Analysis of mail server logs from a spam attack

summary.py

#!/usr/bin/env python3
import re

queue = {}
lines = open("spam.log").readlines()
sent = 0
deferred = 0
bounced = 0
unknown = 0
deleted = 29118 # number I saw when clearing the queue at once
rejected = 0

for line in lines:
    if "from=<test@mail.orgnizedmess.net>" in line:
        qid = line.split(' ')[3][:-1]
        queue[qid] = ""

    if "reject: MAIL from" in line:
        rejected += 1

for line in lines:
    if "status=" in line:
        qid = line.split(' ')[3][:-1]
        if qid in queue:
            m = re.search(r'status=(\w+)', line).group(1)
            queue[qid] = m

    if "removed" in line:
        qid = line.split(' ')[3][:-1]
        if qid in queue and "postsuper" in line:
            deleted += 1

for qid in queue:
    match queue[qid]:
        case 'sent':
            sent += 1
        case 'deferred':
            deferred += 1
        case 'bounced':
            bounced += 1
        case '':
            unknown += 1

print(f"""{len(queue)+rejected:>7}   total
{sent:>7}   sent
{bounced:>7}   bounced
{rejected:>7}   rejected
{deferred:>7}   deferred
{unknown:>7}   unknown

{deleted:>7}   mail queue count before deletion
""")