Perl FP : getting abusers from my mail logger one-liner

To catch abusers of my free hosting service, I altered the PHP C source to write mail sending scripts (we only allow mail() to send mail; no fsockopen etc) to a log file. This file looks like this:

/www/user/htdocs/sendmail.php
/www/user/htdocs/sendmail.php
/www/user/htdocs/sendmail.php
/www/user/htdocs/sendmail.php
/www/user/htdocs/sendmail.php
/www/user/htdocs/sendmail.php
/www/user/htdocs/phpBB3/something.php
etc

Now I wanted to find people that are sending more than X mails and get a warning about them. For this I wrote the following code;

map { /(.*?) (.*)$/; if($1>$cm) {print “Abusing: $2n”;} } `cat $mf|sort|uniq -c|awk ‘{print $1 ” ” $2}’|sort -g`;

where $mf is the log file and $cm the X which is the maximum number of mails a user is allowed to send.

I run this in a cron and I actually block users with more than 400 mails. Works like a charm.

Be the first to leave a comment. Don’t be shy.

Join the Discussion

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>