# CHECK-RECEIVED-DOMAINS.RC # # Function to analyze the domains from the Received: headers # to see if they belong to the specified spammer. # # Check first Received domain (FIRSTEXDOMAIN). # LOCALBUFFER=`${GREP} -i -x "${FIRSTEXDOMAIN}" ${TESTDOMAINS}` # Check for exempt source hosts # :0 * ! FIRSTEXHOST ?? ^host\.example\.com$ * ! LOCALBUFFER ?? ^^^^ { TESTNAME2=${TESTNAME} LT2=no TESTHOSTS=`${LS} ${SBDIR}/white/exempt-hosts.txt` TESTHOST=${FIRSTEXHOST} TESTNAME='Exempt Source Host' LOCALBUFFER2=`${GREP} -i -x "${TESTHOST}" ${TESTHOSTS}` :0 * ! LOCALBUFFER2 ?? ^^^^ { LT2=yes SBLOG="L3-${TESTNAME} (FIRSTEXHOST: ${FIRSTEXHOST})" INCLUDERC=${SBDIR}/functions/loglevel.rc } :0 * LT2 ?? no { TESTHOST=${FIRSTEXDOMAIN} TESTNAME='Exempt Source Domain' LOCALBUFFER2=`${GREP} -i -x "${TESTHOST}" ${TESTHOSTS}` :0 * ! LOCALBUFFER2 ?? ^^^^ { LT2=yes SBLOG="L3-${TESTNAME} (FIRSTEXDOMAIN: ${FIRSTEXDOMAIN})" INCLUDERC=${SBDIR}/functions/loglevel.rc } } TESTNAME=${TESTNAME2} } # If matched, and not exempt, score and tag. # :0 * LT2 ?? no * ! FIRSTEXDOMAIN ?? ^example\.com$ * ! LOCALBUFFER ?? ^^^^ { LOCALTAG=yes HD1=yes SBLOG="C3R-${TESTNAME} (Received Domain: ${FIRSTEXDOMAIN})" INCLUDERC=${SBDIR}/functions/loglevel.rc } # Check second Received domain (SECONDEXDOMAIN). # LOCALBUFFER=`${GREP} -i -x "${SECONDEXDOMAIN}" ${TESTDOMAINS}` # Check for exempt source hosts # :0 * ! FIRSTEXHOST ?? ^host\.example\.com$ * ! LOCALBUFFER ?? ^^^^ { TESTNAME2=${TESTNAME} LT2=no TESTHOSTS=`${LS} ${SBDIR}/white/exempt-hosts.txt` TESTHOST=${SECONDEXHOST} TESTNAME='Exempt Source Host' LOCALBUFFER2=`${GREP} -i -x "${TESTHOST}" ${TESTHOSTS}` :0 * ! LOCALBUFFER2 ?? ^^^^ { LT2=yes SBLOG="L3-${TESTNAME} (SECONDEXHOST: ${SECONDEXHOST})" INCLUDERC=${SBDIR}/functions/loglevel.rc } :0 * LT2 ?? no { TESTHOST=${SECONDEXDOMAIN} TESTNAME='Exempt Source Domain' LOCALBUFFER2=`${GREP} -i -x "${TESTHOST}" ${TESTHOSTS}` :0 * ! LOCALBUFFER2 ?? ^^^^ { LT2=yes SBLOG="L3-${TESTNAME} (SECONDEXDOMAIN: ${SECONDEXDOMAIN})" INCLUDERC=${SBDIR}/functions/loglevel.rc } } TESTNAME=${TESTNAME2} } # If matched, and not exempt, score and tag. # :0 * LT2 ?? no * ! SECONDEXDOMAIN ?? ^example\.com$ * ! LOCALBUFFER ?? ^^^^ { LOCALTAG=yes HD1=yes SBLOG="C3R-${TESTNAME} (Received Domain: ${SECONDEXDOMAIN})" INCLUDERC=${SBDIR}/functions/loglevel.rc } # Check third Received domain (THIRDEXDOMAIN). # LOCALBUFFER=`${GREP} -i -x "${THIRDEXDOMAIN}" ${TESTDOMAINS}` # Check for exempt source hosts # :0 * ! FIRSTEXHOST ?? ^host\.example\.com$ * ! LOCALBUFFER ?? ^^^^ { TESTNAME2=${TESTNAME} LT2=no TESTHOSTS=`${LS} ${SBDIR}/white/exempt-hosts.txt` TESTHOST=${THIRDEXHOST} TESTNAME='Exempt Source Host' LOCALBUFFER2=`${GREP} -i -x "${TESTHOST}" ${TESTHOSTS}` :0 * ! LOCALBUFFER2 ?? ^^^^ { LT2=yes SBLOG="L3-${TESTNAME} (THIRDEXHOST: ${THIRDEXHOST})" INCLUDERC=${SBDIR}/functions/loglevel.rc } :0 * LT2 ?? no { TESTHOST=${THIRDEXDOMAIN} TESTNAME='Exempt Source Domain' LOCALBUFFER2=`${GREP} -i -x "${TESTHOST}" ${TESTHOSTS}` :0 * ! LOCALBUFFER2 ?? ^^^^ { LT2=yes SBLOG="L3-${TESTNAME} (THIRDEXDOMAIN: ${THIRDEXDOMAIN})" INCLUDERC=${SBDIR}/functions/loglevel.rc } } TESTNAME=${TESTNAME2} } # If matched, and not exempt, score and tag. # :0 * LT2 ?? no * ! THIRDEXDOMAIN ?? ^example\.com$ * ! LOCALBUFFER ?? ^^^^ { LOCALTAG=yes HD1=yes SBLOG="C3R-${TESTNAME} (Received Domain: ${THIRDEXDOMAIN})" INCLUDERC=${SBDIR}/functions/loglevel.rc } # Check fourth Received domain (FOURTHEXDOMAIN). # LOCALBUFFER=`${GREP} -i -x "${FOURTHEXDOMAIN}" ${TESTDOMAINS}` # Check for exempt source hosts # :0 * ! FIRSTEXHOST ?? ^host\.example\.com$ * ! LOCALBUFFER ?? ^^^^ { TESTNAME2=${TESTNAME} LT2=no TESTHOSTS=`${LS} ${SBDIR}/white/exempt-hosts.txt` TESTHOST=${FOURTHEXHOST} TESTNAME='Exempt Source Host' LOCALBUFFER2=`${GREP} -i -x "${TESTHOST}" ${TESTHOSTS}` :0 * ! LOCALBUFFER2 ?? ^^^^ { LT2=yes SBLOG="L3-${TESTNAME} (FOURTHEXHOST: ${FOURTHEXHOST})" INCLUDERC=${SBDIR}/functions/loglevel.rc } :0 * LT2 ?? no { TESTHOST=${FOURTHEXDOMAIN} TESTNAME='Exempt Source Domain' LOCALBUFFER2=`${GREP} -i -x "${TESTHOST}" ${TESTHOSTS}` :0 * ! LOCALBUFFER2 ?? ^^^^ { LT2=yes SBLOG="L3-${TESTNAME} (FOURTHEXDOMAIN: ${FOURTHEXDOMAIN})" INCLUDERC=${SBDIR}/functions/loglevel.rc } } TESTNAME=${TESTNAME2} } # If matched, and not exempt, score and tag. # :0 * LT2 ?? no * ! FOURTHEXDOMAIN ?? ^example\.com$ * ! LOCALBUFFER ?? ^^^^ { LOCALTAG=yes HD1=yes SBLOG="C3R-${TESTNAME} (Received Domain: ${FOURTHEXDOMAIN})" INCLUDERC=${SBDIR}/functions/loglevel.rc }