receivedipforgedb(1)
NAME
- receivedIPforgedb - validate the domain IP addresses in
- "Received: " records in the header of e-mail against IP addresses
- in a database file
SYNOPSIS
receivedIPforgedb [-p | -P] [-r m|n] [-v] fqdn dbfilename [filename(s)]
DESCRIPTION
- ReceivedIPforgedb is for validating the IP addresses in
- "Received: " records in the headers of e-mail files against IP
- addresses in a database file. The fully qualified domain name is
- a required argument, and only "Received: " records from that do
- main will be validated.
- The program requires a Posix compatible regex(3) library
- to parse the IP addresses, and mmap(2) to map the database file
- of IP addresses into the Unix VM system. The IP addresses from
- the e-mail header are validated against the database file using a
- binary search. The database file name is a required command line
- argument.
- The database is a standard Unix text file, one IP address
- per line, in lexical order, constructed with "sort -u infile >
- outfile", or equivalent. An IP address range can be represented
- as a Class A, B, or C range. For example, the IP address
- "123.210." in the database file would match "123.210.1.0" in a
- "Received: " e-mail header record.
- The database mechanism is conservative with machine re
- sources, requiring about 12.5 micro-seconds of machine time to
- lookup a word in the Unix system dictionary, (2.5 MB, quarter of
- a million words, single 466 MHz., Pentium, lightly loaded, Linux
- 2.2, time(1) command to lookup every word in the dictionary, di
- vided by the number of words.) Conceptually, the database mecha
- nism is implemented similar to the the technique used in the
- look(1) command, but requires exact matches, as opposed to par
- tial key matches.
- The program has implicit IP addresses that do not have to
- be included in the database-those with invalid "dotted quad" ele
- ment values, (such as greater than 255, for example.) Such IP ad
- dresses will be rejected-if the -p, or -P arguments are used,
- such values will be denoted by not having a trailing "dot".
- The input e-mail file name(s) may be supplied as addition
- al optional command line arguments, or redirected to the program
- via stdin for compatibility with procmail(1), and other e-mail
- scripting agents.
- A suitable procmail(1) recipe example might be:
:0 wfh
* ? receivedIPforgedb domain accept.db
| formail -A "X-Notice: Message in accept.db database"- which could be, if necessary, overridden, on a case-by
- case basis, with the example recipe:
:0 wfh
* ^X-Notice: +Message +in +accept.db +database
* ? receivedIPforgedb domain.com accept.db
| formail -I "X-Notice: Message in accept.db database"- or similar construct.
- The program contains less than 300 lines of declarations
- and statements, all of which are documented with in line com
- ments.
- The program has been compiled and tested on SunOS, So
- laris, and Linux, and may work on other brands of Unix.
- The program returns 0 if no error and all IP addresses
- were found in the database file, that were found in all "Re
- ceived: " header records, containing the domain name, 1 if no er
- ror and the domain name found in a "Received: " header record,
- but no corresponding IP address match found; else returns a
- unique error code greater than 1 representing the error encoun
- tered-which will, also, print an error diagnostic to stderr.
- The -r option is useful for controlling the return value
- under error conditions-for example, the program return can be
- preempted if the database file can not be opened, (or read,) with
- a return value of match, or no match, depending on environmental
- requirements.
OPTIONS
fqdn Fully qualified domain name.
- dbfilename
- Database file name.
- filename(s)
- E-mail file name(s), (defaults to stdin).
- -p Print the IP address match from the database.
- -P Print the IP address if it is not in the database.
- -r m|n On file error, exit return = match for m, no match
- for n.
- -v Print the program's version information.
WARNINGS
- Under buffer overflow conditions, the program makes no at
- tempts at handling the situation-it just detects it, prints an
- error message, and exits.
- The program is capable of rejecting entire Class A, Class
- B, or Class C, IP address ranges. Discretion is advised.
SEE ALSO
- receivedIP(1), receivedIPdb(1), receivedIPdbdedup(1), re
- ceivedIPdbrm(1), receivedIPdbusort(1), bsearchtext(1), re
- ceivedAddress(1), receivedTodb(1), receivedMSGIDdb(1), receive
- dUnknowndb(1), tolower(1), toupper(1), bsorttext(1) receivedIP
- forgedb(1), hsearchtext(1), bsearchbody(1)
DIAGNOSTICS
- Error messages for incompatible arguments, failure to al
- locate memory, inaccessible files, opening and closing files, in
- put record buffer overflow, compiling regular expressions, and e
- mail header format or structure errors.
AUTHORS
---------------------------------------------------------------------
- A license is hereby granted to reproduce this software
- source code and
to create executable versions from this source code for - personal,
non-commercial use. The copyright notice included with - the software
must be maintained in all copies produced. - THIS PROGRAM IS PROVIDED "AS IS". THE AUTHOR PROVIDES NO
- WARRANTIES
WHATSOEVER, EXPRESSED OR IMPLIED, INCLUDING WARRANTIES OF
MERCHANTABILITY, TITLE, OR FITNESS FOR ANY PARTICULAR PUR - POSE. THE
AUTHOR DOES NOT WARRANT THAT USE OF THIS PROGRAM DOES NOT - INFRINGE THE
INTELLECTUAL PROPERTY RIGHTS OF ANY THIRD PARTY IN ANY - COUNTRY.
- Copyright (c) 2001-2007, John Conover, All Rights Re
- served.
- Comments and/or bug reports should be addressed to:
john@email.johncon.com (John Conover)- ---------------------------------------------------------------------
January 16, 2007 RE