Maintenance log
Today I made some time to check the savelogs job of 1-dec.
Something was wrong – a mistake in the code has caused the job to restar immediately – and so there were about 28000 logfiles.
Anyway, the job has run and gave me the stats for November:
PMAS statistics for November
Total messages : 9171 = 100.0 o/o
DNS Blacklisted : 864 = 9.4 o/o (Files: 30)
Relay attempts : 7134 = 77.7 o/o (Files: 30)
Accepted by PMAS : 1173 = 12.7 o/o (Files: 30)
Handled by explicit rule
Rejected : 561 = 47.8 o/o (processed), 6.1 o/o (all)
Accepted : 221 = 18.8 o/o (processed), 2.4 o/o (all)
Handled by content
Discarded : 130 = 11.0 o/o (processed), 1.4 o/o (all)
Quarantained : 242 = 20.6 o/o (processed), 2.6 o/o (all)
Delivered : 19 = 1.6 o/o (processed), .2 o/o (all)
Time to get the abuse scanner up and running, and block the addresses trying to relay at the gate…
Another possible group of potential abusers are now signalled by the router/firewall – it now sends mail alerts when the WAN connection had a drop (and it does no longer block access to the webserver – it might have been the inability to send mail for a longer period, as was signalled by a collegue also using a Draytek router), but also when a larger number of ICMP (Tracert) packages have arrived within a given period. There were days that this happened and I got a large number of mail alerts on this event. These again should be denied access completely – but given the addresses it looks as if these attempts are sent over an anonymizer. So it would be quite a challenge to find out who’s behind all these attempts…
Glass is coming
As the planning is now, I will be connected over fiber somewhere between march and May next year. It means my connection will be 10Mb (symmetrical) – or even 50Mb. I could get it faster, probably, but there is some more cost involved. Though it may be worthwhile in the near future.
What goes on behind the doors of the (private) data center