Sunday, October 24, 2010

How to install spam log

***Following are the steps to install Spam_log***


-------------************************--------------
 1)- Login to your server & su - to root.

****************************************************

 2)-Turn off exim while we do this so it doesn't freak out :-

#/etc/init.d/exim stop

****************************************************

 3)-Backup your original /usr/sbin/sendmail file, On systems using Exim MTA, the sendmail file is just basically a pointer to Exim itself :-

#mv /usr/sbin/sendmail /usr/sbin/sendmail.hidden

****************************************************

4)-Create the spam monitoring-script for the new sendmail :-

#pico /usr/sbin/sendmail

Paste in the following:-

#!/usr/local/bin/perl
# use strict;
use Env;
my $date = `date`;
chomp $date;
open (INFO, ">>/var/log/spam_log") || die "Failed to open file ::$!";
my $uid = $>;
my @info = getpwuid($uid);
if($REMOTE_ADDR) {
print INFO "$date - $REMOTE_ADDR ran $SCRIPT_NAME at $SERVER_NAME n";
}
else {

print INFO "$date - $PWD - @infon";

}
my $mailprog = '/usr/sbin/sendmail.hidden';
foreach (@ARGV) {
$arg="$arg" . " $_";
}

open (MAIL,"|$mailprog $arg") || die "cannot open $mailprog: $!n";
while (<STDIN> ) {
print MAIL;
}
close (INFO);
close (MAIL);

****************************************************

 5)-Change the new sendmail permissions :-

#chmod +x /usr/sbin/sendmail

****************************************************

6)-Create a new log file to keep a history of all mail going out of the server using web scripts :-

#touch /var/log/spam_log

chmod 0777 /var/log/spam_log

****************************************************

7)-Start Exim up again :-

#/etc/init.d/exim start

****************************************************

8)-Monitor your spam_log file for spam, try using any formmail or script that uses a mail function - a message board, a contact script :

#tail - f /var/log/spam_log

Sample Log Output

Mon Apr 11 07:12:21 EDT 2005 - /home/username/public_html/directory/subdirectory - nobody x 99 99 Nobody / /sbin/nologin

Log Rotation Details :-
Your spam_log file isn't set to be rotated so it might get to be very large quickly, Keep an eye on it and consider adding it to your logrotation.

#pico /etc/logrotate.conf

FIND :-

/var/log/wtmp {
monthly
create 0664 root utmp
rotate 1
}

ADD BELOW :-

# SPAM LOG rotation
/var/log/spam_log {
monthly
create 0777 root root
rotate 1
}

****************************************************
Now Just sit and enjoy .
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)