Mercurial Mercurial > nixspamsum / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
nixspamsum
changeset 9 3a392067015c
parent 8 7f131cf431bc
child 10 07b9fe5c6fcf
equal deleted inserted replaced
8:7f131cf431bc 9:3a392067015c 
    16     Small log parser class to parse and summarize NiX Spam DNSBL lookup
 
    16     Small log parser class to parse and summarize NiX Spam DNSBL lookup
 
    17     based rejects from a mail log file.
 
    17     based rejects from a mail log file.
 
    18     """
 
    18     """
 
    19     __slots__ = ('_doms', '_mxs', '_repo')
 
    19     __slots__ = ('_doms', '_mxs', '_repo')
 
    20 
    20 
       
    21     RE_FQDN = '(?:[a-z0-9-]{1,63}\.){1,}[a-z]{2,6}'
 
       
    22     RE_IPv4 = '(?:[\d]{1,3}\.){3}[\d]{1,3}'
 
    21     """Regular expression pattern for mail logs from Postfix"""
 
    23     """Regular expression pattern for mail logs from Postfix"""
 
    22     RE_PF = '''^[\w\s:-]{17,80}\spostfix\/smtpd\[[\d]{3,5}\]: NOQUEUE: reject:.*blocked using ix.dnsbl.manitu.net; Spam sent to the mailhost ((?:[a-z0-9-]{1,63}\.){1,}[a-z]{2,6}) was detected by NiX Spam.*$'''
 
    24     RE_PF = r'''^[\w\s:-]{17,80}\spostfix\/smtpd\[[\d]{1,5}\]:\sNOQUEUE:
 
       
    25                 \sreject:.*blocked\susing\six.dnsbl.manitu.net;
 
       
    26                 \sSpam\ssent\sto\sthe\smailhost\s(%s|%s)
 
       
    27                 \swas\sdetected\sby\sNiX\sSpam.*$''' % (RE_FQDN, RE_IPv4)
 
       
    28 
    23 
    29 
    24     def __init__(self):
 
    30     def __init__(self):
 
    25         self._doms = {}
 
    31         self._doms = {}
 
    26         self._mxs  = {}
 
    32         self._mxs  = {}
 
    27         self._repo = None
 
    33         self._repo = None
 
    28 
    34 
    29     def setLogFormat(self, format='postfix'):
 
    35     def setLogFormat(self, format='postfix'):
 
    30         if format == 'postfix':
 
    36         if format == 'postfix':
 
    31             self._repo = re.compile(NiXSapmSum.RE_PF)
 
    37             self._repo = re.compile(NiXSapmSum.RE_PF, re.VERBOSE)
 
    32         else:
 
    38         else:
 
    33             raise Exception('MTA/Logformat not supported yet.')
 
    39             raise Exception('MTA/Logformat not supported yet.')
 
    34 
    40 
    35     def parseLog(self, filehandle):
 
    41     def parseLog(self, filehandle):
 
    36         for l in filehandle:
 
    42         for l in filehandle:
 
    41                     self._mxs[mx] += 1
 
    47                     self._mxs[mx] += 1
 
    42                 except KeyError:
 
    48                 except KeyError:
 
    43                     self._mxs[mx]  = 1
 
    49                     self._mxs[mx]  = 1
 
    44 
    50 
    45     def countByDom(self):
 
    51     def countByDom(self):
 
       
    52         ipv4po = re.compile(NiXSapmSum.RE_IPv4)
 
    46         for mx in self._mxs.keys():
 
    53         for mx in self._mxs.keys():
 
    47             dom = '.'.join(mx.split('.')[-2:])
 
    54             mo = ipv4po.match(mx)
 
       
    55             if mo:
 
       
    56                 dom = mo.group(0)
 
       
    57             else:
 
       
    58                 dom = '.'.join(mx.split('.')[-2:])
 
    48             try:
 
    59             try:
 
    49                 self._doms[dom] += self._mxs[mx]
 
    60                 self._doms[dom] += self._mxs[mx]
 
    50             except KeyError:
 
    61             except KeyError:
 
    51                 self._doms[dom]  = self._mxs[mx]
 
    62                 self._doms[dom]  = self._mxs[mx]
 
    52 
    63
nixspamsum

Repositories index