Thursday, July 13, 2006

Mail metrics

(heh) I did this with Sendmail, McAfee, SpamAssassin, Perl, and gnuPlot on a BSDi box almost a decade ago. It was web-based, menu-driven for the less talented of the operators, and calculated "normal" based on the previous month's day-of-the-week traffic.

McAfee doesn't make a BSDi-based scanner you say? Okay, but they had one for Linux and BSDi had something known as LDP and you only had to import one missing library from Linux.

This is one of those things that you need to do to monitor your metrics. Another example would be to stick a Linux box running RRD to the side of your Exchange box to monitor the mail system via its SNMP hooks. If it generates numbers (usually over time), it's probably a good idea to graph it and monitor it. A quick look at a graph will usually tell you much the same thing that an hour or so of log reading will.