#!/bin/sh
#
# $Id: 465.status-mail-dictionary,v 1.1 2005/08/15 18:25:30 scott Exp $
#

# If there is a global system configuration file, suck it in.
#
if [ -r /etc/defaults/periodic.conf ]
then
    . /etc/defaults/periodic.conf
    source_periodic_confs
fi

case "$daily_status_mail_rejects_enable" in
    [Yy][Ee][Ss])
	if [ ! -d /etc/mail ]
	then
	    echo '$daily_status_mail_rejects_enable is set but /etc/mail' \
		"doesn't exist"
	    rc=2
	elif [ ! -f /var/log/maillog ]
	then
	    echo '$daily_status_mail_rejects_enable is set but ' \
		"/var/log/maillog doesn't exist"
	    rc=2
	elif [ "$daily_status_mail_rejects_logs" -le 0 ]
	then
	    echo '$daily_status_mail_rejects_enable is set but ' \
		'$daily_status_mail_rejects_logs is not greater than zero'
	    rc=2
	else
	    echo
	    echo Checking for sendmail dictionary attacks:

	    start=`date -v-1d '+%b %d' | sed 's/0\(.\)$/ \1/'`
	    n=$(($daily_status_mail_rejects_logs - 2))
	    rc=$({
		while [ $n -ge 0 ]
		do
		    if [ -f /var/log/maillog.$n ]
		    then
			cat /var/log/maillog.$n
		    elif [ -f /var/log/maillog.$n.gz ]
		    then
			zcat -fc /var/log/maillog.$n.gz
		    elif [ -f /var/log/maillog.$n.bz2 ]
		    then
			bzcat -fc /var/log/maillog.$n.bz2
		    fi
		    n=$(($n - 1))
		done
		cat /var/log/maillog
	    } | /usr/local/sbin/sm_dict | head -n 20 | tee /dev/stderr | wc -l)
	    [ $rc -gt 0 ] && rc=1
	fi;;

    *)  rc=0;;
esac

exit $rc