[exim] pcre-test-ing & host matching question

トップ ページ
このメッセージを削除
このメッセージに返信
著者: Karl Fischer
日付:  
To: exim-users
題目: [exim] pcre-test-ing & host matching question

Hi,

since a couple of weeks I'm using a mixed list of hostnames and regex
to recognise typical dialup reverse-DNS entries, which is surprisingly
successful ... (it catches 80+ % of all the SPAM I get)
In exim everything works like a charm, however, to improve and fine-tune
my regex and localbl (see below) I'd like to be able to test a certain
hostname (reverse-DNS) outside of exim (perhaps with pcretest?) against
every single regex (=line in the file) and report if it matched.
What makes it even more complicated is, that it's not only regex but
also jokered hostnames like '*.res.rr.com' which AFAIK can't be tested
with pcretest ...

So I'm looking for a way to run a given hostname, let's say
    'cpe-069-132-056-130.carolina.res.rr.com'


would match four rules from dynamic_genregx:
^.*(\d+[\.-]\d+[\.-]\d+).*\.[a-z]{2,5}$
^.*[[:alnum:]]+-\d+-[[:alnum:]]+.*\.[a-z]{2,5}$
^.*\d.*\d.*\d.*\d.*\d.*\d.*\.[a-z]{2,5}$
^.*[0-9\.-]{8}.*\.[a-z]{2,5}$

AND the following rule from dynamic_localbl
*.res.rr.com


of course I can put these into pcretest one at a time, but what I'd
like to have is 'something' that runs the tests in the same way exim
does ...
I've tried exim_checkaccess (with a slightly modified config file
using deny instead of warn) but that doesn't tell me *which* rule
matched (if any) and it doesn't test further rules after one matched.


But I want to find *all* the rules that match a certain name ...


This is what the lists look like, a generic and a specific, each
of them stored in a separate file which looks like this:

file: dynamic_genregx
^(?i)(.*[0-9-]{4}.*)?((a|v)?dsl|cable|dhcp|(in)?dial(in|up)?|dyn(amic)?(ip)?|\
ppp(oe)?|(pp)?pool|broadband)([0-9-]{3}.*|.*[0-9-]{3})?\..{2,}\.[a-z]{2,5}$
^.*(\d+[\.-]\d+[\.-]\d+).*\.[a-z]{2,5}$
^.*[[:alnum:]]+-\d+-[[:alnum:]]+.*\.[a-z]{2,5}$
^.*\d.*\d.*\d.*\d.*\d.*\d.*\.[a-z]{2,5}$
^.*[0-9\.-]{8}.*\.[a-z]{2,5}$

file: dynamic_localbl (excerpt - list is much longer)
*.pools.arcor-ip.net
*.pppool.de
*.res.rr.com
^pool-\d{1,3}-\d{1,3}-\d{1,3}-\d{1,3}\..*\..*.verizon.net$
^.*\.(sdi|(internet|a)dsl)\.tpnet\.pl$
^\d+\.ds\.nac\.net$
^\w\d+-\d+-\d+-\d+\.cybersurf\.com$



and they're used like this:


hostlist dynamic_localbl =      CONFDIR/dynamic_localbl
hostlist dynamic_genregx =      CONFDIR/dynamic_genregx



   #####################################################
   #
   # check sender_host_name for typical dialups
   warn
         log_message     = DEBUG: DYNIP generic regex
         hosts           = +dynamic_genregx
         set DTDYNIP     = ${eval: $DTDYNIP + 1 }


#####################################################
#
# local dialup blacklist

   warn
         log_message     = DEBUG: DYNIP local blacklist
         hosts           = +dynamic_localbl
         set DTDYNIP     = ${eval: $DTDYNIP + 2 }





any idea, help, hints welcome ...

thanks in advance

- Karl