statistic for the incoming connection. If you look at it as a mail counter for mails being delivered, yeah, DENIED makes way more sense. I will just keep the counters like they are now, they still give me a pretty good idea of what's going on. Thanks Eric, as fast as usual! Sebastian On Thu, 2009-09-03 at 11:57 -0700, Eric Shubert wrote: I don't have any FILTER_RBL messages. I'm using log-level=2. What log level are you using? I think that it's appropriate to count each recipient as a separate email. If the message came from a qmail server, it would be that way anyhow. And after all, that's how many messages end up being delivered. Sebastian Grewe wrote: Hey list, I just looked at those stats and compared the output to what I am having on our boxes and I started wondering: When I check the log files, Spamdyke logs the following FILTER_RBL_MATCH : When listed in the RDNS DENIED_RBL_MATCH : For each recipient address in the mail So basically it will result in 1 FILTER match but 1 DENIED match for each mail address. Doesn't that mean that using the DENIED match will not result in the actual denied mails but rather in a much higher number? I am currently looking for both FILTER_ and DENIED_ flags and sum those up to find out how many mails I rejected - but I am guessing here that looking for FILTER_ alone would make more sense. Here my output, wrote the script today - Mirkos' output inspired me :) It's tailored to work for our environment though. Total : 1571(100.%) Legitimate : 123 (7.8200%) | |-FILTER_WHITELIST : 61 (49.5900%) | |-_RECIPIENT_WHITELIST : 61 (100.%) Rejected : 1448 (92.1700%) | |-FILTER : 539 (37.2200%) || ||- _RDNS_MISSING : 192 (35.6200%) ||- _OTHER: 12 (2.2200%) ||- _RBL_MATCH: 297 (55.1000%) || ||- _RBL_MATCH_SPAMHAUS: 171 (57.5700%) ||- _RBL_MATCH_SPAMCOP : 126 (42.4200%) | |-DENIED : 905 (62.5000%) || ||- _RDNS_MISSING : 415 (45.8500%) ||- _RBL_MATCH: 446 (49.2800%) ||- _EARLYTALKER : 0 (0%) ||- _SENDER_NO_MX : 14 (1.5400%) ||- _TOO_MANY_RECIPIENTS : 0 (0%) ||- _UNQUALIFIED_RECIPIENT: 0 (0%) | |-Clamav : 4 (.2700%) | |- Phishing : 4 (100.%) |- Trojan: 0 (0%) On Tue, 2009-09-01 at 15:52 -0500, Sam Clippinger wrote: -Original Message- From: spamdyke-users-boun...@spamdyke.org [mailto:spamdyke-users-boun...@spamdyke.org] On Behalf Of Mirko Buffoni Sent: 01 September 2009 14:27 To: spamdyke users Subject: Re: [spamdyke-users] Spam Stats Goods average between 500 and 2000 daily. Figures are however pretty standard. Spamdyke filters out about 60k attempts daily. Here are yesterday stats: Good : 1025 = 0.68 % Unsure :183 = 0.12 % Virus : 62 = 0.04 % BAD Sender: 5114 = 3.40 % BAD Rcpt :212 = 0.14 % Pure SPAM : 45997 = 30.56 % SPAMMER : 97940 = 65.06 % | \.BLACKLISTED_KEYWORD : 29608 = 30.23 % \..DENIED_EARLYTALKER : 3 = 0.00 % \...DENIED_IP_IN_RDNS : 30447 = 31.09 % \DENIED_RBL_MATCH : 23268 = 23.76 % \.DENIED_SENDER_NO_MX : 13070 = 13.34 % \..DENIED_TOO_MANY_RECIPIENTS : 1 = 0.00 % \DENIED_UNQUALIFIED_RECIPIENT : 1 = 0.00 % \.TIMEOUT : 1542 = 1.57 % -- Total : 150533 = 100.00 % -- Sebastian Grewe Jammicron | Experts in Powering Online Sales Phone 604.331.0586 x 104 Fax 604.331.0587 www.jammicron.com | www.qwik.ca ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Spam Stats
Sam, Very many thanks for the explanation and your list of words. The warning is duly noted and I will probably add to it slowly only. Kind regards, Christoph -Original Message- From: spamdyke-users-boun...@spamdyke.org [mailto:spamdyke-users-boun...@spamdyke.org] On Behalf Of Sam Clippinger Sent: 01 September 2009 21:21 To: spamdyke users Subject: Re: [spamdyke-users] Spam Stats I think you're misunderstanding the keywords feature. spamdyke does not examine message content, so it cannot stop messages that contain Viagra or any other specific words. When spamdyke searches for keywords, it looks for those keywords in the remote server's rDNS name. The purpose of the feature is to block messages from infected PCs on home cable modems. Most cable providers use a predictable naming scheme for their rDNS names, such as 11-22-33-44.dynamic.example.com. If spamdyke finds a configured keyword AND the IP address in the rDNS name, it will block the connection. That's all. On my server, 30%-50% of all connections are blocked by this filter every day. I use a short list of simple keywords like dynamic, cable, etc to great effect. -- Sam Clippinger Christoph Kuhle (Expat Email Ltd) wrote: It appears as if the blacklist_keywords can capture a lot of Spam. So far we have nothing in that file. We are worried about the refusal of emails which may be genuine. So while we might want to blacklist Viagra, we would not want to blacklist an email from a medical person, for example, which might refer to Viagra (I'm not even sure that this email will make it to the list having mentioned that word!). Do people have tried and tested contents of that file which they can advise on to prevent false positives - because we only show about 50-60% spam being caught. I think that is partly because we also have ASL installed which blocks lots before it even gets to the mail queue. If we can use the blacklist_keywords effectively, we would love to and look forward to any suggestions from seasoned users. Kind regards, Christoph -Original Message- From: spamdyke-users-boun...@spamdyke.org [mailto:spamdyke-users-boun...@spamdyke.org] On Behalf Of Mirko Buffoni Sent: 01 September 2009 14:27 To: spamdyke users Subject: Re: [spamdyke-users] Spam Stats Goods average between 500 and 2000 daily. Figures are however pretty standard. Spamdyke filters out about 60k attempts daily. Here are yesterday stats: Good : 1025 = 0.68 % Unsure :183 = 0.12 % Virus : 62 = 0.04 % BAD Sender: 5114 = 3.40 % BAD Rcpt :212 = 0.14 % Pure SPAM : 45997 = 30.56 % SPAMMER : 97940 = 65.06 % | \.BLACKLISTED_KEYWORD : 29608 = 30.23 % \..DENIED_EARLYTALKER : 3 = 0.00 % \...DENIED_IP_IN_RDNS : 30447 = 31.09 % \DENIED_RBL_MATCH : 23268 = 23.76 % \.DENIED_SENDER_NO_MX : 13070 = 13.34 % \..DENIED_TOO_MANY_RECIPIENTS : 1 = 0.00 % \DENIED_UNQUALIFIED_RECIPIENT : 1 = 0.00 % \.TIMEOUT : 1542 = 1.57 % -- Total : 150533 = 100.00 % ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Spam Stats
Actually, the keyword filter doesn't match that way. In order for a keyword to match, it must be surrounded by non-alphanumeric characters (dots or dashes). This is because I don't want the keyword dynamic to be found in a name like 11-22-33-44.nondynamic.example.com, that just isn't fair. Unfortunately this also means more entries in the keywords file. -- Sam Clippinger David Mitchell wrote: Just a suggestion, but I'm thinking that you could optimise this a bit. dial will already match dialin, dialpool and dialup, so there's no need to include those three, just dial. Same with a few of the others. Cheers, Dave Sam Clippinger wrote: Sure. Please keep in mind this list works for me, on my server, for my users. Your mileage may vary wildly. You have been warned... # Actual keywords cable client cm dhcp dial dialin dialpool dialup din dip dip0 dup dyn dynamic dynamicip ev1s in-addr modem ppp pool pools reverse user # Specific providers with lots of spammers adsl.totbb.net adsl.proxad.net fbx.proxad.net hinet-ip.hinet.net ip.secureserver.net onocable.ono.com res.rr.com rev.gaoland.net .telebecinternet.net bb.sky.net bb.sky.com ptr.us.xo.net .covad.net adsl dsl .sbcglobal.net adsl dsl .ameritech.net adsl dsl .pacbell.net adsl .bellsouth.net wsip .cox.net hsd1 .comcast.net -- Sam Clippinger Ronnie Tartar wrote: Sam, Can you share this list as I would love to make mine even better @ filtering. Regards, Ronnie - Original Message - From: Sam Clippinger s...@silence.org To: spamdyke users spamdyke-users@spamdyke.org Sent: Tuesday, September 01, 2009 4:20 PM Subject: Re: [spamdyke-users] Spam Stats I think you're misunderstanding the keywords feature. spamdyke does not examine message content, so it cannot stop messages that contain Viagra or any other specific words. When spamdyke searches for keywords, it looks for those keywords in the remote server's rDNS name. The purpose of the feature is to block messages from infected PCs on home cable modems. Most cable providers use a predictable naming scheme for their rDNS names, such as 11-22-33-44.dynamic.example.com. If spamdyke finds a configured keyword AND the IP address in the rDNS name, it will block the connection. That's all. On my server, 30%-50% of all connections are blocked by this filter every day. I use a short list of simple keywords like dynamic, cable, etc to great effect. -- Sam Clippinger Christoph Kuhle (Expat Email Ltd) wrote: It appears as if the blacklist_keywords can capture a lot of Spam. So far we have nothing in that file. We are worried about the refusal of emails which may be genuine. So while we might want to blacklist Viagra, we would not want to blacklist an email from a medical person, for example, which might refer to Viagra (I'm not even sure that this email will make it to the list having mentioned that word!). Do people have tried and tested contents of that file which they can advise on to prevent false positives - because we only show about 50-60% spam being caught. I think that is partly because we also have ASL installed which blocks lots before it even gets to the mail queue. If we can use the blacklist_keywords effectively, we would love to and look forward to any suggestions from seasoned users. Kind regards, Christoph -Original Message- From: spamdyke-users-boun...@spamdyke.org [mailto:spamdyke-users-boun...@spamdyke.org] On Behalf Of Mirko Buffoni Sent: 01 September 2009 14:27 To: spamdyke users Subject: Re: [spamdyke-users] Spam Stats Goods average between 500 and 2000 daily. Figures are however pretty standard. Spamdyke filters out about 60k attempts daily. Here are yesterday stats: Good : 1025 = 0.68 % Unsure :183 = 0.12 % Virus : 62 = 0.04 % BAD Sender: 5114 = 3.40 % BAD Rcpt :212 = 0.14 % Pure SPAM : 45997 = 30.56 % SPAMMER : 97940 = 65.06 % | \.BLACKLISTED_KEYWORD : 29608 = 30.23 % \..DENIED_EARLYTALKER : 3 = 0.00 % \...DENIED_IP_IN_RDNS : 30447 = 31.09 % \DENIED_RBL_MATCH : 23268 = 23.76 % \.DENIED_SENDER_NO_MX : 13070 = 13.34 % \..DENIED_TOO_MANY_RECIPIENTS : 1 = 0.00 % \DENIED_UNQUALIFIED_RECIPIENT : 1 = 0.00 % \.TIMEOUT : 1542 = 1.57 % -- Total : 150533 = 100.00 % ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Spam Stats
Sergio Minini (NETKEY) wrote: Mirko Buffoni escribió: div class=moz-text-flowed style=font-family: -moz-fixedGoods average between 500 and 2000 daily. Figures are however pretty standard. Spamdyke filters out about 60k attempts daily. Here are yesterday stats: Good : 1025 = 0.68 % Unsure :183 = 0.12 % Virus : 62 = 0.04 % BAD Sender: 5114 = 3.40 % BAD Rcpt :212 = 0.14 % Pure SPAM : 45997 = 30.56 % SPAMMER : 97940 = 65.06 % | \.BLACKLISTED_KEYWORD : 29608 = 30.23 % \..DENIED_EARLYTALKER : 3 = 0.00 % \...DENIED_IP_IN_RDNS : 30447 = 31.09 % \DENIED_RBL_MATCH : 23268 = 23.76 % \.DENIED_SENDER_NO_MX : 13070 = 13.34 % \..DENIED_TOO_MANY_RECIPIENTS : 1 = 0.00 % \DENIED_UNQUALIFIED_RECIPIENT : 1 = 0.00 % \.TIMEOUT : 1542 = 1.57 % -- Total : 150533 = 100.00 % Mirko, nice layout of stats. Could you please share the script you are using to get them? Thanks! -Sergio Ditto! Somebody did a nice job! (I wonder if this is this based on the spamdyke-stats.pl script that Felix Buenemann did last October) Pleeeze Mirko? I'd like to include in with the qmailtoaster-plus scripts. -- -Eric 'shubes' ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Spam Stats
Goods average between 500 and 2000 daily. Figures are however pretty standard. Spamdyke filters out about 60k attempts daily. Here are yesterday stats: Good : 1025 = 0.68 % Unsure :183 = 0.12 % Virus : 62 = 0.04 % BAD Sender: 5114 = 3.40 % BAD Rcpt :212 = 0.14 % Pure SPAM : 45997 = 30.56 % SPAMMER : 97940 = 65.06 % | \.BLACKLISTED_KEYWORD : 29608 = 30.23 % \..DENIED_EARLYTALKER : 3 = 0.00 % \...DENIED_IP_IN_RDNS : 30447 = 31.09 % \DENIED_RBL_MATCH : 23268 = 23.76 % \.DENIED_SENDER_NO_MX : 13070 = 13.34 % \..DENIED_TOO_MANY_RECIPIENTS : 1 = 0.00 % \DENIED_UNQUALIFIED_RECIPIENT : 1 = 0.00 % \.TIMEOUT : 1542 = 1.57 % -- Total : 150533 = 100.00 % At 08:59 01/09/2009 -0400, you wrote: I was just kind of curious about people's stats for spamdyke. I'm saddened to see that only 2716 emails were allowed through in a 24 hour period. Is this pretty standard? Will it get a little better after a period of time when they realize they are not making it through? Regards 64469 DENIED_RDNS_MISSING 33977 DENIED_RBL_MATCH -- Breakdown -- 72.43% zen.spamhaus.org 27.57% bl.spamcop.net --- 31984 DENIED_RDNS_RESOLVE 7006 TIMEOUT 4753 ERROR 2964 DENIED_GRAYLISTED 2716 ALLOWED 140 DENIED_SENDER_NO_MX 138 DENIED_OTHER Allowed: 2716 Denied : 133672 Errors : 11759 Total : 148147 % Valid: 1.83% % Spam : 90.23% % Error: 7.94% ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Spam Stats
No, it will always be like that, until the Internet (or its users) grows up. Our typical figures are between 95% and 97% being denied. It doesn't make me sad though. It makes me MAD. Furious, in fact. Most of what we get comes from end-users in China, Eastern Europe and South America who have allowed their machines to become zombied. Faris. -Original Message- From: spamdyke-users-boun...@spamdyke.org [mailto:spamdyke-users- boun...@spamdyke.org] On Behalf Of Ronnie Tartar Sent: 01 September 2009 1:59 PM To: spamdyke users Subject: [spamdyke-users] Spam Stats I was just kind of curious about people's stats for spamdyke. I'm saddened to see that only 2716 emails were allowed through in a 24 hour period. Is this pretty standard? Will it get a little better after a period of time when they realize they are not making it through? Regards 64469 DENIED_RDNS_MISSING 33977 DENIED_RBL_MATCH -- Breakdown -- 72.43% zen.spamhaus.org 27.57% bl.spamcop.net --- 31984 DENIED_RDNS_RESOLVE 7006 TIMEOUT 4753 ERROR 2964 DENIED_GRAYLISTED 2716 ALLOWED 140 DENIED_SENDER_NO_MX 138 DENIED_OTHER Allowed: 2716 Denied : 133672 Errors : 11759 Total : 148147 % Valid: 1.83% % Spam : 90.23% % Error: 7.94% ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Spam Stats
Thanks, I see that yours is actually below 1%. Didn't know it could possibly get better after time but it looks like no... - Original Message - From: Mirko Buffoni spamd...@synthesys.it To: spamdyke users spamdyke-users@spamdyke.org Sent: Tuesday, September 01, 2009 9:26 AM Subject: Re: [spamdyke-users] Spam Stats Goods average between 500 and 2000 daily. Figures are however pretty standard. Spamdyke filters out about 60k attempts daily. Here are yesterday stats: Good : 1025 = 0.68 % Unsure :183 = 0.12 % Virus : 62 = 0.04 % BAD Sender: 5114 = 3.40 % BAD Rcpt :212 = 0.14 % Pure SPAM : 45997 = 30.56 % SPAMMER : 97940 = 65.06 % | \.BLACKLISTED_KEYWORD : 29608 = 30.23 % \..DENIED_EARLYTALKER : 3 = 0.00 % \...DENIED_IP_IN_RDNS : 30447 = 31.09 % \DENIED_RBL_MATCH : 23268 = 23.76 % \.DENIED_SENDER_NO_MX : 13070 = 13.34 % \..DENIED_TOO_MANY_RECIPIENTS : 1 = 0.00 % \DENIED_UNQUALIFIED_RECIPIENT : 1 = 0.00 % \.TIMEOUT : 1542 = 1.57 % -- Total : 150533 = 100.00 % At 08:59 01/09/2009 -0400, you wrote: I was just kind of curious about people's stats for spamdyke. I'm saddened to see that only 2716 emails were allowed through in a 24 hour period. Is this pretty standard? Will it get a little better after a period of time when they realize they are not making it through? Regards 64469 DENIED_RDNS_MISSING 33977 DENIED_RBL_MATCH -- Breakdown -- 72.43% zen.spamhaus.org 27.57% bl.spamcop.net --- 31984 DENIED_RDNS_RESOLVE 7006 TIMEOUT 4753 ERROR 2964 DENIED_GRAYLISTED 2716 ALLOWED 140 DENIED_SENDER_NO_MX 138 DENIED_OTHER Allowed: 2716 Denied : 133672 Errors : 11759 Total : 148147 % Valid: 1.83% % Spam : 90.23% % Error: 7.94% ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Spam Stats
It appears as if the blacklist_keywords can capture a lot of Spam. So far we have nothing in that file. We are worried about the refusal of emails which may be genuine. So while we might want to blacklist Viagra, we would not want to blacklist an email from a medical person, for example, which might refer to Viagra (I'm not even sure that this email will make it to the list having mentioned that word!). Do people have tried and tested contents of that file which they can advise on to prevent false positives - because we only show about 50-60% spam being caught. I think that is partly because we also have ASL installed which blocks lots before it even gets to the mail queue. If we can use the blacklist_keywords effectively, we would love to and look forward to any suggestions from seasoned users. Kind regards, Christoph -Original Message- From: spamdyke-users-boun...@spamdyke.org [mailto:spamdyke-users-boun...@spamdyke.org] On Behalf Of Mirko Buffoni Sent: 01 September 2009 14:27 To: spamdyke users Subject: Re: [spamdyke-users] Spam Stats Goods average between 500 and 2000 daily. Figures are however pretty standard. Spamdyke filters out about 60k attempts daily. Here are yesterday stats: Good : 1025 = 0.68 % Unsure :183 = 0.12 % Virus : 62 = 0.04 % BAD Sender: 5114 = 3.40 % BAD Rcpt :212 = 0.14 % Pure SPAM : 45997 = 30.56 % SPAMMER : 97940 = 65.06 % | \.BLACKLISTED_KEYWORD : 29608 = 30.23 % \..DENIED_EARLYTALKER : 3 = 0.00 % \...DENIED_IP_IN_RDNS : 30447 = 31.09 % \DENIED_RBL_MATCH : 23268 = 23.76 % \.DENIED_SENDER_NO_MX : 13070 = 13.34 % \..DENIED_TOO_MANY_RECIPIENTS : 1 = 0.00 % \DENIED_UNQUALIFIED_RECIPIENT : 1 = 0.00 % \.TIMEOUT : 1542 = 1.57 % -- Total : 150533 = 100.00 % ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Spam Stats
Sure. Please keep in mind this list works for me, on my server, for my users. Your mileage may vary wildly. You have been warned... # Actual keywords cable client cm dhcp dial dialin dialpool dialup din dip dip0 dup dyn dynamic dynamicip ev1s in-addr modem ppp pool pools reverse user # Specific providers with lots of spammers adsl.totbb.net adsl.proxad.net fbx.proxad.net hinet-ip.hinet.net ip.secureserver.net onocable.ono.com res.rr.com rev.gaoland.net .telebecinternet.net bb.sky.net bb.sky.com ptr.us.xo.net .covad.net adsl dsl .sbcglobal.net adsl dsl .ameritech.net adsl dsl .pacbell.net adsl .bellsouth.net wsip .cox.net hsd1 .comcast.net -- Sam Clippinger Ronnie Tartar wrote: Sam, Can you share this list as I would love to make mine even better @ filtering. Regards, Ronnie - Original Message - From: Sam Clippinger s...@silence.org To: spamdyke users spamdyke-users@spamdyke.org Sent: Tuesday, September 01, 2009 4:20 PM Subject: Re: [spamdyke-users] Spam Stats I think you're misunderstanding the keywords feature. spamdyke does not examine message content, so it cannot stop messages that contain Viagra or any other specific words. When spamdyke searches for keywords, it looks for those keywords in the remote server's rDNS name. The purpose of the feature is to block messages from infected PCs on home cable modems. Most cable providers use a predictable naming scheme for their rDNS names, such as 11-22-33-44.dynamic.example.com. If spamdyke finds a configured keyword AND the IP address in the rDNS name, it will block the connection. That's all. On my server, 30%-50% of all connections are blocked by this filter every day. I use a short list of simple keywords like dynamic, cable, etc to great effect. -- Sam Clippinger Christoph Kuhle (Expat Email Ltd) wrote: It appears as if the blacklist_keywords can capture a lot of Spam. So far we have nothing in that file. We are worried about the refusal of emails which may be genuine. So while we might want to blacklist Viagra, we would not want to blacklist an email from a medical person, for example, which might refer to Viagra (I'm not even sure that this email will make it to the list having mentioned that word!). Do people have tried and tested contents of that file which they can advise on to prevent false positives - because we only show about 50-60% spam being caught. I think that is partly because we also have ASL installed which blocks lots before it even gets to the mail queue. If we can use the blacklist_keywords effectively, we would love to and look forward to any suggestions from seasoned users. Kind regards, Christoph -Original Message- From: spamdyke-users-boun...@spamdyke.org [mailto:spamdyke-users-boun...@spamdyke.org] On Behalf Of Mirko Buffoni Sent: 01 September 2009 14:27 To: spamdyke users Subject: Re: [spamdyke-users] Spam Stats Goods average between 500 and 2000 daily. Figures are however pretty standard. Spamdyke filters out about 60k attempts daily. Here are yesterday stats: Good : 1025 = 0.68 % Unsure :183 = 0.12 % Virus : 62 = 0.04 % BAD Sender: 5114 = 3.40 % BAD Rcpt :212 = 0.14 % Pure SPAM : 45997 = 30.56 % SPAMMER : 97940 = 65.06 % | \.BLACKLISTED_KEYWORD : 29608 = 30.23 % \..DENIED_EARLYTALKER : 3 = 0.00 % \...DENIED_IP_IN_RDNS : 30447 = 31.09 % \DENIED_RBL_MATCH : 23268 = 23.76 % \.DENIED_SENDER_NO_MX : 13070 = 13.34 % \..DENIED_TOO_MANY_RECIPIENTS : 1 = 0.00 % \DENIED_UNQUALIFIED_RECIPIENT : 1 = 0.00 % \.TIMEOUT : 1542 = 1.57 % -- Total : 150533 = 100.00 % ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Spam Stats
Just a suggestion, but I'm thinking that you could optimise this a bit. dial will already match dialin, dialpool and dialup, so there's no need to include those three, just dial. Same with a few of the others. Cheers, Dave Sam Clippinger wrote: Sure. Please keep in mind this list works for me, on my server, for my users. Your mileage may vary wildly. You have been warned... # Actual keywords cable client cm dhcp dial dialin dialpool dialup din dip dip0 dup dyn dynamic dynamicip ev1s in-addr modem ppp pool pools reverse user # Specific providers with lots of spammers adsl.totbb.net adsl.proxad.net fbx.proxad.net hinet-ip.hinet.net ip.secureserver.net onocable.ono.com res.rr.com rev.gaoland.net .telebecinternet.net bb.sky.net bb.sky.com ptr.us.xo.net .covad.net adsl dsl .sbcglobal.net adsl dsl .ameritech.net adsl dsl .pacbell.net adsl .bellsouth.net wsip .cox.net hsd1 .comcast.net -- Sam Clippinger Ronnie Tartar wrote: Sam, Can you share this list as I would love to make mine even better @ filtering. Regards, Ronnie - Original Message - From: Sam Clippinger s...@silence.org To: spamdyke users spamdyke-users@spamdyke.org Sent: Tuesday, September 01, 2009 4:20 PM Subject: Re: [spamdyke-users] Spam Stats I think you're misunderstanding the keywords feature. spamdyke does not examine message content, so it cannot stop messages that contain Viagra or any other specific words. When spamdyke searches for keywords, it looks for those keywords in the remote server's rDNS name. The purpose of the feature is to block messages from infected PCs on home cable modems. Most cable providers use a predictable naming scheme for their rDNS names, such as 11-22-33-44.dynamic.example.com. If spamdyke finds a configured keyword AND the IP address in the rDNS name, it will block the connection. That's all. On my server, 30%-50% of all connections are blocked by this filter every day. I use a short list of simple keywords like dynamic, cable, etc to great effect. -- Sam Clippinger Christoph Kuhle (Expat Email Ltd) wrote: It appears as if the blacklist_keywords can capture a lot of Spam. So far we have nothing in that file. We are worried about the refusal of emails which may be genuine. So while we might want to blacklist Viagra, we would not want to blacklist an email from a medical person, for example, which might refer to Viagra (I'm not even sure that this email will make it to the list having mentioned that word!). Do people have tried and tested contents of that file which they can advise on to prevent false positives - because we only show about 50-60% spam being caught. I think that is partly because we also have ASL installed which blocks lots before it even gets to the mail queue. If we can use the blacklist_keywords effectively, we would love to and look forward to any suggestions from seasoned users. Kind regards, Christoph -Original Message- From: spamdyke-users-boun...@spamdyke.org [mailto:spamdyke-users-boun...@spamdyke.org] On Behalf Of Mirko Buffoni Sent: 01 September 2009 14:27 To: spamdyke users Subject: Re: [spamdyke-users] Spam Stats Goods average between 500 and 2000 daily. Figures are however pretty standard. Spamdyke filters out about 60k attempts daily. Here are yesterday stats: Good : 1025 = 0.68 % Unsure :183 = 0.12 % Virus : 62 = 0.04 % BAD Sender: 5114 = 3.40 % BAD Rcpt :212 = 0.14 % Pure SPAM : 45997 = 30.56 % SPAMMER : 97940 = 65.06 % | \.BLACKLISTED_KEYWORD : 29608 = 30.23 % \..DENIED_EARLYTALKER : 3 = 0.00 % \...DENIED_IP_IN_RDNS : 30447 = 31.09 % \DENIED_RBL_MATCH : 23268 = 23.76 % \.DENIED_SENDER_NO_MX : 13070 = 13.34 % \..DENIED_TOO_MANY_RECIPIENTS : 1 = 0.00 % \DENIED_UNQUALIFIED_RECIPIENT : 1 = 0.00 % \.TIMEOUT : 1542 = 1.57 % -- Total : 150533 = 100.00 % ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Spam Stats
Sam, Can you share this list as I would love to make mine even better @ filtering. Regards, Ronnie - Original Message - From: Sam Clippinger s...@silence.org To: spamdyke users spamdyke-users@spamdyke.org Sent: Tuesday, September 01, 2009 4:20 PM Subject: Re: [spamdyke-users] Spam Stats I think you're misunderstanding the keywords feature. spamdyke does not examine message content, so it cannot stop messages that contain Viagra or any other specific words. When spamdyke searches for keywords, it looks for those keywords in the remote server's rDNS name. The purpose of the feature is to block messages from infected PCs on home cable modems. Most cable providers use a predictable naming scheme for their rDNS names, such as 11-22-33-44.dynamic.example.com. If spamdyke finds a configured keyword AND the IP address in the rDNS name, it will block the connection. That's all. On my server, 30%-50% of all connections are blocked by this filter every day. I use a short list of simple keywords like dynamic, cable, etc to great effect. -- Sam Clippinger Christoph Kuhle (Expat Email Ltd) wrote: It appears as if the blacklist_keywords can capture a lot of Spam. So far we have nothing in that file. We are worried about the refusal of emails which may be genuine. So while we might want to blacklist Viagra, we would not want to blacklist an email from a medical person, for example, which might refer to Viagra (I'm not even sure that this email will make it to the list having mentioned that word!). Do people have tried and tested contents of that file which they can advise on to prevent false positives - because we only show about 50-60% spam being caught. I think that is partly because we also have ASL installed which blocks lots before it even gets to the mail queue. If we can use the blacklist_keywords effectively, we would love to and look forward to any suggestions from seasoned users. Kind regards, Christoph -Original Message- From: spamdyke-users-boun...@spamdyke.org [mailto:spamdyke-users-boun...@spamdyke.org] On Behalf Of Mirko Buffoni Sent: 01 September 2009 14:27 To: spamdyke users Subject: Re: [spamdyke-users] Spam Stats Goods average between 500 and 2000 daily. Figures are however pretty standard. Spamdyke filters out about 60k attempts daily. Here are yesterday stats: Good : 1025 = 0.68 % Unsure :183 = 0.12 % Virus : 62 = 0.04 % BAD Sender: 5114 = 3.40 % BAD Rcpt :212 = 0.14 % Pure SPAM : 45997 = 30.56 % SPAMMER : 97940 = 65.06 % | \.BLACKLISTED_KEYWORD : 29608 = 30.23 % \..DENIED_EARLYTALKER : 3 = 0.00 % \...DENIED_IP_IN_RDNS : 30447 = 31.09 % \DENIED_RBL_MATCH : 23268 = 23.76 % \.DENIED_SENDER_NO_MX : 13070 = 13.34 % \..DENIED_TOO_MANY_RECIPIENTS : 1 = 0.00 % \DENIED_UNQUALIFIED_RECIPIENT : 1 = 0.00 % \.TIMEOUT : 1542 = 1.57 % -- Total : 150533 = 100.00 % ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Spam Stats
Mirko Buffoni escribió: div class=moz-text-flowed style=font-family: -moz-fixedGoods average between 500 and 2000 daily. Figures are however pretty standard. Spamdyke filters out about 60k attempts daily. Here are yesterday stats: Good : 1025 = 0.68 % Unsure :183 = 0.12 % Virus : 62 = 0.04 % BAD Sender: 5114 = 3.40 % BAD Rcpt :212 = 0.14 % Pure SPAM : 45997 = 30.56 % SPAMMER : 97940 = 65.06 % | \.BLACKLISTED_KEYWORD : 29608 = 30.23 % \..DENIED_EARLYTALKER : 3 = 0.00 % \...DENIED_IP_IN_RDNS : 30447 = 31.09 % \DENIED_RBL_MATCH : 23268 = 23.76 % \.DENIED_SENDER_NO_MX : 13070 = 13.34 % \..DENIED_TOO_MANY_RECIPIENTS : 1 = 0.00 % \DENIED_UNQUALIFIED_RECIPIENT : 1 = 0.00 % \.TIMEOUT : 1542 = 1.57 % -- Total : 150533 = 100.00 % Mirko, nice layout of stats. Could you please share the script you are using to get them? Thanks! -Sergio ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users