Richard, > ...but I've modified the amavisd binary to find a > client ip address in a header added by the MTA. I'm sure I'm not the only > person with a requirement for this feature so I'll document what I did: > < 'UPDATE msgs SET content=?, quar_type=?, quar_loc=?, dsn_sent=?,'. > > 'UPDATE msgs SET client_addr=?, content=?, quar_type=?, quar_loc=?, ... > The code above looks for a header called 'X-My-ClientAddr' in the original > message, which (if XFORWARD didn't get there first) is used as the original > client's IP address. As per Mark's earlier email on the topic, the message > headers aren't available during the insert operation (ins_msg query) so > I've had to modify the second 'upd_msg' query to insert the value into the > database. This does mean that we're updating that field twice per message > but that's not exactly going to add a massive overhead to the server.
Does the message when it reaches amavisd already contain a Received header field inserted by your Exim? If so, it can be used in place of your X-My-ClientAddr, and provides a standards-based solution. The amavisd 2.6.0 brings a more realiable and flexible parser of Received header fields, so the following patch to 2.6.0-pre3 puts it to good use when XFORWARD information is not available, obtaining the IP address from the top (or the second) Received field. (it also fixes a bug in sub get_header_field_body) --- amavisd.orig Sun Dec 30 02:20:52 2007 +++ amavisd Thu Jan 17 21:12:30 2008 @@ -1049,5 +1049,5 @@ 'upd_msg' => 'UPDATE msgs SET content=?, quar_type=?, quar_loc=?, dsn_sent=?,'. - ' spam_level=?, message_id=?, from_addr=?, subject=?'. # ,p0f=? + ' spam_level=?, message_id=?, from_addr=?, subject=?, client_addr=?'. ' WHERE mail_id=?', 'ins_rcp' => @@ -5825,6 +5825,6 @@ sub get_header_field_body { my($self,$field_name,$j) = @_; - my($j); my($f_i,$f_n,$f) = $self->get_header_field($field_name,$j); - defined $f && ($j=index($f,':')) >= 0 ? substr($f,$j+1) : $f; + my($k); my($f_i,$f_n,$f) = $self->get_header_field($field_name,$j); + defined $f && ($k=index($f,':')) >= 0 ? substr($f,$k+1) : $f; } @@ -6207,6 +6207,7 @@ # use vars qw(@publicnetworks_maps); -sub best_try_originator_ip($) { - my($msginfo) = @_; +sub best_try_originator_ip($;$) { + my($msginfo,$search_top_down) = @_; + $search_top_down = 0 if !defined $search_top_down; @publicnetworks_maps = ( Amavis::Lookup::Label->new('publicnetworks'), @@ -6216,17 +6217,19 @@ ::FFFF:0:0/96 !:: !::1 !FF00::/8 !FE80::/10 !FEC0::/10 ::/0)) ) if [EMAIL PROTECTED]; # rfc3330, rfc3513 - my($first_received_from_ip); - for (my $j = -1; $j >= -6; $j--) { # bottom-up, first six chronologically + my($received_from_ip); + my(@search_list) = $search_top_down ? (0,1) # the topmost two Received flds + : (-1,-2,-3,-4,-5,-6); # bottom-up, first six chronologically + for my $j (@search_list) { # walk through a list of Received field indices my($r) = $msginfo->get_header_field_body('received',$j); last if !defined $r; - $first_received_from_ip = fish_out_ip_from_received($r); - if ($first_received_from_ip ne '') { + $received_from_ip = fish_out_ip_from_received($r); + if ($received_from_ip ne '') { my($is_public,$fullkey,$err) = - lookup_ip_acl($first_received_from_ip,@publicnetworks_maps); + lookup_ip_acl($received_from_ip,@publicnetworks_maps); last if (!defined($err) || $err eq '') && $is_public; } } - do_log(5, "best_try_originator_ip: %s", $first_received_from_ip); - $first_received_from_ip; + do_log(5, "best_try_originator_ip: %s", $received_from_ip); + $received_from_ip; } @@ -9324,4 +9327,9 @@ collect_some_info($msginfo); my($mail_size) = $msginfo->msg_size; # use corrected ESMTP size + if (!defined($msginfo->client_addr)) { + my($ip) = best_try_originator_ip($msginfo,1); + do_log(3, "client IP address unknown, fetching from Received: %s", $ip); + $msginfo->client_addr($ip); + } my($file_generator_object) = # maxfiles 0 disables the $MAXFILES limit @@ -17356,5 +17364,7 @@ $conn_h->execute($upd_msg, $content_type, $quar_type, $q_to, $dsn_sent, - 0+untaint($spam_level), $m_id, $from, $subj, # $os_fp, + 0+untaint($spam_level), $m_id, $from, $subj, + untaint($msginfo->client_addr), #maybe we have a better info now + # $os_fp, $mail_id); # $rfc2822_sender, $rfc2822_from, # SQL_CHAR, SQL_VARCHAR, SQL_VARBINARY, SQL_BLOB, SQL_INTEGER, SQL_FLOAT, Mark ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/