procmail
[Top] [All Lists]

Re: Procmail and rbl.maps.vix.com

1998-02-04 02:01:33
[ quoted text reformatted to fit in 80 columns ]

At 16:31 -0600, 02 Feb. 1998, Matthew G. Saroff 
<matthew(_dot_)saroff(_at_)lmco(_dot_)com> wrote:
That being the case, can anyone out there figure out a good way get
the IP address or domain (after all, NSLookup can get the IP from
that) this from a non privileged user's account reliably?

There isn't a *good* way, but depending on your mail setup, there might
be a way.  I currently grab the IP address from the first Received:
header inserted by my ISP (I'm a sysadmin at the ISP, so I have a good
knowledge of how mail gets passed around internally).  Here's the recipe
that I use:

# if there's a Received: header from one of these servers, it's
# (probably) the right one
BACKUPSERVER="([yz]\.mx\.execpc\.com)"
# Otherwise, if it went through one of these, that's the one
VIRTSERVER="(vm[0-9]+\.mx\.execpc\.com)"
# else it must be one of these
LOCALSERVER="([abc]\.mx\.execpc\.com)"
# a variable to match space characters
S="[    ]"
NL="
"

# Match a header containing:
#   Received: <anything> [<ip address>]) by <local server>
:0
* $ 9876543210^0 ^Received:.*\[\/[0-9.]+\]\)$S+by$S+${BACKUPSERVER}
* $ 9876543210^0 ^Received:.*\[\/[0-9.]+\]\)$S+by$S+${VIRTSERVER}
* $ 9876543210^0 ^Received:.*\[\/[0-9.]+\]\)$S+by$S+${LOCALSERVER}
{
  IP = $MATCH

  # trim it down to just the IP address
  :0
  * IP ?? ^^\/[0-9.]+
  {
    IP = $MATCH

    :0W
    * ! ? /home/aarons/bin/rblcheck -q $IP
    { SPAMR="$SPAMR $IP is rbl'd$NL" }
  }
  IP
}

But, this depends both upon the format of the Received: lines, and the
way that mail passes through your mail system.

-- 
Aaron Schrab     aaron(_at_)schrab(_dot_)com      http://www.execpc.com/~aarons/
 Profanity is the one language all programmers know best.

<Prev in Thread] Current Thread [Next in Thread>