#!/bin/sh : <<=cut =head1 NAME amavis - plugin to monitor the amavis mail filter. =head1 APPLICABLE SYSTEMS Hosts running amavis localy and logtail(8) installed. =head1 CONFIGURATION The configuration environment variables are available =over 4 =item amavislog Path to logfile (Default: "/var/log/mail/mail.info") =item logtail Path to logtail command (Default: "logtail") =back On most systems the mail logs are not readable by nobody which the plugin usually runs at. To enable log reading it needs to run as a group or user that has read access, as shown above. By default the logtail program is started without any explicit path, but if it is not found in the system $PATH then you will need to specify the full path for the program. =head2 EXAMPLE CONFIGURATION The following shows a typical configuration: [amavis] env.amavislog /var/log/mail/mail.info env.logtail /usr/bin/logtail group adm =head2 DEFAULT CONFIGURATION This is the default configuration: [amavis] env.mktemp_command /bin/mktemp =head1 INTERPRETATION The plugin shows "probable spam", "surely spam" and "virus". If your "probable spam" raises you may need to tune your spam configuration to classify more spam as "surely spam" and so be able to eliminate it. =head1 MAGIC MARKERS #%# family=auto #%# capabilities=autoconf =head1 BUGS Should use counters since the origin data is really counters. If the node has multiple masters the data served will now be incorrect. Proper operation may require porting to perl or such. =head1 AUTHOR Unknown =head1 LICENSE GPLv2 =cut AMAVIS_LOG=${amavislog:-/var/log/mail/mail.info} LOGTAIL=${logtail:-$(command -v logtail)} STATEFILE=$MUNIN_PLUGSTATE/amavis.offset mktemp_command="${mktemp_command:-/bin/mktemp}" if [ "$1" = "autoconf" ]; then if [ ! -f "$AMAVIS_LOG" ]; then echo "no (file '$AMAVIS_LOG' not found)" elif [ -z "$LOGTAIL" ]; then echo "no (executable 'logtail' not found)" elif [ ! -x "$LOGTAIL" ]; then echo "no ('$LOGTAIL' is not executable)" elif ! { command -v amavisd-new || command -v amavisd; } >/dev/null; then echo "no (exeuctable 'amavisd' or 'amavisd-new' not found)" else echo yes fi exit 0 fi # Try tailing a random file to check how arguments are passed ARGS=0 "$LOGTAIL" /etc/hosts 2>/dev/null >/dev/null if [ $? = 66 ]; then if [ -z "$logtail" ]; then ARGS=1 fi fi if [ "$1" = "config" ]; then echo 'graph_title Amavis filter statistics' echo 'graph_vlabel \#' echo 'graph_category antivirus' echo 'virus.label virus' echo 'virus.info Number of viruses caught in email' echo 'spam_maybe.label probably spam' echo 'spam_maybe.info Emails amavis thinks probably contains spam' echo 'spam_sure.label surely spam' echo 'spam_sure.info Emails amavis is sure contains spam' echo 'total.label total mails' echo 'total.info Total emails evaluated by amavis' exit 0 fi total=U virus=U spamm=U spams=U TEMP_FILE=$($mktemp_command) || exit 73 trap 'rm -f "$TEMP_FILE"' EXIT if [ -n "$TEMP_FILE" ] && [ -f "$TEMP_FILE" ]; then if [ "$ARGS" != 0 ]; then "$LOGTAIL" -f "${AMAVIS_LOG}" -o "${STATEFILE}" | grep 'amavis\[.*\]:' > "${TEMP_FILE}" else "$LOGTAIL" "${AMAVIS_LOG}" "${STATEFILE}" | grep 'amavis\[.*\]:' > "${TEMP_FILE}" fi total=$(grep -c 'Hits:' "$TEMP_FILE") virus=$(grep -c 'INFECTED.*Hits:' "$TEMP_FILE") spamm=$(grep -c 'SPAMMY.*Hits:' "$TEMP_FILE") spams=$(grep -c 'SPAM .*Hits:' "$TEMP_FILE") fi echo "virus.value ${virus}" echo "spam_maybe.value ${spamm}" echo "spam_sure.value ${spams}" echo "total.value ${total}"