Bart Schaefer schreef:
Ruud H.G. van Tol:
Save as received.rc, and run as
received.rc < /dev/null
This is interesting, but it needs a wrapper to set H_RECV to each
received line in a message in turn, and recursively include the
script.
I do at lot like this in my .procmailrc. I reformed it for the list to a
stand-alone version to be used for fun and testing and enhancement.
I use stuff like this mainly exclusively on the first Received header
field of my ISP, so where the message enters "my" world.
I also test for the mirror of the IP-number, so from [1.2.3.4] I build
"4.3.2.1". I also test against "1.2.3" and "4.3.2", because hostnames
are often created from those. These hosts are of course also often in
dynablock DNSBLs.
Here are some samples it might be nice to parse better:
Yes, Received header fields come in many formats.
25480 Received: (qmail 12587 invoked by alias); 30 Jun 2006 23:21:46
Heheh, messages with 'qmail' in any of the headers go almost directly to
my 'suspect' box.
--
Groet, Ruud
____________________________________________________________
procmail mailing list Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail