I just wanted to start a thread on some of the tools I have been using to help us (
Support@CudaMail.com) manage a cluster of
Barracuda Spam Firewall 600's over the last few years. I hope these techniques will help you!
While I have a Windows PC as my daily desktop I have grown fond of lots of the classic *nix utilities such as grep, sort and uniq and one of the first things I do on a new power pc is to download and install the Cygwin utilities available at:
(just run the setup and let it do a default install - you can always re-run setup to update or add additional tools)
Once you have Cygwin installed you get a new DOS prompt like shell that is great at working with text file and one thing I do on a fairly regular basis is to look at the inbound / outbound queues especially when they are high and I want to know where all the messages are coming from or going to.
From the Basic / Status page click on the number that corresponds to the in or out queue. This will open a report showing the details on all messages but there is no easy way to sort them so I do a select all and copy the information to the clipboard.
I paste the information into Excel using paste special - plain text and then select all the e-mail addresses in the To: column. I copy them out and paste them into a plain text file called ‘list.txt’ in the C:\cygwin\home\username folder.
In the Cygwin shell issue the following command:
grep -o -E \@.+$ list.txt | sort | uniq -c | sort
Let's break this command down:
grep -o -E \@.+$ list.txt
This command looks through the file 'list.txt' for the section of the e-mail address that starts with the '@' sign and selects everything from the '@' sign to the end of the address. This results in a new list showing just the domain portion of the e-mail address with one entry per original line.
| sort | uniq -c | sort
Pipe (|) the output of the Grep command through sort to put all the same domain names together then run the output of that command (pipe again) through the uniq command asking it to count (-c) the number of uniq matching entries and then sort that list out from small to large before displaying the list like this sample:
3 @thousand.com
5 @ccim.org
5 @s2.savvyconsumertoday.com
13 @CUSTOMER.ORG
27 @www.howtokeep.com
294 @customer.org
Voila! I have a list of number of messages per domain in the outbound queue!
So ... how does this help me?This tells me at a glance that there is something wrong with the mail server for 'customer.com' and that I need to start looking there. This has helped me so much I wish there was a button at the top of each column in the in/out queue that would do the same thing - return a top 10 like list.
You can see that this sorts out the upper and lower case variations differently and while I thought that I would like to add in a command to change everything to lowercase first I do find some problems by not changing the case first. I can go back to the Excel spread sheet and find the 13 messages sending to the upper case variation of the customer and check them - this may be a new campaign that I can stop by adding these IP's to the 'IP Block / Accept tab.'
Anyone else have a tip like this? - Shaun