Changeset 9 for trunk


Ignore:
Timestamp:
11/06/09 10:45:33 (14 years ago)
Author:
Kris Deugau
Message:

/trunk/dnsbl

Commit current working version of extract-data

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/dnsbl/extract-data

    r8 r9  
    132132  # now, get the relay IP
    133133
     134  my $stmsg = $status->get_message();
     135  my @untrusted = @{$stmsg->{metadata}->{relays_untrusted}};
     136
     137  my $sa_intip = new NetAddr::IP $untrusted[0]->{ip};
     138
     139
    134140  my %headerlist = %{$imap->parse_headers($msgs[$i], "Received")};
    135141  my $recvnum = 0;
     
    171177#Received: from source ([208.95.48.65]) (using TLSv1) by
    172178# exprod5mx230.postini.com ([64.18.4.10]) with SMTP; Fri, 10 Jul
    173     my ($tmprelayip) = ($recv =~ /from source \(\[([\d.]+)\]\) (?:\(using TLSv1\) )?by exprod\dm[xo]b?\d+\.postini\.com/);
     179    my ($tmprelayip) = ($recv =~ /from source \(\[([\d.]+)\]\) (?:\(using TLSv1\) )?by (?:exprod\dm[xo]b?|chipmx)\d+\.postini\.com/);
    174180    $relayip = new NetAddr::IP $tmprelayip;
    175181  } else {
     
    177183    $relayip = new NetAddr::IP $tmprelayip;
    178184  }
     185
     186print "SA vs manual extraction, relay IP mismatch: $sa_intip vs $relayip on\n\t$recv\n" if $sa_intip != $relayip;
    179187
    180188# Hotmail/Windows Live Mail may originate or relay spam, but we can't blacklist them
     
    249257  my $yahoo13 = new NetAddr::IP "209.191.64.0/18";
    250258  next if $relayip->within($yahoo13);
     259 #route:          212.82.104.0/21
     260  my $yahoo14 = new NetAddr::IP "212.82.104.0/21";
     261  next if $relayip->within($yahoo14);
    251262
    252263# and the same goes for Bell Canada.  *le sigh*
     
    270281  next if $relayip->within($craigslist1);
    271282
     283# not gonna whitelist the whole enchilada... just the asmtpout0(11-30).mac.com
     284# 17.148.16     011 -> 86       030 -> 105
     285#IP-Network                    17.0.0.0/8
     286#IP-Network-Block              017.000.000.000 - 017.255.255.255
     287#Org-Name                      Apple Computer, Inc.
     288  my $apple1 = new NetAddr::IP "17.148.16.64/26";
     289  next if $relayip->within($apple1);
     290
    272291  $iplist{$relayip->addr}++ if $relayip;
    273292#  print "$recv\n";
     
    297316}
    298317foreach my $uri (sort keys %urilist) {
    299   my @hout = qx { host $uri.multi.uribl.com; host $uri.uribl.company.com };
     318  my @hout = qx { host '$uri.multi.uribl.com'; host '$uri.uribl.company.com' };
    300319  if ($hout[0] =~ /NXDOMAIN/ && $hout[1] =~ /NXDOMAIN/) {
    301320    if ($opts{u}) {
Note: See TracChangeset for help on using the changeset viewer.