Re: [exim] Lookup ASN of sender

Top Page
Delete this message
Reply to this message
Author: Jeremy Harris
Date:  
To: exim-users @ exim. org
Subject: Re: [exim] Lookup ASN of sender
Sven Hartge wrote:
> warn message = X-Received-ASN: AS${extract{1}{\n}{${lookup \
> dnsdb{txt=\
> ${extract{4}{.}{$sender_host_address}}.\
> ${extract{3}{.}{$sender_host_address}}.\
> ${extract{2}{.}{$sender_host_address}}.\
> ${extract{1}{.}{$sender_host_address}}.\
> asn.routeviews.org}}}}


Very nice. But I just *had* to muck with it :-)

received_header_text = Received: \
         ${if def:sender_rcvhost    {from $sender_rcvhost\n\t}\
         {${if def:sender_ident     {from $sender_ident\n\t}}\
         ${if def:sender_helo_name  {(helo=$sender_helo_name)\n\t}}}}\
         ${if def:acl_c6            {sender type \{$acl_c6\}\n\t}}\
         ${if and { {match {$received_protocol}{[ea]?smtps?a?}}\
                    {!eq {$sender_host_address}{127.0.0.1}}\
                    {isip4 {$sender_host_address}}\
                  }\
                 {from_AS ${extract{1}{\n}{${lookup dnsdb{txt=\
                     ${extract{4}{.}{$sender_host_address}}.\
                     ${extract{3}{.}{$sender_host_address}}.\
                     ${extract{2}{.}{$sender_host_address}}.\
                     ${extract{1}{.}{$sender_host_address}}.\
                     asn.routeviews.org}}}}\n\t}}\
         by $primary_hostname \
         ${if def:received_protocol {with $received_protocol\n\t}}\
         ${if def:tls_cipher        {($tls_cipher)\n\t}}\
         (Exim $version_number)\n\t\
         id $message_id\
         ${if def:received_for      {\n\tfor $received_for}}



(acl_c6 gets the results of a p0f lookup.
http://lcamtuf.coredump.cx/p0f.shtml)

Cheers,
    Jeremy