Re: [exim] auto whitelist

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MMCraig Jackson at <-
 
Delete this message
Reply to this message
Author: Chih-Cherng Chin
Date:  
To: exim-users
Subject: Re: [exim] auto whitelist

On Wednesday, February 07, 2007 10:11 PM, Joseph wrote:

[snip]
>>> The database contains a simple domainname filed with the domain.com
>>> without
>>> the @.
[snip]
>
> Looking at the auto whitelist options,
>
> Is there a way to to populate the table with all the domains of sent
> email?
>
> I saw reference to making a function.
> Is there a sample such function around someone would want to share?

The following is how I distill the recipient addresses: 

1. Add "log_selector = +received_recipients" to the configure file, so
    the recipients will be kept in mainlog.  A sample entry looks like


    2006-03-29 00:01:16 1FOGdA-0002MF-3X <= customer@??? 
H=(xxxx.xxx.org.xx)
    [xx.xx.xx.xxx] P=esmtp S=14683 
id=APPLICATION1o8yfogk00000070@???
    for training@??? yuxxee@???


    training@??? and yuxxee@??? are recipients, while 
customer@??? is
     the sender.


2. A shell script, invoked by cron at XX:29 and XX:59, processes the
    mainlog and prints recipient addresses to standard output.  The script
    relevant to our discussion is:


# I use TIME_RANGE as a pattern to match entries logged in the previous 30
minutes.
# TIME_RANGE looks like "^2006-03-29 00:[012]" (depending on when the script
runs)
MNT=012; if [ "`date +%M`" -ge 30 ]; then MNT=345; fi
TIME_RANGE="^`date +'%F %H:'`[$MNT]"

sleep 50 # delayed for some time, but not a full minute, or it won't work
when mainlog gets rotated. 

< /var/spool/mta/exim/log/mainlog grep "$TIME_RANGE"  |
# preserve only interesting entries. $5 is the sender address.
# If the sender does not belong to our domain, there is no need to keep it.
# the output is a list of sender followed by recipients,
# like "customer@??? training@??? yuxxee@???"
awk '$4 == "<=" && tolower($5) ~ /@(contract\.)?xxx\.org\.xx$/ \
     { from = tolower($5); sub(/^.+ for /, ""); \
       print from " " tolower($0); }' |
# transform the data further to single recipient followed by ";" and single 
sender,
# like "training@???;customer@???" and 
"yuxxee@???;customer@???",
# to be used as auto whitelist to skip greylisting
awk '{ for (i = 2; i <= NF; i++) \
          if ($i !~ /@(contract\.)?xxx\.org\.xx$/) \
             print $i ";" $1; }' |
# remove duplicated entries
$SORT -u


In fact the script above does more than what you want. But it's easy to
modify it to serve your purpose. Hope this helps.

Chih-Cherng Chin



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Different classes of userRe: [exim] Exim 5->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)