Home » Kerio User Forums » Kerio Connect » Command to list message & sending IP

Messages: 1
Karma: 0
Send a private message to this user
In the last week I have seen an increase in spam received from servers that are not listed on any DNSBL until 12 - 24 hours after I've been spammed.

I'm working on developing a script I can run just before we open in the morning to mark these emails.

So far, I have worked out this command, which will list the message file and sending IP address for all messages received in the last "$DAYS":

DAYS=2; MAIL=/Mailstore/mail/; find $MAIL -name *.eml* -ctime -$DAYS -exec egrep -H "^Received:\ from\ " "{}" \; |grep -v "192.168.1." |egrep "HELO|EHLO" |awk -F"[():]" ' $6 ~ "." { print $1 "\t" $6}'

Kerio 8.3.2
OS X Server v10.8

Messages: 342
Karma: 46
Send a private message to this user
Are you able to identify identifying aspects of these emails to create spam rules for them; either using the custom rules in the Admin panel or by creating your own Spam Assassin rules?
Previous Topic: Sieve Filters and the Body extension (RFC 5173)
Next Topic: KOC Automatically Downgraded ?
Goto Forum:

Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Wed Dec 19 15:24:28 CET 2018

Total time taken to generate the page: 1.68032 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.