cschantz/Linux-Server-Management-Toolkit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix TYPE-MISMATCH and AWK-UNINIT issues in email analysis scripts

Browse Source 
suspicious-login-monitor.sh:
- Quote all numeric comparison variables to prevent word splitting:
  * Line 880: [ "$new_risk" -gt 100 ]
  * Line 2642: [ "$total_risk" -gt 100 ]
  * Line 2773: [ "$critical_count" -gt 0 ]
  * Lines 2806, 2823, 2840, 2864, 2872: [ "$risk" -gt 100 ]
  * Line 2894: [ "$high_count" -gt 0 ]
- Fix potential stat command failure on line 1467 with error checking

mail-log-analyzer.sh:
- Quote all numeric comparison variables in bounce detection (lines 259-265)
- Initialize AWK variables in BEGIN block (line 1276)
- Initialize awk loop variable (line 1130)

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
This commit is contained in:
cschantz
2026-02-07 02:43:07 -05:00
parent a17e7505ed
commit 9771e05fa8
2 changed files with 24 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/email/mail-log-analyzer.sh
+9 -9
View File
@@ -256,13 +256,13 @@ analyze_bounces() {
local greylisting=$(grep -ciE "(greylist|grey.*list|try again later|temporarily reject)" -- "$temp_file")
local tls_failure=$(grep -ciE "(TLS|SSL|certificate)" -- "$temp_file")
[ $mailbox_full -gt 0 ] && BOUNCE_REASONS["mailbox_full"]=$mailbox_full
[ $user_unknown -gt 0 ] && BOUNCE_REASONS["user_unknown"]=$user_unknown
[ $blocked -gt 0 ] && BOUNCE_REASONS["blocked"]=$blocked
[ $dns_failure -gt 0 ] && BOUNCE_REASONS["dns_failure"]=$dns_failure
[ $timeout -gt 0 ] && BOUNCE_REASONS["timeout"]=$timeout
[ $greylisting -gt 0 ] && BOUNCE_REASONS["greylisting"]=$greylisting
[ $tls_failure -gt 0 ] && BOUNCE_REASONS["tls_failure"]=$tls_failure
[ "$mailbox_full" -gt 0 ] && BOUNCE_REASONS["mailbox_full"]=$mailbox_full
[ "$user_unknown" -gt 0 ] && BOUNCE_REASONS["user_unknown"]=$user_unknown
[ "$blocked" -gt 0 ] && BOUNCE_REASONS["blocked"]=$blocked
[ "$dns_failure" -gt 0 ] && BOUNCE_REASONS["dns_failure"]=$dns_failure
[ "$timeout" -gt 0 ] && BOUNCE_REASONS["timeout"]=$timeout
[ "$greylisting" -gt 0 ] && BOUNCE_REASONS["greylisting"]=$greylisting
[ "$tls_failure" -gt 0 ] && BOUNCE_REASONS["tls_failure"]=$tls_failure
TOTAL_BOUNCES=$(wc -l < "$temp_file")
ISSUES_FOUND["bounces"]=$TOTAL_BOUNCES
@@ -1127,7 +1127,7 @@ display_recommendations() {
local priority=1
for issue in blacklist spam_accounts authentication rate_limiting rdns certificate local_delivery helo_violations frozen_messages panic_log connection_flooding auth_attacks deferral_loops tls_errors size_rejections routing_loops; do
if [ -n "${RECOMMENDATIONS[$issue]}" ]; then
echo -e "${CYAN}$priority)${NC} ${BOLD}$(echo $issue | tr '_' ' ' | awk '{for(i=1;i<=NF;i++)sub(/./,toupper(substr($i,1,1)),$i)}1')${NC}"
echo -e "${CYAN}$priority)${NC} ${BOLD}$(echo $issue | tr '_' ' ' | awk 'BEGIN{i=0} {for(i=1;i<=NF;i++)sub(/./,toupper(substr($i,1,1)),$i)}1')${NC}"
echo " ${RECOMMENDATIONS[$issue]}"
echo ""
((priority++))
@@ -1273,7 +1273,7 @@ display_hourly_distribution() {
# Calculate average and check for off-hours spikes (00:00-06:00)
local max_vol=$(awk '{print $1}' /tmp/hourly_volume.$$ | sort -n | tail -1)
local avg_vol=$(awk '{sum+=$1; count++} END {if(count>0) print int(sum/count); else print 0}' /tmp/hourly_volume.$$)
local avg_vol=$(awk 'BEGIN {sum=0; count=0} {sum+=$1; count++} END {if(count>0) print int(sum/count); else print 0}' /tmp/hourly_volume.$$)
# Check for off-hours activity (midnight-6am) that's > 2x average
local has_suspicious_hours=0