On Thu, 1 Apr 1999 23:46:12 -0600, Aaron Schrab
<aaron+procmail(_at_)schrab(_dot_)com> wrote:
At 16:04 +0300 01 Apr 1999, era eriksson <era(_at_)iki(_dot_)fi> wrote:
You could do better still, because if your MTA stamps the topmost
Received: header with the originating system's IP number, you can
simply grab it from there. Poof, no external process, no need for
origip.pl at all. This has been described by Aaron Schrab in
<http://www.xray.mpe.mpg.de/mailing-lists/procmail/1998-02/msg00034.html>
(You don't really need the scoring stuff if you just construct a
single regex which covers all your local hosts; for current-ish
Sendmail installations, an adaptation of Aaron's recipe would be
something along the lines of
:0
* ^Received: from[^])]*\[\/[0-9]+\.[0-9.]+\]\)\<*by\>+${MONSTER_REGEX}
{
That doesn't quite work; it will match the topmost received header, and
Argh, sorry -- caught between rewriting my own original so it
conformed with what else I had said and adapting it to the recipes I
was already correcting. Here's the one I actually use -- this time, I
leave rewriting it to whoever wants to borrow it.
# primary MX
MX='helsinki\.fi|iki\.fi'
# secondary
MX="$MX"'|pobox3\.funet\.fi|(hauki|lohi)\.clinet\.fi'
# spam-list
MX="$MX"'|han\.de|hiss\.org|spam-archive\.org'
# First grab operator is to force maximal matching on the parens
:0
* $ ^\/(Received: from ([a-z0-9_-]+\.)*($MX)\>.*($))*\
Received: from [^[]*\[[1-9][0-9]*\.[0-9]+\.[0-9]+\.[1-9][0-9]*
{
# Now trim down to the part we actually wanted
:0
* MATCH ?? ()\[\/[0-9.]+^^
{ }
:0
* ! ? $HOME/bin/osf1/rblcheck -c -q -s relayips.rbl.shub-inter.net $MATCH
{ REJECT="$REJECT${REJECT:+$NL}${REJ}IP $MATCH blocked by Shub relayips." }
... and so on for a number of other RBL servers
}
Like the comments imply, the first grab needs to grab all the local
Received: lines in order to then skip them (maximal matching is a side
effect of the \/ operator; without that, Procmail will grab a local IP
after all).
/* era */
(I don't think I'll ever see an underscore in a local host name but I
guess the Three Virtues prevents me from ever fixing it ...)
--
.obBotBait: It shouldn't even matter whether <http://www.iki.fi/era/>
I am a resident of the state of Washington. <http://members.xoom.com/procmail/>
* Sign the European spam petition! <http://www.politik-digital.de/spam/en/> *