{"id":62,"date":"2015-04-17T20:17:02","date_gmt":"2015-04-17T17:17:02","guid":{"rendered":"http:\/\/melic.com\/wp1\/?p=62"},"modified":"2016-12-23T11:00:00","modified_gmt":"2016-12-23T08:00:00","slug":"exchange-yonetimi-spam-monitoring-ornekler-1","status":"publish","type":"post","link":"https:\/\/melic.com\/wp1\/exchange-yonetimi-spam-monitoring-ornekler-1\/","title":{"rendered":"Exchange Y\u00f6netimi – Spam Monitoring \u00d6rnekler -1"},"content":{"rendered":"

\u00d6rnekler ile Exchage anti-spam loglama ve Raporlama<\/strong><\/p>\n

\u00d6rnek -1<\/em><\/strong>
\nKullan\u0131c\u0131 tan\u0131mlayarak Exchange Anti-spam logunu tarama\/raporlama:
\nGet-AgentLog | where {$_.recipients -like “kullanici@domain.com”}<\/span><\/p>\n

\u00d6rnek -2<\/strong><\/em>
\nG\u00f6nderici tan\u0131mlayarak Exchange Anti-spam logunu tarama\/raporlama:
\nGet-AgentLog | where {$_.P1FromAddress -like “kullan\u0131c\u0131@sirket.com” -or $_.P2FromAddresses -like “kullan\u0131c\u0131@firma.com”}<\/span><\/p>\n

P1FromAddress ile P2FromAddresses aras\u0131ndaki fark nedir?
\nTelnet ba\u011flant\u0131s\u0131 ile \u00f6rnekleyelim :
\n“helo me
\nehlo me
\nmail from:P1FromAddress
\nrcpt to:kullan\u0131c\u0131@domain.com
\ndata
\nmail from:P2FromAddresses
\nsubject:test1
\n.
\nquit”<\/p>\n

Burada MX kay\u0131tlar\u0131nda baska bir sunucudan ba\u015fka bir domain ile mail gelmesi olarak d\u00fc\u015f\u00fcnebilirsiniz.<\/p>\n

\u00d6rnek -3<\/strong>
\nG\u00f6nderinin domain bilgisini girerek Exchange Anti-spam logunu tarama\/raporlama:
\nGet-AgentLog | where {$_.P1FromAddress -like “*contoso.com” -or $_.P2FromAddress -like “*corp.com”}<\/span><\/p>\n

\u00d6rnek -4<\/strong>
\nG\u00f6nderinin IP bilgisini girerek Exchange Anti-spam logunu tarama\/raporlama:
\nGet-AgentLog | where {$_.IPAddress -eq “7.7.7.7”}<\/span><\/p>\n

\u00d6rnek -5a<\/strong>
\nBLP – Sebep ile Exchange Anti-spam logunu tarama\/raporlama:
\nGet-AgentLog | where {$_.Reason -eq “BlockListProvider”}<\/span><\/p>\n

\u00d6rnek -5b<\/strong>
\nSAQT – Sebep ile Exchange Anti-spam logunu tarama\/raporlama:
\nGet-AgentLog | where {$_.Reason -eq “SclAtOrAboveQuarantineThreshold”}<\/span><\/p>\n

\u00d6rnek -6a<\/strong>
\nCFA – Agent bilgisi ile Exchange Anti-spam logunu tarama\/raporlama:
\nGet-AgentLog | where {$_.Agent -eq “Connection Filtering Agent”}<\/span><\/p>\n

\u00d6rnek -6b<\/strong>
\nSenderID – Agent bilgisi ile Exchange Anti-spam logunu tarama\/raporlama:
\nGet-AgentLog | where {$_.Agent -eq “SenderID Agent”}<\/span><\/p>\n

\u00d6rnek -6c<\/strong>
\nSFA – Agent bilgisi ile Exchange Anti-spam logunu tarama\/raporlama:
\nGet-AgentLog | where {$_.Agent -eq “Sender Filter Agent”}<\/span><\/p>\n

\u00d6rnek -6\u00e7<\/strong>
\nRFA – Agent bilgisi ile Exchange Anti-spam logunu tarama\/raporlama:
\nGet-AgentLog | where {$_.Agent -eq “Recipient Filter Agent”}<\/span><\/p>\n

\u00d6rnek -6d<\/strong>
\nERA – Agent bilgisi ile Exchange Anti-spam logunu tarama\/raporlama:
\nGet-AgentLog | where {$_.Agent -eq “Edge Rules Agent”}<\/span><\/p>\n

Ve geldik fasulyenin faydalar\u0131na :D
\nBir tane powershell script yazaca\u011f\u0131z ve bu script ile g\u00fcnl\u00fck ve haftal\u0131k istatistikleri kendimize mail ile g\u00f6nderece\u011fiz. Bir notepad al\u0131p a\u015fa\u011f\u0131daki scripti IstatistikselRapor.ps1 olarak script klas\u00f6r\u00fcne kaydedin. Sonra istedi\u011finiz zaman manuel yada cron ile \u00e7a\u011f\u0131rabilirsiniz.<\/p>\n

Add-PSSnapIn<\/span> Microsoft.Exchange.Management.PowerShell.E2010\r\n<\/span>$HTMLReport<\/span> =<\/span> \".\\report.html\"<\/span>\r\n$MailTo<\/span> =<\/span> \"kullanici@domain.com\"<\/span>\r\n$MailServer<\/span> =<\/span> \"Exchange Sunucusu i\u00e7  IP adresi\"<\/span>\r\n$MailFrom<\/span> =<\/span> \"ExchangeAdmin@domain.com\"<\/span>\r\n\r\n$a1<\/span> =<\/span> Get-AgentLog<\/span> -<\/span>StartDate (<\/span>Get-Date<\/span>).AddDays(<\/span>-<\/span>1<\/span>) <\/span>-<\/span>EndDate (<\/span>Get-Date<\/span>)\r\n<\/span>$a2<\/span> =<\/span> $a1<\/span> |<\/span> where<\/span> { <\/span>$_<\/span>.Action <\/span>-like<\/span> \"RejectMessage\"<\/span> -or<\/span> $_<\/span>.Action <\/span>-like<\/span> \"RejectCommand\"<\/span> -or<\/span> $_<\/span>.Action <\/span>-like<\/span> \"QuarantineMessage\"<\/span> }\r\n<\/span>$a3<\/span> =<\/span> $a1<\/span> |<\/span> where<\/span> { <\/span>$_<\/span>.Action <\/span>-like<\/span> \"AcceptMessage\"<\/span> }\r\n\r\n<\/span>$b1<\/span> =<\/span> Get-AgentLog<\/span> -<\/span>StartDate (<\/span>Get-Date<\/span>).AddDays(<\/span>-<\/span>7<\/span>) <\/span>-<\/span>EndDate (<\/span>Get-Date<\/span>)\r\n<\/span>$b2<\/span> =<\/span> $b1<\/span> |<\/span> where<\/span> { <\/span>$_<\/span>.Action <\/span>-like<\/span> \"RejectMessage\"<\/span> -or<\/span> $_<\/span>.Action <\/span>-like<\/span> \"RejectCommand\"<\/span> -or<\/span> $_<\/span>.Action <\/span>-like<\/span> \"QuarantineMessage\"<\/span> }\r\n<\/span>$b3<\/span> =<\/span> $b1<\/span> |<\/span> where<\/span> { <\/span>$_<\/span>.Action <\/span>-like<\/span> \"AcceptMessage\"<\/span> }\r\n\r\n<\/span>$Output<\/span> =<\/span> \"<html> \r\n<body> \r\n<font size=\"\"1\"\" face=\"\"Arial,sans-serif\"\"> \r\n<h3 align=\"\"center\"\">Exchange Antispam Report<\/h3> \r\n<h5 align=\"\"center\"\">Generated $((Get-Date).ToString())<\/h5> \r\n<\/font> \r\n<table border=\"\"0\"\" cellpadding=\"\"3\"\" style=\"\"font-size:8pt;font-family:Arial,sans-serif\"\"> \r\n<tr bgcolor=\"\"#009900\"\"> \r\n<th><font color=\"\"#ffffff\"\">Recieved Messages per day:<\/font><\/th> \r\n<th><font color=\"\"#ffffff\"\">Rejected Messages per day:<\/font><\/th> \r\n<th><font color=\"\"#ffffff\"\">% Rejected Messages per day:<\/font><\/th> \r\n<th><font color=\"\"#ffffff\"\">Accepted Messages per day:<\/font><\/th> \r\n<th><font color=\"\"#ffffff\"\">% Accepted Messages per day:<\/font><\/th><\/tr>\r\n<tr bgcolor=\"\"#dddddd\"\"><th>$($a1.count)<\/th>\r\n<th>$($a2.count)<\/th>\r\n<th>$([math]::Round(($a2.count\/$a1.count)*100))<\/th>\r\n<th>$($a3.count)<\/th>\r\n<th>$([math]::Round(($a3.count\/$a1.count)*100))<\/th>\r\n<\/tr><\/table>\r\n<table border=\"\"0\"\" cellpadding=\"\"3\"\" style=\"\"font-size:8pt;font-family:Arial,sans-serif\"\"> \r\n<tr bgcolor=\"\"#009900\"\"> \r\n<th><font color=\"\"#ffffff\"\">Recieved Messages per week:<\/font><\/th> \r\n<th><font color=\"\"#ffffff\"\">Rejected Messages per week:<\/font><\/th> \r\n<th><font color=\"\"#ffffff\"\">% Rejected Messages per week:<\/font><\/th> \r\n<th><font color=\"\"#ffffff\"\">Accepted Messages per week:<\/font><\/th> \r\n<th><font color=\"\"#ffffff\"\">% Accepted Messages per week:<\/font><\/th><\/tr>\r\n<tr bgcolor=\"\"#dddddd\"\"><th>$($b1.count)<\/th>\r\n<th>$($b2.count)<\/th>\r\n<th>$([math]::Round(($b2.count\/$b1.count)*100))<\/th>\r\n<th>$($b3.count)<\/th>\r\n<th>$([math]::Round(($b3.count\/$b1.count)*100))<\/th>\r\n<\/tr><\/table>\r\n<\/body><\/html>\"<\/span>;\r\n\r\n<\/span>$Output<\/span> |<\/span> Out-File<\/span> $HTMLReport<\/span>\r\n\r\nSend-MailMessage<\/span> -Attachments<\/span> $HTMLReport<\/span> -To<\/span> $MailTo<\/span> -From<\/span> $MailFrom<\/span> -Subject<\/span> \"Exchange Antispam Report\"<\/span> -BodyAsHtml<\/span> $Output<\/span> -SmtpServer<\/span> $MailServer<\/span><\/pre>\n","protected":false},"excerpt":{"rendered":"
\u00d6rnekler ile Exchage anti-spam loglama ve Raporlama \u00d6rnek -1 Kullan\u0131c\u0131 tan\u0131mlayarak Exchange Anti-spam logunu tarama\/raporlama: Get-AgentLog | where {$_.recipients -like “kullanici@domain.com”} \u00d6rnek -2 G\u00f6nderici tan\u0131mlayarak Exchange Anti-spam logunu tarama\/raporlama: Get-AgentLog | where {$_.P1FromAddress -like “kullan\u0131c\u0131@sirket.com” -or $_.P2FromAddresses -like “kullan\u0131c\u0131@firma.com”} P1FromAddress ile P2FromAddresses aras\u0131ndaki fark nedir? Telnet ba\u011flant\u0131s\u0131 ile \u00f6rnekleyelim :…<\/p>\n","protected":false},"author":1,"featured_media":155,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3,2],"tags":[],"class_list":["post-62","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-exchange","category-teknoloji"],"_links":{"self":[{"href":"https:\/\/melic.com\/wp1\/wp-json\/wp\/v2\/posts\/62","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/melic.com\/wp1\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/melic.com\/wp1\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/melic.com\/wp1\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/melic.com\/wp1\/wp-json\/wp\/v2\/comments?post=62"}],"version-history":[{"count":3,"href":"https:\/\/melic.com\/wp1\/wp-json\/wp\/v2\/posts\/62\/revisions"}],"predecessor-version":[{"id":65,"href":"https:\/\/melic.com\/wp1\/wp-json\/wp\/v2\/posts\/62\/revisions\/65"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/melic.com\/wp1\/wp-json\/wp\/v2\/media\/155"}],"wp:attachment":[{"href":"https:\/\/melic.com\/wp1\/wp-json\/wp\/v2\/media?parent=62"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/melic.com\/wp1\/wp-json\/wp\/v2\/categories?post=62"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/melic.com\/wp1\/wp-json\/wp\/v2\/tags?post=62"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}