Re: [exim] Applying Blacklists to EVERY IP in Reveived heade…

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Magnus Holmgren
Dátum:  
Címzett: exim-users
Tárgy: Re: [exim] Applying Blacklists to EVERY IP in Reveived headers - working !!!!
On Thursday 07 June 2007 18:09, Mike Cardwell wrote:
> The messy recursive acl seen earlier in this thread was only necessary
> because the ${forall} function never existed when I wrote it. A much
> cleaner acl would be possible now. However, I can't be arsed to
> install the latest version of exim in order to get access to these
> functions just to prove a point.


What buggers me is that $header_* doesn't unwrap header fields. It would
have been the right thing to do, IMO, since $header_* is "high-level".
It sabotages list operations a bit. Fortunately, it's pretty easy to do
the unwrapping yourself: ${sg {$h_Received:}{\n([ \t])}{\$1}} (\$1 can
in practice be replaced with a space).

Referring to http://exim.org/mail-archives/exim-users/Week-of-Mon-20070212/msg00184.html,
here is what we get (line-continuation backslashes omitted):

warn set acl_m0 =
${filter 
   {<\n${map
      {<\n${sg {$h_Received:}{\n[ \t]}{ }}}
      ${if match{$item}{\N^[^\[]+\[([^\]]+)\]\N}
                {${if and{{match{$1}{{\N^\d{1,3}(\.\d{1,3}){3}$\N}}}
                          {!match_ip{$1}{+private_networks}}}
                      {${lookup dnsdb
                             {txt=<,{${sg{$1}
                                        {\N^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$\N}
                                        {\$4.\$3.\$2.\$1.zz.countries.nerd.dk}}]}
                             {${uc:$value}}{UNKNOWN}}}}}}}}
   def:item}


Well, that was hardly any more readable, and still doesn't give the
same result (what differs is left as an excercise to the reader).

Perhaps it's better to be a bit less lispish:      


warn set acl_m0 = ${sg {$h_Received:}{\n[ \t]}{ }}
     set acl_m0 = ${map {<\n$acl_m0} \
                        {${if match{$item}{\N^[^\[]+\[([^\]]+)\]\N}{$1}}}}
     set acl_m0 = ${filter {<\n$acl_m0} \
                           {${if and{{match{$item}{{\N^\d{1,3}(\.\d{1,3}){3}$\N}}} \
                                     {!match_ip{$item}{+private_networks}}}}}}
     set acl_m0 = ${map {<\n$acl_m0} \
                        {${sg{$1}{\N^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$\N} \
                                 {\$4.\$3.\$2.\$1.zz.countries.nerd.dk}}}}
     set acl_m0 = ${map {<\n$acl_m0} \
                        ${lookup dnsdb {<,$acl_m0}{${uc:$value}}{UNKNOWN}}


(All braces reserved.)

-- 
Magnus Holmgren        holmgren@???
                       (No Cc of list mail needed, thanks)