Whitelist/Blacklist Effectiveness Indicators #1217
Description
A potentially useful feature in future versions of MailWatch would be to add metrics that show the effectiveness of items in the MailWatch managed whitelist or blacklist. For example:
| From | To | First Seen | Last Seen | Total Hits | Actions |
|---|---|---|---|---|---|
| alice@email.com | default | 2021-08-01 12:34:56 | 2021-08-03 11:11:11 | 37 | Edit, Delete, Reset Indicators, Quick Search |
I suspect the performance of the lists page may be impacted if it had to query for each entry against the main maillog table, so instead I think having these as values within the blacklist and whitelist tables that get updated as a step within the normal SQL processes that are added to MailScanner would be better, plus it would allow to have these values reset independently from the contents of the maillog table. This is something that firewalls, for example, provide to help determine if a rule is not working as expected, if another rule is shadowing it, etc.
Additionally, a link that quickly performs a search based on the criteria of the specific whitelist/blacklist item could be added to the actions list, similar to the links in the message detail page that are available for the received via IP.