procmail
[Top] [All Lists]

some Received headerfield analysis

2006-07-01 11:23:25
Save as received.rc, and run as 

  received.rc < /dev/null


===8<===8<===8<===8<===8<===8<===
#!/usr/local/bin/procmail -m

# You may have to adjust that shebang,
# see the output of: which procmail.
# http://www.xs4all.nl/~rvtol/procmail/received.rc

  DEFAULT = '/dev/null'

  NL  = '
'                            #  a single newline character
  SPC = ' '                  #  a single space character
  TAB = '       '            #  a single tab character
  b   = [$SPC$TAB]           #  blank
  s   = ([$SPC$TAB]|$)       #  whitespace
  S   = [^$SPC$TAB]          #  non-whitespace
  d   = [0-9]                #  digit
  D   = [^0-9]               #  non-digit
  w   = [0-9A-ZA-z_]         #  word
  W   = [^0-9A-ZA-z_]        #  non-word
  n   = [0-9A-Za-z_.-]       #  hostname
  h   = [0-9A-Fa-f]          #  hex
  H   = [^0-9A-Fa-f]         #  non-hex
  o   = ([01]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])  #  octet
  q   = $o[.]$o[.]$o[.]$o    #  quad

  hex = '0123456789ABCDEF'

  LOG = "$$${TAB}--start--$NL$NL"

#  VERBOSE = 'ON'

  H_RECV = 'Received: from xxxcb85e38c.xxx.yy.zz
        (xxx.203-133-227-140.xxx.yy.zz [203.133.227.140]) ...'

  LOG = "$$${TAB}${H_RECV}$NL$NL"

  host1  host2  ip

  :0
  *$ H_RECV ?? ^Received:${s}+from${s}+\/${n}+
  { host1 = $MATCH }

  :0
  *$ H_RECV ?? ^Received:${s}+from${s}+([^(]|$)+\(\/${n}+
  { host2 = $MATCH }

  :0
  *$ ! host1 ?? $\host2
  { LOG = "$$${TAB}'$host1' != '$host2'$NL$NL" }

  :0
  *$ H_RECV ?? ^Received:${s}+from${s}+([^(]|$)+\(([^[]|$)*\[\/${q}]
  *$ MATCH ?? ^^\/${q}
  { ip = $MATCH }

  LOG = "$$${TAB}ipnr: '$ip'$NL$NL"

  :0
  *$ host1 ?? $ip
  { LOG = "$$${TAB}ipnr in hostname-1: '$host1' [$ip]$NL$NL" }

  :0
  *$ host2 ?? $ip
  { LOG = "$$${TAB}ipnr in hostname-2: '$host2' [$ip]$NL$NL" }

  :0
  *$ host1 ?? ()\/$h$h$h$h$h$h$h$h$H
  *$ MATCH ?? ^^\/$h+
  { hexpart = $MATCH }


# hexpart-2-ipnr:

  h2i  pre
  :0
  *$ hexpart ?? ^^$\pre\/..
  { hh  = $MATCH
    pre = "$pre$hh"
    :0
    *  hh  ?? ^^\/.
    *$ hex ?? ^^\/[^$MATCH]*
    *  MATCH ?? 16 ^ 1 > 1
    *  hh  ?? ^^.\/.
    *$ hex ?? ^^\/[^$MATCH]*
    *  MATCH ??  1 ^ 1 > 1
    { } h2i = "$="
  }
  :0
  *$ hexpart ?? ^^$\pre\/..
  { hh  = $MATCH
    pre = "$pre$hh"
    :0
    *  hh  ?? ^^\/.
    *$ hex ?? ^^\/[^$MATCH]*
    *  MATCH ?? 16 ^ 1 > 1
    *  hh  ?? ^^.\/.
    *$ hex ?? ^^\/[^$MATCH]*
    *  MATCH ??  1 ^ 1 > 1
    { } h2i = "$h2i.$="
  }
  :0
  *$ hexpart ?? ^^$\pre\/..
  { hh  = $MATCH
    pre = "$pre$hh"
    :0
    *  hh  ?? ^^\/.
    *$ hex ?? ^^\/[^$MATCH]*
    *  MATCH ?? 16 ^ 1 > 1
    *  hh  ?? ^^.\/.
    *$ hex ?? ^^\/[^$MATCH]*
    *  MATCH ??  1 ^ 1 > 1
    { } h2i = "$h2i.$="
  }
  :0
  *$ hexpart ?? ^^$\pre\/..
  { hh  = $MATCH
    pre = "$pre$hh"
    :0
    *  hh  ?? ^^\/.
    *$ hex ?? ^^\/[^$MATCH]*
    *  MATCH ?? 16 ^ 1 > 1
    *  hh  ?? ^^.\/.
    *$ hex ?? ^^\/[^$MATCH]*
    *  MATCH ??  1 ^ 1 > 1
    { } h2i = "$h2i.$="
  }

  :0
  *$ ip ?? ^^$\h2i^^
  { LOG = "$$${TAB}hex-ipnr in hostname: $host1 $hexpart=[$ip]$NL$NL" }

  LOG = "$$${TAB}--end--$NL$NL"

-- 
Groet, Ruud

____________________________________________________________
procmail mailing list   Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail

<Prev in Thread] Current Thread [Next in Thread>