>Do zero width tests work?
what?
>How do you force a string to test a pcre from command line?
>(I'm forgetful and don't have my pdf man pages around)
just like for hash:
postmap -q "string" pcre:/path/to/file.regexp
man postmap
>I would think something like this might work.
>
>/(?!(smtp.*)|(biz))(?=<subscribers>)\.rr\.com/ 554 ACL
if mta_clients_susbscriber.regexp contains:
/(smtp.*|biz)\.rr.com/ DUNNO
then
# postmap -q "aljfafjljaljbiz.rr.com"
pcre:/etc/postfix/mta_clients_subscriber.regexp
DUNNO
# postmap -q "aljfalfdjsmtpaldfjaflk.rr.com"
pcre:/etc/postfix/mta_clients_subscriber.regexp
DUNNO
Then I made file of rr.com ptr hostnames:
egrep -i " connect from.*rr\.com" /var/log/maillog | awk '{print $8}' |
sort -f | uniq -i > /var/tmp/rrptr.txt
then I fed that file into postmap :
cat /var/tmp/rrptr.txt | postmap -q -
pcre:/etc/postfix/mta_clients_subscriber.regexp | egrep -i "dunno"
and got:
ms-smtp-01.rdc-kc.rr.com[24.94.166.115] DUNNO
ms-smtp-01.southeast.rr.com[24.93.67.82] DUNNO
ms-smtp-01.tampabay.rr.com[65.32.1.43] DUNNO
ms-smtp-02.nyroc.rr.com[24.92.226.49] DUNNO
ms-smtp-02.southeast.rr.com[24.93.67.83] DUNNO
ms-smtp-02.tampabay.rr.com[65.32.1.39] DUNNO
ms-smtp-02.texas.rr.com[24.93.36.230] DUNNO
ms-smtp-03.nyroc.rr.com[24.92.226.153] DUNNO
ms-smtp-03.rdc-kc.rr.com[24.94.166.129] DUNNO
ms-smtp-03.southeast.rr.com[24.93.67.84] DUNNO
ms-smtp-03.tampabay.rr.com[65.32.1.41] DUNNO
ms-smtp-03.texas.rr.com[24.93.36.231] DUNNO
ms-smtp-04.tampabay.rr.com[65.32.1.35] DUNNO
ohsmtp03.ogw.rr.com[65.24.7.38] DUNNO
rrcs-central-204-210-160-194.biz.rr.com[204.210.160.194] DUNNO
rrcs-central-24-123-236-152.biz.rr.com[24.123.236.152] DUNNO
rrcs-central-24-123-42-250.biz.rr.com[24.123.42.250] DUNNO
rrcs-central-24-92-135-229.biz.rr.com[24.92.135.229] DUNNO
rrcs-central-65-31-76-22.biz.rr.com[65.31.76.22] DUNNO
rrcs-midsouth-24-172-77-116.biz.rr.com[24.172.77.116] DUNNO
rrcs-nyc-24-105-131-167.biz.rr.com[24.105.131.167] DUNNO
rrcs-nyc-24-105-142-196.biz.rr.com[24.105.142.196] DUNNO
rrcs-nyc-24-136-108-70.biz.rr.com[24.136.108.70] DUNNO
rrcs-nyc-24-136-117-173.biz.rr.com[24.136.117.173] DUNNO
rrcs-nys-24-97-113-196.biz.rr.com[24.97.113.196] DUNNO
rrcs-nys-24-97-79-189.biz.rr.com[24.97.79.189] DUNNO
rrcs-nys-24-97-80-213.biz.rr.com[24.97.80.213] DUNNO
rrcs-se-24-129-153-67.biz.rr.com[24.129.153.67] DUNNO
rrcs-se-24-129-156-218.biz.rr.com[24.129.156.218] DUNNO
rrcs-se-24-129-165-211.biz.rr.com[24.129.165.211] DUNNO
rrcs-se-24-173-171-176.biz.rr.com[24.173.171.176] DUNNO
rrcs-se-24-73-123-195.biz.rr.com[24.73.123.195] DUNNO
rrcs-se-24-73-232-2.biz.rr.com[24.73.232.2] DUNNO
rrcs-se-24-73-87-97.biz.rr.com[24.73.87.97] DUNNO
rrcs-sw-24-153-172-206.biz.rr.com[24.153.172.206] DUNNO
rrcs-sw-24-153-209-67.biz.rr.com[24.153.209.67] DUNNO
rrcs-sw-24-153-211-175.biz.rr.com[24.153.211.175] DUNNO
rrcs-sw-24-173-41-200.biz.rr.com[24.173.41.200] DUNNO
rrcs-sw-24-173-75-5.biz.rr.com[24.173.75.5] DUNNO
rrcs-sw-24-242-131-90.biz.rr.com[24.242.131.90] DUNNO
rrcs-sw-24-242-137-27.biz.rr.com[24.242.137.27] DUNNO
rrcs-sw-24-73-253-186.biz.rr.com[24.73.253.186] DUNNO
rrcs-west-24-106-61-82.biz.rr.com[24.106.61.82] DUNNO
rrcs-west-65-29-239-16.biz.rr.com[65.29.239.16] DUNNO
rrcs-west-66-27-51-226.biz.rr.com[66.27.51.226] DUNNO
rrcs-west-66-91-130-18.biz.rr.com[66.91.130.18] DUNNO
:))
so the regex works, but what how really does smptd restrictions act when it
sees DUNNO as action?
In the site I'm testing on, I had to move mta_clients_subscriber.regexp
before check_client_access temporarily in order to get DUNNO match in a
reasonable time, and the DUNNO works!!
Sep 13 19:12:47 mx3 postfix/smtpd[1668]: connect from
ms-smtp-02.nyroc.rr.com[24.92.226.49]
Sep 13 19:12:47 mx3 postfix/smtpd[1668]: B538E5F10A:
client=ms-smtp-02.nyroc.rr.com[24.92.226.49]
... mta_clients_subscriber.regexp will have matched the preceding lines and
returned DUNNO to smtpd_client_restricions. It does, because smtpd
restrictions carry on to the next restriction which is check_recipient_maps:
Sep 13 19:12:47 mx3 postfix/smtpd[1668]: B538E5F10A: reject: RCPT from
ms-smtp-02.nyroc.rr.com[24.92.226.49]: 550 <[EMAIL PROTECTED]>: User unknown in
relay recipient table; from=<[EMAIL PROTECTED]> to=<[EMAIL PROTECTED]>
proto=ESMTP helo=<ms-smtp-02.nyroc.rr.com>
Sep 13 19:12:50 mx3 postfix/smtpd[1668]: too many errors after DATA from
ms-smtp-02.nyroc.rr.com[24.92.226.49]
Sep 13 19:12:50 mx3 postfix/smtpd[1668]: disconnect from
ms-smtp-02.nyroc.rr.com[24.92.226.49]
bingo! .regexp sees ms-smtp-02.nyroc.rr.com, returns DUNNO, and the
ensuing check_recipient_maps catches it as "unknown user"
:)) I think
Len
