Menu
▾
▴
spam-cvs — copy of all cvs checkins emailed to this mail list
You can subscribe to this list here.
| 2006 |
Jan
(6) |
Feb
|
Mar
(1) |
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2007 |
Jan
(1) |
Feb
(2) |
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2012 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(1) |
Nov
|
Dec
|
| 2017 |
Jan
|
Feb
(1) |
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: j c. <jl...@ya...> - 2017-02-03 05:36:10
|
----- Forwarded Message -----
From: Thank_You_CVS <I09...@I0...>
To: "jl...@ya..." <jl...@ya...>
Sent: Thursday, February 2, 2017 4:09 PM
Subject: CVS_Has_A_Suprise_For_You
CVS reward Open immediately!!!
|
|
From: Holly S. <gop...@ao...> - 2012-10-20 21:05:51
|
please post me gop...@ao... martin badger gop...@ao... |
|
From: Jon F. <re...@us...> - 2007-02-07 18:27:33
|
reflous 07/02/07 10:27:31 Modified: lib IPBlks.pm Log: bone headed mistake, left in some extra characters in front of some IP addresses Revision Changes Path 1.6 +4 -4 spam/lib/IPBlks.pm Index: IPBlks.pm =================================================================== RCS file: /cvsroot/spam/spam/lib/IPBlks.pm,v retrieving revision 1.5 retrieving revision 1.6 diff -u -w -r1.5 -r1.6 --- IPBlks.pm 7 Feb 2007 01:54:53 -0000 1.5 +++ IPBlks.pm 7 Feb 2007 18:27:31 -0000 1.6 @@ -110,10 +110,10 @@ 149.224.0.0/12 ripe 149.240.0.0/13 ripe 149.248.0.0/14 ripe -+150.1.0.0/16 apnic -+150.2.0.0/15 apnic -+150.4.0.0/14 apnic -+150.8.0.0/13 apnic +150.1.0.0/16 apnic +150.2.0.0/15 apnic +150.4.0.0/14 apnic +150.8.0.0/13 apnic 150.16.0.0/12 apnic 150.32.0.0/11 apnic 150.64.0.0/11 apnic |
|
From: Jon F. <re...@us...> - 2007-02-07 01:54:59
|
reflous 07/02/06 17:54:53 Modified: lib IPBlks.pm Log: Added a couple more IP ranges, most of them courtesy of paddy2706 Revision Changes Path 1.5 +36 -1 spam/lib/IPBlks.pm Index: IPBlks.pm =================================================================== RCS file: /cvsroot/spam/spam/lib/IPBlks.pm,v retrieving revision 1.4 retrieving revision 1.5 diff -u -w -r1.4 -r1.5 --- IPBlks.pm 5 Jan 2006 07:50:53 -0000 1.4 +++ IPBlks.pm 7 Feb 2007 01:54:53 -0000 1.5 @@ -79,10 +79,20 @@ # 0.0.0.0/2 arin # all other A classes are managed by ARIN ## The B class space is a mess :-( - something could still be missing ## I add here only netblocks allocated to multiple LIRs by the RIRs. +129.123.0.0/16 arin +130.33.0.0/16 arin +132.226.0.0/16 arin 133.0.0.0/8 whois.nic.ad.jp +134.168.0.0/16 arin +136.188.0.0/14 arin +136.192.0.0/14 arin +136.196.0.0/15 arin +138.243.0.0/16 apnic +139.7.0.0/16 ripe 139.20.0.0/14 ripe 139.24.0.0/14 ripe 139.28.0.0/15 ripe +139.105.0.0/16 ripe 141.0.0.0/10 ripe 141.64.0.0/12 ripe 141.80.0.0/14 ripe @@ -100,11 +110,29 @@ 149.224.0.0/12 ripe 149.240.0.0/13 ripe 149.248.0.0/14 ripe ++150.1.0.0/16 apnic ++150.2.0.0/15 apnic ++150.4.0.0/14 apnic ++150.8.0.0/13 apnic +150.16.0.0/12 apnic +150.32.0.0/11 apnic +150.64.0.0/11 apnic +150.96.0.0/14 apnic +150.98.0.0/15 whois.nic.ad.jp +150.100.0.0/15 apnic 150.254.0.0/16 ripe 151.0.0.0/10 ripe 151.64.0.0/11 ripe 151.96.0.0/14 ripe 151.100.0.0/16 ripe +156.130.0.0/16 arin +156.144.0.0/16 arin +157.36.0.0/16 apnic +157.64.0.0/12 apnic +157.80.0.0/15 apnic +157.82.0.0/16 apnic +158.149.0.0/16 ripe +159.143.0.0/16 arin 160.216.0.0/14 ripe 160.220.0.0/16 ripe 160.44.0.0/14 ripe @@ -115,9 +143,16 @@ 164.32.0.0/13 ripe 164.40.0.0/16 ripe 164.128.0.0/12 ripe +165.146.0.0/18 afrinic +168.158.0.0/16 arin 169.208.0.0/12 apnic +169.242.0.0/16 arin +170.251.0.0/16 arin 171.16.0.0/12 ripe 171.32.0.0/15 ripe +189.0.0.0/8 whois.lacnic.net +190.0.0.0/8 whois.lacnic.net +191.0.0.0/8 apnic ## The C class space is cleanly delegated and the data here should be complete 192.71.0.0/16 ripe 192.72.0.0/16 whois.seed.net.tw # NETBLK-SEED-NETS @@ -214,7 +249,7 @@ 211.192.0.0/10 whois.nic.or.kr # => 211.255.255.255 210.0.0.0/7 apnic 212.0.0.0/7 ripe -214.0.0.0/7 arin # DoD +214.0.0.0/8 arin # DoD 216.0.0.0/8 arin 217.0.0.0/8 ripe 218.216.0.0/13 apnic |
|
From: Jon F. <re...@us...> - 2007-01-31 00:17:05
|
reflous 07/01/30 16:16:21
Modified: . spam.pl
Log:
Enabled the $HOME/.spam/bad list (now if you put hosts in this file
it'll actually not try to email those people)
Revision Changes Path
1.25 +48 -9 spam/spam.pl
Index: spam.pl
===================================================================
RCS file: /cvsroot/spam/spam/spam.pl,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -w -r1.24 -r1.25
--- spam.pl 5 Jan 2006 07:52:03 -0000 1.24
+++ spam.pl 31 Jan 2007 00:16:21 -0000 1.25
@@ -36,6 +36,7 @@
use lib "$FindBin::Bin/lib";
use Whois qw(whois);
use Net::DNS;
+use Net::DNS::Resolver;
use Net::SMTP;
use Config::General;
use Email::Simple;
@@ -98,6 +99,7 @@
'com.mx' => 1,
'com.sg' => 1,
'com.tw' => 1,
+ 'com.uy' => 1,
'idv.tw' => 1,
'js.cn' => 1,
'me.uk' => 1,
@@ -147,6 +149,12 @@
print "## Parsing Header Information\n";
my $received_ips_array = &process_received_headers($mail);
+if ($#{$received_ips_array} == -1) {
+ # This will always occur if 'filterreceived' is enabled and
+ # the users mailserver is not in ~/.spam/friend
+ print "No unfriendly hosts were found in the header. This cannot have been a spam!\n";
+ exit;
+}
foreach my $ip (@$received_ips_array) {
AddHost($ip);
}
@@ -167,10 +175,10 @@
}
}
-if ($#uniqlist == -1) {
- print "No unfriendly hosts were found. This cannot have been a spam!\n";
- exit;
-}
+#if ($#uniqlist == -1) {
+# print "No unfriendly hosts were found. This cannot have been a spam!\n";
+# exit;
+#}
# this is broken
#my (@slist, $editor, $succ);
@@ -721,6 +729,8 @@
if (is_friend($host)) {
dbg("$host is friend, bailout!", 2);
return;
+ } elsif (is_bouncer($host)) {
+ dbg("$host is bad, bailout!", 2);
}
# Deal with IP address
@@ -740,6 +750,9 @@
if ( $reverse_lookup && is_friend($reverse_lookup) ) {
dbg("$reverse_lookup is friend, bailout!", 2);
return;
+ } elsif ( $reverse_lookup && is_bouncer($reverse_lookup) ) {
+ dbg("$reverse_lookup is bad, bailout!", 2);
+ return;
}
## We are left with an unfriendly IP to process
@@ -842,6 +855,22 @@
return 0;
}
+sub is_bouncer {
+ my $host = shift;
+ my $bouncer = "";
+
+ for (@bouncers) {
+ $bouncer = $_;
+ chomp $bouncer;
+
+ if ($host =~ /$bouncer$/i) {
+ return 1;
+ }
+ }
+
+ return 0;
+}
+
###########################################################
#
# IPWHOIS
@@ -880,6 +909,9 @@
if (is_friend($fqdn)) {
dbg("$fqdn is friend, bailout!", 2);
next;
+ } elsif (is_bouncer($fqdn)) {
+ dbg("$fqdn is bad, bailout!", 2);
+ next;
}
AddHost($fqdn);
@@ -1025,6 +1057,10 @@
\$HOME/.spam/friends should be a list with friendly domains that shouldn\'t
receive complaints. Most likely your own site and other related ones.
+ \$HOME/.spam/bad should be a list with bad (bouncer) domains that shouldn\'t
+ receive complaints. Most likely a domain you've received nothing but bounces
+ from.
+
\$HOME/.spam/from should contain the From: email address of the complainer.
\$HOME/.spam/addmailaddress should contain a list of all additional email
@@ -1163,11 +1199,12 @@
my $line = $_;
$line =~ s/\s+$//;
next if ($line =~ /^\s*$/);
+
push(@bad, $line);
}
close(BAD);
} else {
- print "WARNING: You have no .spam/bad defined!\n";
+ print "WARNING: You have no $spamdir/bad defined!\n";
print "WARNING: This may generate unnecessary bounces.\n";
open(BAD, ">$bad_file") or die;
@@ -1178,7 +1215,7 @@
}
if ($bad[0] eq "") {
- print "WARNING: You have no bad domains entered in .spam/bad!\n";
+ print "WARNING: You have no bad domains entered in $spamdir/bad!\n";
print "WARNING: This may generate unnecessary bounces!\n";
}
@@ -1205,7 +1242,9 @@
if($domain =~ m{^[^.]+\.([^.]+\..+)}) {
$domain = $1;
} else {
- die "Cannot lookup contacts for $domain";
+# die "Cannot lookup contacts for '$domain'";
+ warn "Cannot lookup contacts for '$domain'";
+ return undef;
}
}
}
@@ -1247,13 +1286,13 @@
# ns45.webmasters.com (207.142.134.201) is my mailserver, the spammer
# is 211.161.102.142
- # This is what the config variable 'trustreceived' depends on
+ # This is what the config variable 'filterreceived' depends on
my $friend_host = 0;
if ($received[$i] =~ m/by (\D+\S*\.\w+)(?:\s+|$)/) {
$friend_host++ if (is_friend($1));
}
- next if ( (! $friend_host) && ($config{trustreceived}) );
+ next if ( (! $friend_host) && ($config{filterreceived}) );
# extracting IP addresses
while ( $received[$i] =~ s/[^A-Za-z0-9\.]($ip_regex)// ) {
|
|
From: Jon F. <re...@us...> - 2006-03-02 05:33:04
|
reflous 06/03/01 21:33:01
Modified: lib Whois.pm
Log:
now utilizing the '+' toggle for arin, this returns more information
in the whois information for arin lookups -- thanks to ygosset for pointing
this out!
Revision Changes Path
1.4 +8 -1 spam/lib/Whois.pm
Index: Whois.pm
===================================================================
RCS file: /cvsroot/spam/spam/lib/Whois.pm,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -w -r1.3 -r1.4
--- Whois.pm 29 Dec 2005 15:53:00 -0000 1.3
+++ Whois.pm 2 Mar 2006 05:33:01 -0000 1.4
@@ -46,6 +46,13 @@
warn "Couldn\'t determine correct whois server for $args{query}, falling back on arin\n";
$whois_server = 'whois.arin.net';
}
+
+ # Use the '+' arin option for detailed information (full output)
+ # http://www.arin.net/whois/
+ if ($whois_server eq 'whois.arin.net') {
+ $args{query} = '+ ' . $args{query};
+ }
+
last SWITCH;
}
if ( $args{query} =~ /:/ ) {
|
|
From: Jon F. <re...@us...> - 2006-01-18 03:38:53
|
reflous 06/01/17 19:38:48
Added: tools netmask.pl
Log:
useful tool for adding to IPBlks.pm, plug in a netmask range (e.g.
123.123.123.123-124.124.124.124) and it'll spit out a block that can
be plugged into IPBlks.pm
Revision Changes Path
1.1 spam/tools/netmask.pl
Index: netmask.pl
===================================================================
#!/usr/bin/perl
#
# $Id: netmask.pl,v 1.1 2006/01/18 03:38:47 reflous Exp $
use Net::Netmask;
my $range = $ARGV[0];
#$range = '222.0.0.0-222.255.255.255';
#$range = '0.0.0.0/4';
my $block = Net::Netmask->new($range);
print "IPBlk.pm: " . $block->desc() . "\n";
print "First: " . $block->first() . "\n";
print "Last: " . $block->last() . "\n";
#print "MATCH-GOOD: " . $block->match('222.252.188.58') . "\n";
#print "MATCH-BAD : " . $block->match('223.22.22.22') . "\n";
|
|
From: Jon F. <re...@us...> - 2006-01-18 03:35:32
|
reflous 06/01/17 19:35:26 spam/tools - New directory |
|
From: Jon F. <re...@us...> - 2006-01-05 07:53:29
|
reflous 06/01/04 23:53:08 Modified: . config Log: added more documentation in the config file, also added 'bodyextractemails' and 'trustreceived' which will be used in v0.26 Revision Changes Path 1.5 +39 -19 spam/config Index: config =================================================================== RCS file: /cvsroot/spam/spam/config,v retrieving revision 1.4 retrieving revision 1.5 diff -u -w -r1.4 -r1.5 --- config 27 Dec 2005 19:53:19 -0000 1.4 +++ config 5 Jan 2006 07:53:08 -0000 1.5 @@ -16,43 +16,63 @@ # ############################################################################ -# SMTP information +######################## +# EMAIL/SMTP information +# smtpserver used for outgoing email smtpserver = <PUT YOUR SMTP SERVER HERE> + +# who the email spam.pl generates will be from mailfrom = <PUT YOUR EMAIL ADDRESS HERE> -# Enable debug mode +# Send complaints to myself as well as the normal recepiants: +bccme = 1 + +# Do not include the spam body in the complaint, only the spam headers: +bequiet = 0 + +# Do not include the .signature at the bottom of all complaints +nosig = 0 + +# Set a single receiver to receive all complaints all times: +#singlereceiver = fo...@fo...r + +# Send all complaints through abuse.net's complaint service: +abusenet = 0 + +######################## +# Debug (emails will not be sent when debug mode is enabled) +# 0 = Debug mode is off +# 1 = Enable debug mode +# 2 = Enable verbose debug mode debug = 0 -# Enable verbose debug mode -debug2 = 0 +######################## +# How to analyze the spam + +# trust only Received headers that your friend mailservers generate, +# this will eliminate generating reports to servers implicated by +# forged Received headers +trustreceived = 1 # Search the mail body for domain names bodyextract = 1 +# Search the body for email addresses and report to the domain of +# those domains, for this to work 'bodyextract' must be enabled +bodyextractemails = 1 + # Use the whois.abuse.net service: whois = 1 +######################## +# Other + # Run $EDITOR to allow complaint address editing before send editlist = 0 -# Send all complaints through abuse.net's complaint service: -abusenet = 0 - -# Send complaints to myself as well as the normal recepiants: -bccme = 1 - # The spam came quoted/forwarded to me, included in a mail included = 0 -# Do not include the spam body in the complaint, only the spam headers: -bequiet = 0 - -# Do not include the .signature at the bottom of all complaints -nosig = 0 - -# Set a single receiver to receive all complaints all times: -#singlereceiver = fo...@fo...r - # Enable rabid mode (super aggressive) # Recommended OFF for now. rabid = 0 |
|
From: Jon F. <re...@us...> - 2006-01-05 07:52:11
|
reflous 06/01/04 23:52:04
Modified: . spam.pl
Log:
major upgrade
- using Email::Simple to parse emails now
- using Email::MIME to decode the email bodies
- new option 'trustreceived' if enabled will only use Received: headers that are
from trusted mailservers, eliminating reporting to spoofed headers
- new option 'bodyextractemails' if enabled will pull out the spammer's email
from the body and report to the domain/domain hosts that they have a spammer
- code cleanup
- the -e option appears to be broken, commented out the code
Revision Changes Path
1.24 +337 -409 spam/spam.pl
Index: spam.pl
===================================================================
RCS file: /cvsroot/spam/spam/spam.pl,v
retrieving revision 1.23
retrieving revision 1.24
diff -u -w -r1.23 -r1.24
--- spam.pl 29 Dec 2005 15:52:15 -0000 1.23
+++ spam.pl 5 Jan 2006 07:52:03 -0000 1.24
@@ -6,8 +6,8 @@
# Maintained by:
# Jon Feldhammer <jo...@ap...>
#
-my $date="December 29, 2005";
-my $version="0.25";
+my $date="January 5, 2006";
+my $version="0.26";
#
# Spam is an internet desease that's really hard to take down. I do my best to
# complain on all spam mails I receive. 1997 I wrote a script that does the
@@ -38,6 +38,8 @@
use Net::DNS;
use Net::SMTP;
use Config::General;
+use Email::Simple;
+use Email::MIME;
use strict;
### debug management
@@ -65,6 +67,8 @@
mkdir("$spamdir", 0755) unless -d $spamdir;
die "No $spamdir directory." unless -d $spamdir;
my $spamconfig = "$spamdir/config";
+my $body_path="$spamdir/complaint";
+my $sig_path="$home/.signature";
my %config;
unless (-e $spamconfig and %config = ParseConfig($spamconfig) ) {
@@ -75,6 +79,10 @@
die "\n";
}
+# Useful Regexes
+my $ip_regex = qr/\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/;
+my $included_regex = qr/^\s*>\x20*/;
+
#
# This is a small list with known two-name domains that should not get
# added as a mail receiving domain.
@@ -111,154 +119,95 @@
my @emails = ();
my $inheader = 0;
-my @friends = @{&parseFriends()}; # don't send abuse emails to friends
-my @bouncers = @{&parseBad()}; # known bouncers -- inactive right now
+my @friends = @{&parse_friends()}; # don't send abuse emails to friends
+my @bouncers = @{&parse_bad()}; # known bouncers -- inactive right now
-&parseArgs();
-&upgradefiles(); # check to see if we need to upgrade old config files
+&parse_args();
+&upgrade_files(); # check to see if we need to upgrade old config files
+# this is a complete hack
+my $prompt;
###########################################################
# Parse the email
###########################################################
-my @mail=<STDIN>; # I'd like to make STDIN an option one day
-
-## Start with the header
-my ($blankline, $blankline2, $line, $editor, $succ, $badhost,
- $prompt, $ans, $abort, $sig, $pager, $tmpfile, $insubject,
- $newbody, $dir, $addrs, $host, $body);
-my (@concat, @mailheader, @mailbody, @slist, @body, @list);
+my $email_raw = join("", <STDIN>);
+# If this email was replied to strip off the > characters
+# *IMPORTANT* things may go awry if this is more than JUST the
+# email (i.e. other things inside)
if ($config{included}) {
- $blankline = $blankline2 = 0;
+ $email_raw =~ s/$included_regex//gsm;
}
-my $x_spam_header = 0;
-for (my $i = 0; $i <= $#mail; $i++) {
-
- # get rid of X-Spam headers
- if ($mail[$i] =~ m/^X-Spam/) {
- $x_spam_header = 1;
- next;
- } elsif ($x_spam_header && ($mail[$i] =~ m/^\t/) ) {
- next;
- } else {
- $x_spam_header = 0;
- }
-
- if ($config{included}) {
- $mail[$i] =~ s/^\s*>\s*//;
-
- if ($blankline2) {
- next;
- }
+# JDF: using Email::Simple to parse the email
+# only thing I'm missing here is dropping X-Spam headers
+my $mail = Email::Simple->new($email_raw);
- if (!$blankline && ($mail[$i] =~ /^\s*$/)) {
- $blankline = 1;
- next;
- } elsif (!$blankline) {
- next;
- }
- if (!$inheader && ($mail[$i] =~ /^[a-z0-9-_]*:/i)) {
- $inheader = 1;
- } elsif (!$inheader) {
- next;
- }
+print "## Parsing Header Information\n";
+my $received_ips_array = &process_received_headers($mail);
+foreach my $ip (@$received_ips_array) {
+ AddHost($ip);
}
- if (!$inheader && ($mail[$i] =~ /^(|>)From /)) {
- $inheader=1;
- } elsif (($inheader<2) && ($mail[$i] =~ /^([A-Za-z_0-9-]*): /)) {
- # we may have found a header _without_ a previous "From " line.
- # this may happen when we pipe in a mail from a mail program since
- # those tend to strip the first from line
- # doesn't really matter, though...
- $inheader=1;
-
- # save this line as a header
- $line = $mail[$i];
- push @mailheader, $line;
-
- chomp $line;
- push @concat, $line;
- } elsif (($inheader==1) && ($mail[$i] =~ /^[ \t]/)) {
- $line = $mail[$i];
- push @mailheader, $line;
-
- chomp $line;
+my $body_hosts_array;
+if ($config{bodyextract}) {
+ print "## Parsing body\n";
- # replacing a sequence of beginning whitespaces with a single space
- $line =~ s/^[ \t]*/ /g;
+ $body_hosts_array = &extract_body_hosts($email_raw);
+ foreach my $host (@$body_hosts_array) {
+ AddHost($host);
- # append to previous line:
- $concat[$#concat]=$concat[$#concat].$line;
- } else {
- if ($config{included}) {
- if (!$blankline2 && /^\s*$/) {
- $blankline2 = 1;
- $inheader = 2;
- }
- } elsif ($inheader == 1) {
- $inheader=2;
+ # since this is the spammer's website let's dig deeper
+ if ($host !~ /$ip_regex/) {
+ my @resolved_ips = lookup_all_ips($host);
+ for (@resolved_ips) {AddHost($_)};
}
}
- if ($inheader == 2) {
- push @mailbody, $mail[$i];
}
-}
-
-print "## Parsing Header Information\n";
-&extract_header_info(\@concat);
-
-if ($config{bodyextract}) {
- #
- # Extract evil hosts from the spam mail body
- #
- print "## Parsing body\n";
- &extractbodyhosts();
-}
-
-if ($uniqlist[0] eq "") {
+if ($#uniqlist == -1) {
print "No unfriendly hosts were found. This cannot have been a spam!\n";
exit;
}
-# Stuff used for the -e tag
-if ($config{editlist}) {
- # we sort the list for human comfort
- @slist = sort { reverse($a) cmp reverse($b) } @uniqlist;
- my $file = "$home/.spam.$$";
- open(TMP, ">$file");
-
- for (@slist) {
- print TMP "$_\n";
- }
- close(TMP);
-
- $editor=$ENV{'EDITOR'};
-
- print "INVOKES \"$editor $file\"\n";
-
- $succ=system($editor, $file);
-
- print "SYSTEM: $succ\n";
-
- if (open(TMP, "<$file")) {
- undef @uniqlist;
- while (<TMP>) {
- chomp;
- push @uniqlist, $_;
- }
- close(TMP);
- system("rm $file");
- if ($uniqlist[0] eq "") {
- print "BOO: all hosts removed, exiting!\n";
- exit;
- }
- }
-}
+# this is broken
+#my (@slist, $editor, $succ);
+## Stuff used for the -e tag
+#if ($config{editlist}) {
+# # we sort the list for human comfort
+# @slist = sort { reverse($a) cmp reverse($b) } @uniqlist;
+# my $file = "$home/.spam.$$";
+# open(TMP, ">$file");
+#
+# for (@slist) {
+# print TMP "$_\n";
+# }
+# close(TMP);
+#
+# $editor=$ENV{'EDITOR'};
+#
+# print "INVOKES \"$editor $file\"\n";
+#
+# $succ=system($editor, $file);
+#
+# print "SYSTEM: $succ\n";
+#
+# if (open(TMP, "<$file")) {
+# undef @uniqlist;
+# while (<TMP>) {
+# chomp;
+# push @uniqlist, $_;
+# }
+# close(TMP);
+# system("rm $file");
+# if ($uniqlist[0] eq "") {
+# print "BOO: all hosts removed, exiting!\n";
+# exit;
+# }
+# }
+#}
# create all new combinations of hosts:
if (! $config{abusenet}) {
@@ -266,13 +215,11 @@
%complaints = ();
foreach my $host (@uniqlist) {
- $badhost = $host;
-
- my $lookup_list = ablookup($badhost);
- @list = @$lookup_list;
+ my $lookup_list = ablookup($host);
+ my @list = @$lookup_list;
for (my $i = 0; $i <= $#list; $i++) {
- print "ABUSENET: $badhost => $list[$i]\n" if ($config{debug});
+ dbg("ABUSENET: $host => $list[$i]", 1);
$complaints{lc($list[$i])} = 1;
}
}
@@ -291,7 +238,7 @@
}
# we sort the list
-@slist = sort { reverse($a) cmp reverse($b) } @uniqlist;
+my @slist = sort { reverse($a) cmp reverse($b) } @uniqlist;
if (!$config{abusenet}) {
# make email addresses out of the hosts:
@@ -327,9 +274,8 @@
#
# Now, get the predefined complaint mail or use our built-in.
-$body="$spamdir/complaint";
-
-if (open(BODY, "<$body")) {
+my @body;
+if (open(BODY, "<$body_path")) {
@body=<BODY>;
close(BODY);
} else {
@@ -368,131 +314,119 @@
}
# add the original message
+# for some reason Email::Simple doesn't offer a method to get the email
+# headers back, so have to directly access the "private" method
+my ($head_raw, $body_raw, $mycrlf) = Email::Simple::_split_head_from_body($email_raw);
+
if($config{bequiet}) {
push @body, "\n--- start of spam headers ---\n";
-}
-else {
+} else {
push @body, "\n--- start of spam ---\n";
}
-push @body, @mailheader;
+
+push @body, $head_raw;
if($config{bequiet}) {
push @body, "\n--- end of spam headers ---\n";
-}
-else {
+} else {
# push @body, "\n";
- push @body, @mailbody;
+ push @body, $body_raw;
push @body, "\n--- end of spam ---\n";
}
# add the signature if wanted
-
-$sig="$home/.signature";
-if(!$config{nosig} && open(SIG, "< $sig")) {
+if(!$config{nosig} && open(SIG, "< $sig_path")) {
push @body, "\n-- \n";
push @body, <SIG>;
close(SIG);
}
-# set up pager and editor with defaults if necessary
-$pager=$pager || $ENV{PAGER} || 'more';
-$editor=$editor || $ENV{EDITOR} || $ENV{VISUAL} || 'vi';
-
-# where to make a temp file
-mkdir "$spamdir/tmp", 0755 unless -d "$spamdir/tmp";
-$tmpfile="$spamdir/tmp/.spam.$$";
-
-# if we're to prompt, we need to start reading from /dev/tty now.
-if($prompt) {
- if(!open(STDIN, '/dev/tty')) {
- print "Could not read from /dev/tty. If this is not a UNIX machine, you\n";
- print "must disable the 'prompt' option in your config file!\n";
- exit;
- }
- # unbuffer output for single-line prompts
- $|=1;
-}
-# print an informative message and then prompt if desired
-while(1) {
- print "\n";
- if($config{debug}) {
- print "Spam-subject: $insubject\n";
- print "NOTE: Running in debug mode; mail will not actually be sent.\n";
- }
- print "Recipients:\n";
- foreach(@emails) {
- print " $_\n";
- }
-
- if($prompt) {
- print "\nSend (s), abort (a), view body (v), edit body (e) or edit recipients (r)? ";
- ($ans=lc(<STDIN>))=~s/^\s*(\S).*/$1/s;
- print "\n\n";
- if($ans eq 'a') {
- print "Aborting!\n";
- $abort=1;
- last;
- } elsif($ans eq 's') {
- print $config{debug} ? "Running in debug mode; mail will not actually be sent.\n" : "Sending now!\n";
- last;
- } elsif($ans eq 'v') {
- writetmp(@body);
- system("$pager $tmpfile");
- unlink($tmpfile);
- } elsif($ans eq 'e') {
- writetmp(@body);
- system("$editor $tmpfile");
- $newbody=readtmp();
- if($newbody eq '') {
- print "Cannot send email with no body; changes aborted and old body restored.\n";
- next;
- }
- @body=($newbody);
- print "Changes saved.\n";
- } elsif($ans eq 'r') {
- writetmp(join("\n", @emails));
- system("$editor $tmpfile");
- @emails=readtmp(1);
- if(!@emails) {
- print "WARNING: All recipients deleted; mail will not be sent.\n";
- next;
- }
- print "Changes saved.\n";
- } else {
- print "Invalid option! Please try again:\n";
- }
- } else {
- last;
- }
-}
+## set up pager and editor with defaults if necessary
+#$pager=$pager || $ENV{PAGER} || 'more';
+#$editor=$editor || $ENV{EDITOR} || $ENV{VISUAL} || 'vi';
+#
+## where to make a temp file
+#mkdir "$spamdir/tmp", 0755 unless -d "$spamdir/tmp";
+#$tmpfile="$spamdir/tmp/.spam.$$";
+#
+## if we're to prompt, we need to start reading from /dev/tty now.
+#if($prompt) {
+# if(!open(STDIN, '/dev/tty')) {
+# print "Could not read from /dev/tty. If this is not a UNIX machine, you\n";
+# print "must disable the 'prompt' option in your config file!\n";
+# exit;
+# }
+# # unbuffer output for single-line prompts
+# $|=1;
+#}
+## print an informative message and then prompt if desired
+#while(1) {
+# print "\n";
+# if($config{debug}) {
+# print "Spam-subject: $insubject\n";
+# print "NOTE: Running in debug mode; mail will not actually be sent.\n";
+# }
+# print "Recipients:\n";
+# foreach(@emails) {
+# print " $_\n";
+# }
+#
+# if($prompt) {
+# print "\nSend (s), abort (a), view body (v), edit body (e) or edit recipients (r)? ";
+# ($ans=lc(<STDIN>))=~s/^\s*(\S).*/$1/s;
+# print "\n\n";
+# if($ans eq 'a') {
+# print "Aborting!\n";
+# $abort=1;
+# last;
+# } elsif($ans eq 's') {
+# print $config{debug} ? "Running in debug mode; mail will not actually be sent.\n" : "Sending now!\n";
+# last;
+# } elsif($ans eq 'v') {
+# writetmp(@body);
+# system("$pager $tmpfile");
+# unlink($tmpfile);
+# } elsif($ans eq 'e') {
+# writetmp(@body);
+# system("$editor $tmpfile");
+# $newbody=readtmp();
+# if($newbody eq '') {
+# print "Cannot send email with no body; changes aborted and old body restored.\n";
+# next;
+# }
+# @body=($newbody);
+# print "Changes saved.\n";
+# } elsif($ans eq 'r') {
+# writetmp(join("\n", @emails));
+# system("$editor $tmpfile");
+# @emails=readtmp(1);
+# if(!@emails) {
+# print "WARNING: All recipients deleted; mail will not be sent.\n";
+# next;
+# }
+# print "Changes saved.\n";
+# } else {
+# print "Invalid option! Please try again:\n";
+# }
+# } else {
+# last;
+# }
+#}
#
# Produce the complaint email
#
my $mailto = join(', ', @emails);
-#my $receiver=join(', ', @emails);
-
-# If a single argument was specified, we mail the stuff to that address only
-#if ($config{singlereceiver} ne "") {
-# $mailto = $config{singlereceiver};
-#} else {
-# $mailto = $receiver;
-#}
-if(!$config{debug} && !$abort && @emails) {
+# $abort is used in the manual mode
+#if(!$config{debug} && !$abort && @emails) {
+if(!$config{debug} && @emails) {
if($config{abusenet}) {
foreach my $eml (@emails) {
# a single mail for each offender!
-# $receiver = $_;
-# if($config{singlereceiver} ne "") {
-# # for debugging, you can get it to mail a single specified addy
-# $mailto=$config{singlereceiver};
-# } else {
-# $mailto=$receiver;
-# }
&mailaway($eml);
}
} else {
@@ -507,7 +441,7 @@
# This function checks for 0.13-style or earlier configuration files, and
# moves them to the new-style config in the ~/.spam subdirectory!
-sub upgradefiles {
+sub upgrade_files {
if ( ((-r "$home/.spamcomplaint") ||
(-r "$home/.spamfrom") ||
(-r "$home/.spamfriends")) &&
@@ -516,7 +450,7 @@
print "NOTICE: They are now found in $home/.spam\n";
mkdir("$home/.spam", 0755); # create subdirectory
- $dir="$home/.spam";
+ my $dir="$home/.spam";
system("mv $home/.spamcomplaint $dir/complaint");
system("mv $home/.spamfrom $dir/from");
@@ -534,34 +468,34 @@
}
# write all elements of an array to temp file
-sub writetmp {
- open(TMP, "> $tmpfile") or die "Couldn't write $tmpfile: $!";
- chmod(0600, $tmpfile);
- print TMP @_;
- close(TMP);
-}
+#sub writetmp {
+# open(TMP, "> $tmpfile") or die "Couldn't write $tmpfile: $!";
+# chmod(0600, $tmpfile);
+# print TMP @_;
+# close(TMP);
+#}
# read a temp file into a scalar if no args passed; readtmp(1) reads
# into an array of addresses, ignoring blank lines.
-sub readtmp {
- my(@res, $res);
- $addrs=$_[0];
- open(TMP, $tmpfile) or die "Couldn't read $tmpfile: $!";
- while(<TMP>) {
- if($addrs) {
- s/^\s+|\s*$//sg;
- push @res, $_ if $_ ne "";
- } else {
- $res.=$_;
- }
- }
- close(TMP);
- unlink($tmpfile);
- if(!$addrs) {
- $res=~s/^\s+|\s*$//sg;
- }
- return $addrs ? @res : $res."\n";
-}
+#sub readtmp {
+# my(@res, $res);
+# $addrs=$_[0];
+# open(TMP, $tmpfile) or die "Couldn't read $tmpfile: $!";
+# while(<TMP>) {
+# if($addrs) {
+# s/^\s+|\s*$//sg;
+# push @res, $_ if $_ ne "";
+# } else {
+# $res.=$_;
+# }
+# }
+# close(TMP);
+# unlink($tmpfile);
+# if(!$addrs) {
+# $res=~s/^\s+|\s*$//sg;
+# }
+# return $addrs ? @res : $res."\n";
+#}
sub nslookup {
my $ip = $_[0];
@@ -579,29 +513,32 @@
# $newhost =~ /^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/) {
# Didn't successfully resolve the hostname from the IP
$newhost = "";
- print "NSLOOKUP: could not resolve $ip ($newhost)\n" if ($config{debug});
+ dbg("NSLOOKUP: could not resolve $ip ($newhost)", 1);
+ return undef;
} else {
$offender_ip{$ip} = $newhost;
- print "NSLOOKUP: $ip => $newhost\n" if ($config{debug2});
+ dbg("NSLOOKUP: $ip => $newhost", 2);
}
}
return $newhost;
}
-sub extractbodyhosts {
- my ($name,$aliases,$type,$len,$addr); # gethostbyname rtn vals
- my ($a, $b, $c, $d);
- my ($body_ip);
+sub extract_body_hosts {
+ my $email_raw = shift;
+ my $parsed = Email::MIME->new($email_raw);
+ my @body = $parsed->body;
+ my (%found_hosts);
+
+ for (my $x = 0; $x <= $#body; $x++) {
+ my $line = $body[$x];
+ my $host = "";
- for (my $x = 0; $x <= $#mailbody; $x++) {
-
- # while through a replace thing to match several links properly
- $line = $mailbody[$x];
while (($line =~ s/http:\/\/([a-z0-9\-.]*)//i) ||
($line =~ s/www\.([a-z0-9\-.]*)//i)) {
$host = $1;
- if ($host =~ /^((\d*)\.(\d*)\.(\d*)\.(\d*))$/) {
+
+ if ($host =~ /^$ip_regex$/) {
# print "IPv4\n";
$host = $1;
} elsif (($host =~ /^(\d+)$/) && ($1>255)) {
@@ -618,49 +555,30 @@
#printf "IP $ip & %08x\n", 0xff<<($s*8);
$rip .= ($ip&(255<<($s*8)))>>($s*8);
}
-
$host = $rip;
} else {
# print "regular host\n";
}
-# if ($host =~ /^((\d*)\.(\d*)\.(\d*)\.(\d*))$/) {
-#
-# $newhost = &nslookup($host);
-#
-# if ($newhost) {
-# $host = $newhost;
-# }
-# }
-
# cut off 'www' to get a more likely mailable domain
- $host =~ s/^www.(.*)/$1/;
+ $host =~ s/^www\.//;
next if ($offender_host{$host});
- if ($host) {
- if ($config{debug}) {
- print "BODY-HOST: $host\n";
- }
- AddHost($host);
+ $found_hosts{$host} = 1;
- # Let's dig a little deeper since this is the spammer's website
- ($name,$aliases,$type,$len,$addr) = gethostbyname($host);
- ($a, $b, $c, $d) = unpack('C4', $addr);
-
- if ($a && $b && $c && $d) {
- $body_ip = join(".", ($a, $b, $c, $d));
- AddHost($body_ip);
- } else {
- print " * gethostbyname failed for $host\n" if ($config{debug2});
- next;
- }
+ } # end while $line
+ if ($config{bodyextractemails}) {
+ while ($line =~ s/\@(\S+\.\w+)(?:\s|$|")//) {
+ $found_hosts{$1} = 1;
}
}
- }
+ } # end for @body
+ my @host_list = keys %found_hosts;
+ return \@host_list;
}
sub mailaway {
@@ -695,6 +613,9 @@
if($config{mailfrom} ne "") {
$smtp->datasend("From: $config{mailfrom}\n");
}
+
+ # JDF -- this is dirty
+ my $insubject = $mail->header('Subject');
if(($insubject =~ /\=\?iso/i) || ($insubject eq "")) {
# MIME code in subject, just leave it out of the complaint subject
$smtp->datasend("Subject: Spam Report!\n");
@@ -780,32 +701,30 @@
my $host = lc($_[0]);
my ($ip, $reverse_lookup);
- if ($config{debug2}) {
- print "ADDHOST: $host\n";
- }
+ dbg("ADDHOST: $host", 2);
## clean up the host info
# sometimes we get trailing junk on the host name, like semicolons
- $host =~ s/([;:\)])+ *$//g;
- $host =~ s/\r//g;
+# $host =~ s/([;:\)])+ *$//g;
+# $host =~ s/\r//g;
# @ in the host name looks like a fake
- if ($host =~ /\@/) {
- print "FAKE HOST: $host\n" if ($config{debug2});
- return;
+# if ($host =~ /\@/) {
+# dbg("FAKE HOST: $host", 2);
+# return;
# if this "host" has an @ letter, we cut it and everything to the
# left of it
# $host =~ s/([^@]*)@(.*)/$2/g;
- }
+# }
# known friendly domains/IPs are not added
if (is_friend($host)) {
- print "$host is friend, bailout!\n" if ($config{debug2});
+ dbg("$host is friend, bailout!", 2);
return;
}
# Deal with IP address
- if ($host =~ /^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/) {
+ if ($host =~ /^$ip_regex$/) {
$ip = $host;
# Have we seem this IP before?
@@ -819,7 +738,7 @@
# make sure the ip doesn't resolve to a friend
if ( $reverse_lookup && is_friend($reverse_lookup) ) {
- print "$reverse_lookup is friend, bailout!\n" if ($config{debug2});
+ dbg("$reverse_lookup is friend, bailout!", 2);
return;
}
@@ -836,9 +755,7 @@
} # end if IP address
if ($knowntopdoms{$host}) {
- if ($config{debug2}) {
- print "$host is known TLD, bailout!\n";
- }
+ dbg("$host is known TLD, bailout!", 2);
return;
}
@@ -875,7 +792,7 @@
my $dom = shift;
my ($whois_info, $tld);
- print "CHECKING-DOMAIN: $dom\n" if ($config{debug2});
+ dbg("CHECKING-DOMAIN: $dom", 2);
if ($dom =~ /\.([^\.]+)$/) {
$tld = $1;
@@ -886,8 +803,8 @@
eval { $whois_info = whois(query => $dom); };
- if ($@ && $config{debug}) {
- print " * timeout checking $dom\n";
+ if ($@) {
+ dbg(" * timeout checking $dom", 1);
return 0;
}
@@ -901,9 +818,7 @@
m/\^% No entries found for the selected source.*$/ ||
m/^No Match.*$/i ||
m/^No information about domain $dom.*$/i) {
- if ($config{debug2}) {
- print "BAD-DOMAINNAME: $dom\n";
- }
+ dbg("BAD-DOMAINNAME: $dom", 2);
return 0;
}
}
@@ -943,8 +858,8 @@
eval { $ip_whois_response = whois(query => $ip); };
- if ($@ && $config{debug}) {
- warn "&ipwhois failure: $@";
+ if ($@) {
+ dbg("&ipwhois failure: $@", 1);
return;
}
@@ -960,12 +875,10 @@
next if ($fqdn eq 'apnic.net');
next if ($offender_host{$fqdn}); # skip this fqdn if we've seen it before
- if ( $config{debug} ) {
- print " * $ip is associated with $fqdn\n";
- }
+ dbg(" * $ip is associated with $fqdn", 1);
if (is_friend($fqdn)) {
- print "$fqdn is friend, bailout!\n" if ($config{debug2});
+ dbg("$fqdn is friend, bailout!", 2);
next;
}
@@ -974,9 +887,7 @@
my $email = $localpart . '@' . $fqdn;
if ($line =~ /abuse/) {
AddAbuseEmail($email);
- if ( $config{debug} ) {
- print "ABUSE-MAIL-FOR-$ip: $email\n";
- }
+ dbg("ABUSE-MAIL-FOR-$ip: $email", 1);
}
}
@@ -996,9 +907,7 @@
$email = lc($email);
$email =~ s/(?:\s|\r|\n)//g;
- if ($config{debug2}) {
- print "ADD-ABUSE-EMAIL: $email\n";
- }
+ dbg("ADD-ABUSE-EMAIL: $email", 2);
push @abuse_emails, $email;
}
@@ -1059,7 +968,7 @@
push @emails, $host."\@abuse.net";
}
-sub parseArgs() {
+sub parse_args() {
if ($ARGV[0] eq "-h") {
print <<EOF;
spam.pl version $version ($date)
@@ -1079,6 +988,8 @@
-d runs in debug-mode (shows a lot of internal processing choices).
debug-mode does not send any mail.
+ -dd runs in verbose-debug-mode
+
-e Edit list. Your \$EDITOR gets invoked with the list of found hosts before
the mail is sent, to allow you to edit the list manually first.
@@ -1145,12 +1056,10 @@
$config{editlist}^=1;
} elsif ($ARGV[0] eq "-d") {
$config{debug}=1;
-#JDF fix this
print "DEBUG MODE ENABLED\n";
} elsif ($ARGV[0] eq "-dd") {
- $config{debug}=1;
- $config{debug2}=1; # extra detailed debug info
- print "DEBUG MODE ENABLED\n";
+ $config{debug}=2;
+ print "VERBOSE DEBUG MODE ENABLED\n";
} elsif ($ARGV[0] eq "-a") {
$config{abusenet} ^= 1;
} elsif ($ARGV[0] eq "-m") {
@@ -1175,16 +1084,10 @@
if ($ARGV[0] ne "") {
shift @ARGV;
- parseArgs();
+ parse_args();
# goto argv;
}
- # change by egg...@be...
- if ($config{debug2}) {
-# print "VERBOSE DEBUG MODE ENABLED\n";
- } elsif ($config{debug}) {
-# print "DEBUG MODE ENABLED\n";
- }
if ($config{singlereceiver} ne "") {
print "Single receiver : $config{singlereceiver}\n";
}
@@ -1214,7 +1117,7 @@
# its pretty important that both of those domains are added to prevent
# this script to send complaints to them too!
#
-sub parseFriends() {
+sub parse_friends() {
my $friends="$spamdir/friends";
my(@friends, $line);
@@ -1250,14 +1153,14 @@
# This file consists of hostnames that send spam but don't receive
# mail. In the future I'd like to do further research and find out who
# hosts the website in order to report to those.
-sub parseBad() {
+sub parse_bad() {
my $bad_file="$spamdir/bad";
my(@bad);
if (open(BAD, "<$bad_file")) {
while (<BAD>) {
chomp;
- $line = $_;
+ my $line = $_;
$line =~ s/\s+$//;
next if ($line =~ /^\s*$/);
push(@bad, $line);
@@ -1308,69 +1211,94 @@
}
}
-sub extract_header_info {
- my @concat = @{shift(@_)};
- my $rheaders=0;
-
- #
# Extract hosts from the headers.
#
# Useful links for understanding Received: headers & the common spoofs:
# http://www.stopspam.org/email/headers.html
# http://www.faqs.org/rfcs/rfc821.html
# http://www.faqs.org/rfcs/rfc822.html
- #
- for (@concat) {
- if (m/^Received: /) {
- # This is a received line, deal with it.
- #
+sub process_received_headers {
+ my $mail = shift;
+ my @received = $mail->header('Received');
+ my $total_received = $#received;
+
+ if ($total_received == 0) {
+ print "No received: headers were found!\n";
+ exit;
+ }
+
+ my %ips = ();
+ # Loop through
+ for (my $i = 0; $i <= $total_received; $i++) {
# Unfortunately, the only Received lines you can be sure of are the ones
# that are from your mail servers. Currently spam.pl will look at all
# the received headers and treat them equally.
#
- # EXAMPLE:
+ # EXAMPLES:
# Received: from gade.imada.ou.dk (ro...@ga...
# [130.225.128.158]) by gatekeeper.frontec.se (8.8.2/8.8.2) with ESMTP
# id OAA07503 for <Dan...@st...>;
# Sun, 16 Aug 1998 14:28:03 +0200 (MET DST)
+ #
+ # -- this is the type I generally get from spammers
+ # Received: from unknown (HELO 207.142.134.201) (211.161.102.142)
+ # by ns45.webmasters.com with SMTP; 1 Jan 2006 06:37:50 -0000
+ #
+ # ns45.webmasters.com (207.142.134.201) is my mailserver, the spammer
+ # is 211.161.102.142
- $rheaders++;
- my $rest = substr($_,10);
+ # This is what the config variable 'trustreceived' depends on
+ my $friend_host = 0;
+ if ($received[$i] =~ m/by (\D+\S*\.\w+)(?:\s+|$)/) {
+ $friend_host++ if (is_friend($1));
+ }
- push (@{$email_parts{received}}, $rest);
- my $ipaddr_count = 0;
- my @received = split /\s+/,$rest,-1;
- for (@received) {
- # Only extracting IP addresses, domain name information is too unreliable
- # in the headers
- if ( m/(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})/ &&
- ! m/[A-Za-z](\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})/) {
- #if ($str =~ m/(?<![a-z])(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})/i) {
- # for some reason the look-behind doesn't work properly here
- if ($config{debug}) {print " * IP Found: $1\n";}
- AddHost($1);
- $ipaddr_count++;
- }
- }
- if ( ($ipaddr_count == 0) && $config{debug} ) {
- print " * No ip address found, ignoring.\n";
- }
-
- } elsif (m/^Subject: (.*)/i) {
- $email_parts{subject} = $1;
- $insubject=$1;
- } elsif (m/^Message-ID: (.*)/i) {
- $email_parts{'message-id'} = $1;
- } else {
- #print $_."\n";
+ next if ( (! $friend_host) && ($config{trustreceived}) );
+
+ # extracting IP addresses
+ while ( $received[$i] =~ s/[^A-Za-z0-9\.]($ip_regex)// ) {
+ dbg(" * IP Found: $1", 1);
+ $ips{$1} = 1;
}
}
-#print Dumper(%email_parts);
+ my @ips = keys %ips;
+ return (\@ips);
+}
- if ($rheaders == 0) {
- print "No received: headers were found!\n";
- exit;
+sub dbg {
+ my ($msg, $level) = @_;
+ $level ||= 1;
+
+ if ($config{debug} >= $level) {
+ print $msg . "\n";
+ }
+}
+
+
+# this code is from Mail::SpamAssassin::Received
+sub lookup_all_ips {
+ my ($hostname) = @_;
+
+ my ($name,$aliases,$addrtype,$length,@addrs) = gethostbyname ($hostname);
+ my @moreaddrs;
+
+ # bug 2324: this fails if the user has an /etc/hosts entry for that
+ # hostname; force a DNS lookup by appending a dot, but only if there's
+ # a domain in the hostname (ie. it really is likely to be in external DNS).
+ # use both sets of addrs, as the /etc/hosts data is usable anyway for
+ # internal relaying.
+ if ($hostname =~ /\./) {
+ ($name,$aliases,$addrtype,$length,@moreaddrs) = gethostbyname ($hostname.".");
}
+ my @ips = ();
+ my %seenaddr = ();
+ foreach my $addr (@addrs, @moreaddrs) {
+ next if ($seenaddr{$addr});
+ $seenaddr{$addr} = 1;
+ my ($a,$b,$c,$d) = unpack('C4', $addr);
+ push (@ips, "$a.$b.$c.$d");
+ }
+ return @ips;
}
|
|
From: Jon F. <re...@us...> - 2006-01-05 07:50:58
|
reflous 06/01/04 23:50:53 Modified: lib IPBlks.pm Log: bugfix 0.0.0.0/2 was set as default and was throwing off some ips also added a bunch of ip blocks Revision Changes Path 1.4 +34 -9 spam/lib/IPBlks.pm Index: IPBlks.pm =================================================================== RCS file: /cvsroot/spam/spam/lib/IPBlks.pm,v retrieving revision 1.3 retrieving revision 1.4 diff -u -w -r1.3 -r1.4 --- IPBlks.pm 29 Dec 2005 15:53:26 -0000 1.3 +++ IPBlks.pm 5 Jan 2006 07:50:53 -0000 1.4 @@ -41,17 +41,42 @@ 1; __DATA__ +0.0.0.0/4 arin +16.0.0.0/5 arin 24.192.0.0/14 apnic 24.132.0.0/14 ripe +25.0.0.0/4 arin +32.0.0.0/4 arin +48.0.0.0/5 arin +56.0.0.0/7 arin +58.0.0.0/7 apnic +60.0.0.0/8 apnic 61.112.0.0/12 whois.nic.ad.jp 61.192.0.0/12 whois.nic.ad.jp # => 61.207 61.208.0.0/13 whois.nic.ad.jp # => 61.215 61.0.0.0/8 apnic 62.0.0.0/8 ripe -# broken? -# 63.208.0.0/13 rr.level3.net -80.0.0.0/7 ripe -0.0.0.0/2 arin # all other A classes are managed by ARIN +63.0.0.0/8 arin +# 64.0.0.0-79.255.255.255 is a MESS, I ain't gonna figure it out +#64.10.1.0/24 arin +#64.15.224.0/19 rwhois.exodus.net:4321 +64.0.0.0/4 arin +80.0.0.0/5 ripe +87.0.0.0/8 ripe +88.0.0.0/6 ripe +92.0.0.0/6 arin +96.0.0.0/4 arin +112.0.0.0/5 arin +120.0.0.0/6 arin +124.0.0.0/7 apnic +126.0.0.0/8 apnic +# 127.0.0.0 is the loopback +128.0.0.0/6 arin +132.0.0.0/8 arin +# this sort of default won't work since the hash isn't sorted, can either +# properly sort the hash in get_server 'keys' function call, or enter +# the other ranges by hand (I prefer option #2) +# 0.0.0.0/2 arin # all other A classes are managed by ARIN ## The B class space is a mess :-( - something could still be missing ## I add here only netblocks allocated to multiple LIRs by the RIRs. 133.0.0.0/8 whois.nic.ad.jp |
|
From: Jon F. <jon...@gm...> - 2006-01-04 23:28:46
|
test |
