# CHECK-RECEIVED-CIDR.RC # # Function to analyze the IPs from Received: headers # to see if they belong to the specified spammer. # # Check first Received IP (FIRSTEXIP). # # Check for exempt source IPs # LT3=no :0 * ! THIRDEXIP ?? ^000\.000\.000\.000$ { TESTCIDR2=${TESTCIDR} TESTNAME2=${TESTNAME} LT2=no LOCALIP=${FIRSTEXIP} LOCALIPREGEXP=${FIRSTEXIPREGEXP} TESTCIDR=${SBDIR}/white/exempt-mailserver-ips.cidr TESTNAME='Exempt Source IP' INCLUDERC=${SBDIR}/functions/check-cidr.rc :0 * LT2 ?? yes { LT3=yes SBLOG="L3-${TESTNAME} (FIRSTEXIP: ${FIRSTEXIP})" INCLUDERC=${SBDIR}/functions/loglevel.rc } TESTCIDR=${TESTCIDR2} TESTNAME=${TESTNAME2} } # If source IP is not exempt, test it. # :0 * LT3 ?? no * ! FIRSTEXIP ?? ^000\.000\.000\.000$ { LT2=no LOCALIP=${FIRSTEXIP} LOCALIPREGEXP=${FIRSTEXIPREGEXP} INCLUDERC=${SBDIR}/functions/check-cidr.rc :0 * LT2 ?? yes { LOCALTAG=yes SBLOG="C3R-${TESTNAME} (Received IP: ${FIRSTEXIP})" INCLUDERC=${SBDIR}/functions/loglevel.rc } } # Test to see if Spam Threshold has been reached # INCLUDERC=${SBDIR}/functions/test-threshold.rc # Check second Received IP (SECONDEXIP). # LT3=no :0 * SPAMTAG ?? yes { LT3=yes } :0 * SBCONFIG ?? (Analyze|Debug) { LT3=no } :0 * ! SECONDEXIP ?? ^000\.000\.000\.000$ { TESTCIDR2=${TESTCIDR} TESTNAME2=${TESTNAME} LT2=no LOCALIP=${SECONDEXIP} LOCALIPREGEXP=${SECONDEXIPREGEXP} TESTCIDR=${SBDIR}/white/exempt-mailserver-ips.cidr TESTNAME='Exempt Source IP' INCLUDERC=${SBDIR}/functions/check-cidr.rc :0 * LT2 ?? yes { LT3=yes SBLOG="L3-${TESTNAME} (SECONDEXIP: ${SECONDEXIP})" INCLUDERC=${SBDIR}/functions/loglevel.rc } TESTCIDR=${TESTCIDR2} TESTNAME=${TESTNAME2} } :0 * LT3 ?? no * ! SECONDEXIP ?? ^000\.000\.000\.000$ * $ ! SECONDEXIP ?? ${FIRSTEXIP} { LT2=no LOCALIP=${SECONDEXIP} LOCALIPREGEXP=${SECONDEXIPREGEXP} INCLUDERC=${SBDIR}/functions/check-cidr.rc :0 * LT2 ?? yes { LOCALTAG=yes SBLOG="C3R-${TESTNAME} (Received IP: ${SECONDEXIP})" INCLUDERC=${SBDIR}/functions/loglevel.rc } } # Test to see if Spam Threshold has been reached # INCLUDERC=${SBDIR}/functions/test-threshold.rc # Check third Received IP (THIRDEXIP). # LT3=no :0 * SPAMTAG ?? yes { LT3=yes } :0 * SBCONFIG ?? (Analyze|Debug) { LT3=no } :0 * ! THIRDEXIP ?? ^000\.000\.000\.000$ { TESTCIDR2=${TESTCIDR} TESTNAME2=${TESTNAME} LT2=no LOCALIP=${THIRDEXIP} LOCALIPREGEXP=${THIRDEXIPREGEXP} TESTCIDR=${SBDIR}/white/exempt-mailserver-ips.cidr TESTNAME='Exempt Source IP' INCLUDERC=${SBDIR}/functions/check-cidr.rc :0 * LT2 ?? yes { LT3=yes SBLOG="L3-${TESTNAME} (THIRDEXIP: ${THIRDEXIP})" INCLUDERC=${SBDIR}/functions/loglevel.rc } TESTCIDR=${TESTCIDR2} TESTNAME=${TESTNAME2} } :0 * LT3 ?? no * ! THIRDEXIP ?? ^000\.000\.000\.000$ * $ ! THIRDEXIP ?? ${FIRSTEXIP} * $ ! THIRDEXIP ?? ${SECONDEXIP} { LT2=no LOCALIP=${THIRDEXIP} LOCALIPREGEXP=${THIRDEXIPREGEXP} INCLUDERC=${SBDIR}/functions/check-cidr.rc :0 * LT2 ?? yes { LOCALTAG=yes SBLOG="C3R-${TESTNAME} (Received IP: ${THIRDEXIP})" INCLUDERC=${SBDIR}/functions/loglevel.rc } } # Test to see if Spam Threshold has been reached # INCLUDERC=${SBDIR}/functions/test-threshold.rc # Check fourth Received IP (FOURTHEXIP). # LT3=no :0 * SPAMTAG ?? yes { LT3=yes } :0 * SBCONFIG ?? (Analyze|Debug) { LT3=no } :0 * ! FOURTHEXIP ?? ^000\.000\.000\.000$ { TESTCIDR2=${TESTCIDR} TESTNAME2=${TESTNAME} LT2=no LOCALIP=${FOURTHEXIP} LOCALIPREGEXP=${FOURTHEXIPREGEXP} TESTCIDR=${SBDIR}/white/exempt-mailserver-ips.cidr TESTNAME='Exempt Source IP' INCLUDERC=${SBDIR}/functions/check-cidr.rc :0 * LT2 ?? yes { LT3=yes SBLOG="L3-${TESTNAME} (FOURTHEXIP: ${FOURTHEXIP})" INCLUDERC=${SBDIR}/functions/loglevel.rc } TESTCIDR=${TESTCIDR2} TESTNAME=${TESTNAME2} } :0 * LT3 ?? no * ! FOURTHEXIP ?? ^000\.000\.000\.000$ * $ ! FOURTHEXIP ?? ${FIRSTEXIP} * $ ! FOURTHEXIP ?? ${SECONDEXIP} * $ ! FOURTHEXIP ?? ${THIRDEXIP} { LT2=no LOCALIP=${FOURTHEXIP} LOCALIPREGEXP=${FOURTHEXIPREGEXP} INCLUDERC=${SBDIR}/functions/check-cidr.rc :0 * LT2 ?? yes { LOCALTAG=yes SBLOG="C3R-${TESTNAME} (Received IP: ${FOURTHEXIP})" INCLUDERC=${SBDIR}/functions/loglevel.rc } } # Test to see if Spam Threshold has been reached # INCLUDERC=${SBDIR}/functions/test-threshold.rc