On Thu, Oct 31, 2019 at 08:28:23AM +0000, gil...@poolp.org wrote: > October 24, 2019 8:35 PM, "Joerg Jung" <m...@umaxx.net> wrote: > > > Hi, > > > > I used some regex filters in the past which I'm trying to convert to the > > latest builtin filters. In particular, I stumbled over a HELO filter, > > which rejects non-FQDN HELO forcing SMTP protocol, aka: > > Sendmail FEATURE(block_bad_helo) or Postfix reject_non_fqdn_helo_hostname > > > > I had significant success rate with this kind of blocking, since a good > > portions of spammers seem to be too lazy to configure HELO correctly. > > > > Here is what I came up with: > > > > # reject HELO/EHLO with leading or trailing dot, and without dots (non-FQDN) > > filter helo phase helo connect match helo regex { "^\.", "\.$", "^[^\.]*$" > > } disconnect "554 5.7.1 > > HELO rejected" > > filter ehlo phase ehlo connect match helo regex { "^\.", "\.$", "^[^\.]*$" > > } disconnect "554 5.7.1 > > EHLO rejected > > > > Now, I just need a way to skip/allow IPv6 address literals, e.g. there > > are no dots in EHLO [::1], but still a valid/allowed value. > > With old filter-regex I just did a negotiation: ! regex "^\[" to > > not apply filter to v6 literals > > > > Any ideas/hints how to add/implement this with the new builtin regex > > filter syntax? > > > > Sadly there would have been a very easy way if I had that use-case in mind > pre-release, > which would be to make the "proceed" action explicit, you could have had a > filter > match the inet6 address and proceed to shortcut the matching of non fqdn.
:) > As of today, there will be no option but to craft your regex to contain both > the pattern > you want to match AND exclude [ as far as I see it. But that AND EXCLUDE (aka AND NOT) is not possible with re_format(7), because no zero-width negative lookahead or similar tricks are available, right? I wonder if abusing "match" instead of filtering is an option here, with match I have the negotiation operator available, so something like this would probably work, right? match ! helo regex "^\[" myaction match helo regex { "^\.", "\.$", "^[^\.]*$" } reject # further standard match rules following... The question is, what to put into: myaction, there is no pass/accept/skip/jump to other match rules... and "relay" will probably result in a loop, no? Seems like this is just not possible with the built-in syntax for now and I need to write a tiny proc-exec filter instead?