I've got a copy of all my exim "mainlog" data for the past year. I'd
like to analyze it to know how many spam attempts I got each day: not
only stuff that was "rejected by local_scan()" (because I'm using
SA-Exim together with SpamAssassin), but also times when an SMTP
connection was rejected because "no IP address found for host", or
there was "input sent without waiting for greeting", or a HELO or EHLO
was "syntactically invalid", or the server "could not complete sender
verify", or anything else like that.
Yes, I could just write a tool myself to pick these lines out of the
log files and tally them up, but I've got over 130,000 lines of log
files and I'm bound to miss some kind of spam attempts. I'd rather not
reinvent the wheel if someone else has already addressed this issue -
are there any solutions that already exist?