For your use...no warranties or guarantees, and most importantly, no
real support (but I'll answer questions).
I do some decent validation on email addresses for the spamtrap and
IP addresses for the blacklist. The default in policyd was to
blacklist whole /24 networks, however, that made me nervous, so I
made this script only blacklist the single IP in question. If I get
a spam message, I look at the "X-Greylist: Passed host:
xxx.xxx.xxx.xxx" and plug that IP into the blacklist. Maybe good,
maybe bad, that's what I do.
If your database is called something other than policyd, then you'll
have to modify that as well.
Hope that helps. :)
-Rob
index.html:
-------------------- cut here -------------------------
<html>
<body>
<H3>Add an email to the Spam Trap:</H3>
<form action="insert.php" method="post">
Email Address to SpamTrap: <input type="text" name="email" /><br>
Must be of the form: <em>[EMAIL PROTECTED]</em><br>
<input type="submit" />
</form>
<H3>Add a host to the Blacklist:</H3>
<form action="insert-blacklist.php" method="post">
IP Address to Blacklist: <input type="text" name="ip" /><br>
Should be in the form of 4 octets.<br>
<input type="submit" />
</form>
</body>
</html>
-----------------------------------------------------------
insert.php (Change DBUSERHERE and DBPASSWORDHERE to your values):
-------------------- cut here -------------------------
<?php
function check_email_address($email) {
// First, we check that there's one @ symbol, and that the lengths
are right
if (!ereg("[EMAIL PROTECTED],[EMAIL PROTECTED]@]{1,255}$", $email)) {
// Email invalid because wrong number of characters in one
section, or wrong number of @ symbols.
return false;
}
// Split it into sections to make life easier
$email_array = explode("@", $email);
$local_array = explode(".", $email_array[0]);
for ($i = 0; $i < sizeof($local_array); $i++) {
if (!ereg("^(([A-Za-z0-9!#$%&'*+/=?^_`{|}~-][A-Za-z0-9!#$%&'*+/
=?^_`{|}~\.-]{0,63})|(\"[^(\\|\")]{0,62}\"))$", $local_array[$i])) {
return false;
}
}
if (!ereg("^\[?[0-9\.]+\]?$", $email_array[1])) { // Check if
domain is IP. If not, it should be valid domain name
$domain_array = explode(".", $email_array[1]);
if (sizeof($domain_array) < 2) {
return false; // Not enough parts to domain
}
for ($i = 0; $i < sizeof($domain_array); $i++) {
if (!ereg("^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])|([A-Za-
z0-9]+))$", $domain_array[$i])) {
return false;
}
}
}
return true;
}
$con = mysql_connect("127.0.0.1","DBUSERHERE","DBPASSWORDHERE");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("policyd", $con);
$email = $_POST[email];
if (check_email_address($email)) {
$sql="INSERT INTO spamtrap (_rcpt, _active) VALUES ('$email',1)";
if (!mysql_query($sql,$con)) {
die(mysql_error());
}
echo "1 record added<br><br>";
} else {
echo $email . ' is not a valid email address.';
}
?>
<p>Add another:
<form action="insert.php" method="post">
Email Address to Blacklist: <input type="text" name="email" />
<input type="submit" />
</form>
<p>
Current Contents of SpamTrap:<br><br>
<?php
$result = mysql_query("SELECT * FROM spamtrap");
echo "<table border='1'>
<tr>
<th>Address</th>
<th>Active</th>
</tr>";
while($row = mysql_fetch_array($result))
{
echo "<tr>";
echo "<td>" . $row['_rcpt'] . "</td>";
echo "<td>" . $row['_active'] . "</td>";
echo "</tr>";
}
echo "</table>";
mysql_close($con)
?>
-----------------------------------------------------------
insert-blacklist.php (Change DBUSERHERE and DBPASSWORDHERE to your
values):
-------------------- cut here -------------------------
<?php
function check_ip_address($ip){
if(!eregi("^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$",
$ip)) $return = FALSE;
else $return = TRUE;
$tmp = explode(".", $ip);
if($return == TRUE){
foreach($tmp AS $sub){
$sub = $sub * 1;
if($sub<0 || $sub>256) $return = FALSE;
}
}
return $return;
}
$con = mysql_connect("127.0.0.1","DBUSERHERE","DBPASSWORDHERE");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("policyd", $con);
$expire = strtotime("+7 days");
$ip = $_POST[ip];
if (check_ip_address($ip)) {
$sql="INSERT INTO blacklist (_blacklist, _description, _expire)
VALUES ('$ip','# manually added',$expire)";
if (!mysql_query($sql,$con)) {
die(mysql_error());
}
echo "1 record added<br><br>";
} else {
echo $ip . ' is not a valid IP address.';
}
?>
<p>Add another:
<form action="insert-blacklist.php" method="post">
IP Address to Blacklist: <input type="text" name="ip" />
<input type="submit" />
</form>
<p>
<?php
mysql_close($con)
?>
-----------------------------------------------------------
On Jan 11, 2007, at 3:29 PM, Benny Pedersen wrote:
On Thu, January 11, 2007 21:00, Robert A. Pickering Jr. wrote:
I wrote a PHP set of scripts that allow certain (authenticated)
people to add items to the spamlist and blacklist IP. You could
easily extend it to include whitelisting.
If folks are interested, I'll post them.
post them anyway :-)
it reminds me there is no webadmin still for policyd :(
i can follow to make policyd-command --command <var>
so one can add blacklists from scripts
or i could make a makefile that scans my logs for content and add
ips from
there if there one sender that sends virus :-)
for now i make it into a rbl zone with is used in maRBL and
spamassassin
its safe since i use heavy whitelistning in policyd
--
This message was sent using 100% recycled spam mails.
----------------------------------------------------------------------
---
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to
share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?
page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
policyd-users mailing list
policyd-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/policyd-users
--
Robert A. Pickering Jr. SixDoes IT Solutions
"I just the other day got, an internet was sent by my staff at 10
o'clock in the morning on Friday and I just got it yesterday. Why?
Because it got tangled up with all these things going on the internet
commercially." -- Sen. Ted Stevens (R-Alaska)
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
policyd-users mailing list
policyd-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/policyd-users
