On Dec 6, 2003, at 9:10 AM, Professional Software Engineering wrote:
I'm not in agreement about the text match though. Also, if the
message arrives through your backup MX, this won't see the DSL origin.
There is no easy way to do it.
Ask Walter Dnes.
However, based on his work some time ago, I came up with this (scrubbed
of certain additions, and tweaked a bit because of said deletions, but
this "Should" work as intended, "VERBOSE=ON" is your friend, yada
yada):
PREFIX='^'
INSERT='Received:.*\(.*\[[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+\]\)(.*^)+'
INCLUDERC=recursive.rc
:0
* XINPUT ?? ^^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+
{
# If you want to do something based on IP address,
# Your code goes here.
# For instance....
NSLOOKUP=`host $XINPUT 2> /dev/null`
:0
* NSLOOKUP ?? IN-ADDR.ARPA
{ DUMMY="" }
:0 Efwh
| formail -I "Comments: No Reverse DNS"
# Reverse the order of the octets.
:0
* XINPUT ?? ()\/[0-9]+
{ QUAD1=$MATCH }
:0
* XINPUT ?? ()[0-9]+\.\/[0-9]+
{ QUAD2=$MATCH }
:0
* XINPUT ?? ()[0-9]+\.[0-9]+\.\/[0-9]+
{ QUAD3=$MATCH }
:0
* XINPUT ?? ()[0-9]+\.[0-9]+\.[0-9]+\.\/[0-9]+
{ QUAD4=$MATCH }
REVERSED="$QUAD4.$QUAD3.$QUAD2.$QUAD1"
# If you want to do something based on reversed quads,
# (Such as querying a DNSBL, for instance)
# Your code goes here.
# Here's an example or two, though:
# http://spamcop.net
NSLOOKUP=`host ${REVERSED}.bl.spamcop.net 2> /dev/null`
:0 fwh
* NSLOOKUP ?? 127.0.0.2
| formail -I "Comments: DNSBL SpamCop"
# http://cbl.abuseat.org/
NSLOOKUP=`host ${REVERSED}.cbl.abuseat.org 2> /dev/null`
:0 fwh
* NSLOOKUP ?? 127.0.0.2
| formail -I "Comments: DNSBL CBL"
}
Where recursive.rc is defined as follows (the '...' needs to be
replaced with a regexp for your local IP address ranges):
:0
* $ ${PREFIX}Received:.*\(.*\[\/[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+
{
# we have an IP address. Save it in a temporary variable.
THEHOST=$MATCH
# If it's Local, recursively keep looking.
# Local is defined as:
# 127.0.0.1, anything in RFC1918-land, and ...
:0
* $ THEHOST ?? ^^[
]*(127\.0\.0\.1|10\.[0-9]+\.[0-9]+\.[0-9]+|172\.(1[6-9]|2[0-9]|3[0
-1])\.[0-9]+\.[-9]+|192\.168\.[0-9]+\.[0-9]+|...)
{
PREFIX=$PREFIX$INSERT
INCLUDERC=recursive.rc
}
# otherwise, if XINPUT is NOT already defined,
# we have a match at this point. Tag it NOW.
:0 E
* XINPUT ?? ^^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+
{ DUMMY="" }
:0 E
{
XINPUT=$THEHOST
:0 fwh
| formail -A "Comments: INPUT $XINPUT"
#
:0
* $ ${PREFIX}Received: from \/[^ ]+
{
# Match now has the HELO from the foreign host.
# anything else, you're on your own.
}
}
}
Aloha mai Nai`a!
--
"Please have your Internet License http://kapu.net/~mjwise/
and Usenet Registration handy..."
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail