Quoth Tony Earnshaw on Tue, Feb 15, 2000:
> > if $message_headers matches
> > "${lookup {${mask:$sender_host_address/24}} dbm {/var/mail/blocked/nets}
> > ${value}{nevernevernever}}"
> > then ...
>
> The following seems to work for the domain entries _without_ changing
> the basic flat file at all (Vadim said it couldn't be done).
Well, here you are dependent on $sender_host_address (or
$sender_address_domain). It is more useful to look at the hosts
which relayed the message, as specified in the Received: headers,
without any dependency on the originating host or domain. The
host can be any host on the Net, and the domain is usually faked.
> if ($message_headers contains "Received: from mail.MSExchange.nl" or
> $message_headers contains "Received: from server1.fallbck.net" or
> $message_headers contains "Received: from server2.fallback.net")
> then if
> $message_headers matches "${lookup {$sender_address_domain}
> partial-dbm* {/var/mail/blocked/vortex.db} {$sender_address_domain}}"
> then
> log "$tod_log $message_id SPAM-X-UIDL: sender=$sender_address \
> subject=$header_subject: recipients_count=$recipients_count \
> recipients=$header_to"
> save /var/mail/blocked/cesspit/thspam
> endif
> endif
Ahem, you're trying to see whether messages from the sender
address domain appearing in vortex.db have the said sender
address domain in the headers? If you only care of the sender,
you could do something like:
if "${lookup{$sender_address_domain}partial-dbm*{/var/mail/blocked/vortex.db}{yes}}" is "yes" then
log blah blah
save blah blah
endif
If you're trying to check $sender_address_domain, just check it
without looking at the headers.
But from what I understood, you were trying to block the message
if it was relayed through a blackholed host, not only if it was
sent from one.
Vadik.
--
Real software engineers don't debug programs, they verify correctness.
This process doesn't necessarily involve execution of anything on a
computer, except perhaps a Correctness Verification Aid package.
