From 14b7add3c77a79fd46ad55a43a4051a10ebfc0b4 Mon Sep 17 00:00:00 2001 From: John Denker Date: Mon, 16 Jul 2012 15:16:43 -0700 Subject: minor upgrades --- tools/blacklist-update | 52 ++++++++++++++++++++++++++++++++++++++++++-------- tools/mail-scan.c | 8 +++++++- 2 files changed, 51 insertions(+), 9 deletions(-) diff --git a/tools/blacklist-update b/tools/blacklist-update index 99fe4cc..4621ef2 100755 --- a/tools/blacklist-update +++ b/tools/blacklist-update @@ -1,9 +1,33 @@ #! /usr/bin/perl -w +######################### +# BEWARE: +# +# The most dangerous criminals routinely forge email from-addresses. +# Therefore blacklisting addresses only works for senders +# who have bad manners but are otherwise quasi-legitimate. +# +# Overuse of blacklisting will punish innocent parties +# whose domain-names look nice to forgers. + +## hint: mail-scan +from * | iconv -c \... +## | sed 's/.*@//;s/>$//' | sort | uniq -c | sort -nr > some-junk.from-count + use strict; use Symbol; main: { + my $baremode = 0; + my @argv = @ARGV; + @ARGV = (); + while (@argv){ + my $arg = shift @argv; + if ($arg eq '-bare') { + $baremode++; + } else { + die "Unrecognized verbiage '$arg'\n"; + } + } my $file = '/etc/mail/spamassassin/local.cf'; my $inch = Symbol::gensym; my $mainpart = ''; @@ -15,6 +39,7 @@ main: { chomp $line; my @stuff = split(' ', $line, 2); if (0+@stuff == 2 && $stuff[0] eq $verb) { + my $key = lc($stuff[1]); $blacklist{$stuff[1]} ++; } else { $mainpart .= $line . "\n"; @@ -23,23 +48,34 @@ main: { close $inch; my $unchanged = 0; my $new = 0; - while (my $line=<>){ + liner: while (my $line=<>){ chomp $line; - if ($line =~ m'<.*@(.*)>$') { - my $key = "*@" . $1; + my $domain = ''; + if ($baremode) { + my @stuff = split(' ', $line); + $domain = $stuff[$#stuff]; + } else { + if ($line =~ m'<.*@(.*)>$') { + $domain = $1; + } else { + print STDERR "no ''; ignoring line ...\n"; + print STDERR "... '$line'\n"; + next liner; + } + } + if ($domain ne '') { + my $key = "*@" . lc($domain); if (exists $blacklist{$key}) { $unchanged++; } else { $new++; } - $blacklist{$key} ++; - } else { - print STDERR "no ''; ignoring line ...\n"; - print STDERR "... '$line'\n"; + $blacklist{$key} ++; } + } - my $ouch = Symbol::gensym; + my $ouch = Symbol::gensym; open($ouch, '>', $file) || die "Could not open output file '$file'\n"; print $ouch $mainpart; diff --git a/tools/mail-scan.c b/tools/mail-scan.c index 5ec2b25..56b3806 100644 --- a/tools/mail-scan.c +++ b/tools/mail-scan.c @@ -4,8 +4,14 @@ // scrutinize email // -// hint: mail-scan +from * \... +// Hint: +// mail-scan +from * | iconv -c \... // | sed 's/.*@//;s/>$//' | sort | uniq -c | sort -nr > some-junk.from-count +// +// Also: +// grep score=[34] /home/user/Maildir/new/* -l | xargs mail-scan +From | blacklist-update +// Then: +// grep score=[34] /home/user/Maildir/new/* -l | xargs mv-to -i /home/user/Maildir/spam/ #include #include /* for exit() */ -- cgit v1.2.3