Mark <admin(_at_)asarian-host(_dot_)net> writes:
[ ... ]
/\b[a-z]*?(\d{1,3}[.-]\d{1,3}[.-]\d{1,3}|([a-z]?dsl(am)?|dhcp|tnt|ipt|pool|n
as|cvx|leased|slip|subscriber|d[iu]p|modem(cable)?|ppp(oe)?|dyn(amic)?|dial(
up)?|cust(omers?)?|(end)?users?|d?cliente?)\d*?)\b/i
Mind you that matches are within boundaries; so it is not as rigid as
it may seem. For instance, looking at "pool", this will not match
"poolcleaners.com", but it WOULD match "pool-34.yaddaydda.com".
Let me reiterate, that you should NOT use this regex, stand-alone,
without further checks. You will typically need to exempt your own
whitelists, authenticated users, etc; and, like I did, you may want to
exempt a PTR if the HELO string is a regular domain name, and resolves
to the connecting IP. And, last but not least, you may want to exempt
SPF enabled addresses. :)
Yep.
Thanks for posting this.
--
Lloyd Zusman
ljz(_at_)asfast(_dot_)com