On Fri, Jun 30, 2006 at 03:15:31PM -0400, Robert Moskowitz wrote:
Dallman Ross wrote:
On Fri, Jun 23, 2006 at 02:18:18PM -0400, Robert Moskowitz
wrote:
I want to specially handle all mail that is ONLY from within
my network.
So let's say I have two ranges of addresses. 192.168.128.0/24
and 205.86.56.32/27
First, you need to make your ranges into a standard regex.
I have a perl script available to me that helps with that, written
by my friend Mike Peeler. I think your /27 starts with 32 and goes
through 63; is that correct?
Oops. A /26... 193-256
I can't follow you. Just state the starting IP and the ending IP of
the range, please.
Let's use scoring. Add up all Received lines, then subtract all
that have yours. If any are left, it's mail you don't want.
I don't think this is right, if any receive line has an address NOT in
my range, then it requires further processing, else it gets delivered
(in this case to a maildir directory)
Well, but it is right. Why not just try it?
MYSLASH27 = 205\.0?86\.0?56\.(0?3[2-9]|0?[45][0-9]|0?6[0-3])
MYNAT24 = 192\.168\.128\.([01]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])
Why the .0?86 and not \.86 in this example? You did not use this style
in the next variable. But I then get:
I used the same style in both. I used Mike Peeler's script to produce
both. You could probably remove all "0?" references in there to no ill
effect. Ruud mentioned a possible gotcha with that format, though I've
never seen it actually happen in my use of the output of that script.
MYPUB = 65\.0?84\.0?78\.(0?19[2-9]|0?2[0-4][0-9]|0?25[0-5])
MYNAT128 = 192\.168\.128\.([01]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])
:0
* 1 ^1 ^Received:
* -1 ^1 ^Received:.*\[($MYSLASH27|$MYNAT24)]]
{ HOST = abort }
This will dump all mail with any Received line that doesn't have a
bracketed IP address in your range.
If a received has an address no in my range? an IP address but not one
of mine?
(Every piece of mail coming in ought to have at least one IP address.)
Yes, it does what you said you wanted. You need to read "man procmailsc"
(scoring), perhaps, to see why. But basically, we count all Received's.
Then we decrement all with your range. If we're above zero at the end
of the math, there was a Received header that did not contain your IP
address. So we decline delivery and end the procmail run.
Dallman
____________________________________________________________
procmail mailing list Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail