smecontribs/smeserver-mailstats
7
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix recipient email counts

Browse Source
This commit is contained in:
Brian Read 2025-01-09 10:41:12 +00:00
parent dce1df37db
commit f57b0c6e43
1 changed files with 60 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
root/usr/bin/mailstats.py
View File

@ -1005,6 +1005,32 @@ def scan_mail_users():
users_info[user] = total_junk_count users_info[user] = total_junk_count
return users_info return users_info
def get_first_email_with_domain(email_string, domain):
"""
Returns the first email address in the comma-separated string that matches the specified domain.
If there is only one email, it returns that email regardless of the domain.
Args:
email_string (str): A string of comma-separated email addresses.
domain (str): The domain to filter email addresses by.
Returns:
str: The first email address that matches the domain, or the single email if only one is provided, or None if no match is found.
"""
# Remove leading and trailing whitespace and split the email string
emails = [email.strip() for email in email_string.split(',')]
# Check if there is only one email
if len(emails) == 1:
return emails[0] # Return the single email directly
# Iterate through the list of emails
for email in emails:
# Check if the email ends with the specified domain
if email.endswith('@' + domain):
return email # Return the first matching email
return None # Return None if no matching email is found
if __name__ == "__main__": if __name__ == "__main__":
try: try:
chameleon_version = pkg_resources.get_distribution("Chameleon").version chameleon_version = pkg_resources.get_distribution("Chameleon").version
@ -1226,8 +1252,10 @@ if __name__ == "__main__":
hour = dt.hour hour = dt.hour
# parse the data # parse the data
parsed_data = parse_data(data) parsed_data = parse_data(data)
#if hour == 15: #if parsed_data['id'] == '7787' or "7787" in data:
# print(f"Abs:{hour} {timestamp} {parsed_data['sendurl']} {parsed_data['from-email']}") # print(f"{parsed_data}")
#else:
# print(f"{parsed_data['id']}")
#Take out the mailstats email #Take out the mailstats email
if 'mailstats' in parsed_data['from-email'] and DomainName in parsed_data['from-email']: if 'mailstats' in parsed_data['from-email'] and DomainName in parsed_data['from-email']:
continue continue
@ -1348,8 +1376,6 @@ if __name__ == "__main__":
# Count the qpsmtpd codes # Count the qpsmtpd codes
#if parsed_data['id'] == '3352':
# print(f"{parsed_data}")
if parsed_data['error-plugin'].strip() == 'naughty': if parsed_data['error-plugin'].strip() == 'naughty':
if parsed_data['error-msg'].startswith("(dnsbl)"): if parsed_data['error-msg'].startswith("(dnsbl)"):
columnCounts_2d[hour][RBLDNS]+= 1 columnCounts_2d[hour][RBLDNS]+= 1
@ -1378,16 +1404,24 @@ if __name__ == "__main__":
if match: if match:
email = match.group(0) email = match.group(0)
else: else:
email = "unknown" email = "unknown (no email found in smtp reject message)"
elif parsed_data['error-plugin'] == 'check_badcountries': elif parsed_data['error-plugin'] == 'check_badcountries':
email = "Unknown (Bad Country)" email = "Unknown (Bad Country)"
elif parsed_data["to-email"]: elif not is_private_ip(parsed_data['ip']) and parsed_data["to-email"]:
email = parsed_data["to-email"] # Extract email #Only look at internal recipients from outside
#Take out the chevrons #Take out the chevrons
email = email.replace('<', '').replace('>', '') email = parsed_data["to-email"].replace('<', '').replace('>', '')
email = get_first_email_with_domain(email,DomainName) # Extract email
if not email:
print(f"Incoming email with no internal email address: {email} {DomainName}")
email = "Unknown (no internal email found)"
else: else:
email = "Unknown (Non conf.?)" if not is_private_ip(parsed_data['ip']):
email = "Unknown (non conf?)"
else:
email = None
#print(f"{parsed_data['id']} {email} {action}") #print(f"{parsed_data['id']} {email} {action}")
if email:
record = next((item for item in recipients_found if item['email'] == email), None) record = next((item for item in recipients_found if item['email'] == email), None)
if not record: if not record:
# If email is not in the array, we add it # If email is not in the array, we add it
@ -1403,6 +1437,7 @@ if __name__ == "__main__":
record["spam-tagged"] += 1 record["spam-tagged"] += 1
#Now increment the column which the plugin name indicates #Now increment the column which the plugin name indicates
if parsed_data['error-msg'] and "msg denied before queued" in parsed_data['error-msg'] and parsed_data['error-plugin']: if parsed_data['error-msg'] and "msg denied before queued" in parsed_data['error-msg'] and parsed_data['error-plugin']:
if parsed_data['error-plugin']: if parsed_data['error-plugin']:
@ -1477,6 +1512,7 @@ if __name__ == "__main__":
print_progress_bar(i, log_len, prefix='Scanning for sub tables:', suffix='Complete', length=50) print_progress_bar(i, log_len, prefix='Scanning for sub tables:', suffix='Complete', length=50)
# Match initial connection message # Match initial connection message
IsInternal = True
try: try:
match = helo_pattern.match(data[1]) match = helo_pattern.match(data[1])
if match: if match:
@ -1486,9 +1522,10 @@ if __name__ == "__main__":
totalinternalsmtpsessions += 1 totalinternalsmtpsessions += 1
else: else:
totalexternalsmtpsessions += 1 totalexternalsmtpsessions += 1
IsInternal = False
continue continue
except Exception as e: except Exception as e:
(print)(f" Helo pattern error {e} {data[1]} {analysis_date}") print(f" Helo pattern error {e} {data[1]} {analysis_date}")
continue continue
#Pull out Geoip countries for analysis table #Pull out Geoip countries for analysis table