procmail
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: grep whitelists and checking return code

2004-07-14 23:39:33
from [Paul Chvostek] [Permanent Link] 
On Wed, Jul 14, 2004 at 11:12:19AM -0400, Eric Wood wrote:


That's the same behavior I get with GNU's grep on RH's FC1 distro.  


I wouldn't know about Redhat -- I'm strictly FreeBSD when it comes to
this kind of stuff.  If GNU grep is broken, it doesn't affect me.  ;)


So using a pattern file (with the -f switch) the line must match exactly.


In FreeBSD's grep, the -f switch simply lists a set of regexps.  If you
want to match exact strings rather than REs, use the -F option (note the
case).


Does someone have a whitelist/denylist rule that can use domain wide
whitelisting as well as specific user whitelisting?  I think I somehow need
to extract the sender's domain, do a grep test for domain-wide pass, then
grep for the sender's full email address.  I'm not a procmail expert on
this.  Any advice is appreciated!


Er, the one I posted last month works fine for domain-wide whitelisting,
and has not-much to do with procmail.

$ cat .wltest
@example.com
testing
$ echo foo(_at_)example(_dot_)com | grep -f .wltest
foo(_at_)example(_dot_)com
$ 

But for a real whitelist, we don't want to have to escape dots and
stuff, so we use fgrep (or grep -F if you prefer) ... except that
domains are case insentive, so -i is needed.  We end up with:

   # remove spoofs
   :0 fhw
   * ^X-whitelist:
   | formail -I "X-whitelist"

   # apply whitelist tag if appropriate
   :0 fhw
   * ? test -s $HOME/.whitelist
   * ? formail -rxTo: | fgrep -qisf $HOME/.whitelist
   | formail -A "X-whitelist: yes"

then do whatever you like with the new header.  If the .whitelist file
contains a line with just a domain, it should still be matched, since
that line will be a substring of the stdin to fgrep.

YMMV.  Read the previous whitelist thread(s) for more wisdom.

-- 
  Paul Chvostek                                             
<paul(_at_)it(_dot_)ca>
  Operations / Abuse / Whatever
  it.canada, hosting and development                   http://www.it.ca/


____________________________________________________________
procmail mailing list   Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  procmail log file corruption, Lloyd Lee-Lim
Next by Date:  sandbox question, Chuck Campbell
Previous by Thread:  Re: grep whitelists and checking return code, Eric Wood
Next by Thread:  Re: grep whitelists and checking return code, Google Kreme
Indexes:  [Date] [Thread] [Top] [All Lists]