No description
08f651dc1e
Adds scripts/mail_reputation_monitor.py + migration 101 (mail_reputation_daily).
Sender reputation is judged by the RECEIVING operator (Microsoft/Google/Yahoo/
Proofpoint), and the provider portals (SNDS/Postmaster/CFL) need a login and lag
24-48h. Our postfix logs already carry the ground truth in real time: every send
records the receiving host + SMTP response, and the response classifies WHY:
250 -> accepted
451 4.7.500 -> throttled (Microsoft rate-limiting a cold IP)
550 5.7.x -> reject_reputation (spam/reputation)
550 5.1.1/5.4.1-> reject_recipient (dead mailbox / access denied = list hygiene)
550 ...SPAM -> reject_content (SpamAssassin)
The parser classifies each egress delivery (out0x/hcout/relay) by (sending_ip,
receiver, outcome, reason_code) and upserts ONE daily aggregate row per bucket
(idempotent ON CONFLICT), so a nightly cron over the rotated log gives a queryable
trend without re-parse double-counting. --alert prints a per-operator summary and
Telegram-alerts on regressions (>=10% reputation rejects, or Microsoft >=70%
throttled). Reads stdin ("-") so the host-owned /var/log/mail.log can be piped
into the DB-connected workers container.
Motivation: 2026-06-19 audit found ~80% of Microsoft sends were getting 451 4.7.500
throttles on the warming IPs -- this makes that trend visible as reputation recovers.
|
||
|---|---|---|
| .claude/projects/-home-justin-projects-performancewest-new-site/memory | ||
| api | ||
| chrome-extension/fcc-access-helper | ||
| data | ||
| docs | ||
| docserver | ||
| erpnext | ||
| frappe_adyen | ||
| frappe_ca_registry | ||
| frappe_crypto | ||
| infra | ||
| mcp | ||
| monitoring | ||
| node-compile-cache/v25.1.0-x64-392347a2-1000 | ||
| performancewest_erpnext | ||
| scripts | ||
| site | ||
| src | ||
| test_screenshots | ||
| .gitignore | ||
| CLAUDE.md | ||
| deploy.sh | ||
| docker-compose.dev.override.yml | ||
| docker-compose.yml | ||
| extract-erpnext-assets.sh | ||