Mail Filter for IP Ban List File
By David Efflandt
Some of us do not have direct
control to at the server level to limit what abusive servers repeatedly
send or relay spam and worms to us. Procmail recipes can grow to the
point that they are difficult to manage.
So I wrote a Perl script that can be launched by procmail to compare
received headers against a file list of full or partial banned
IPs. It adds an X-Banned header that can easily be redirected or dumped
with a following recipe or other filter on your mail client.
A simple example of a .procmailrc to launch it and dump banned mail
into a separate file:
MAILDIR=$HOME/Mail
LOGFILE=$MAILDIR/from
SHELL=/bin/sh
BAD=$MAILDIR/badmail
:0 fw
| $HOME/baniptest
:0
* ^X-Banned:.*yes
$BAD
Script source for Baniptest
I also wrote a script to add IPs to the file list, sort them and
eliminate duplicates. It allows adding a partial IP (ending on any dot)
or full IP. If no IP is included on commandline, it just sorts the file
and weeds out any duplicates. Script source for Banip
To do
- Filter more specific subnets by bits or subnet mask.
- Filter hostnames or domains from file list.