Enter recursive discussion of why RBLs suck.
On 1/24/03 15:36, "Tony Hlabse" <[EMAIL PROTECTED]> wrote:
Interesting observation
----- Original Message -----
From: "Chris Scharff" <[EMAIL PROTECTED]>
To: "Exchange Discussions" <[EMAIL PROTECTED]>
Sent: Friday, January 24, 2003 3:49 PM
Subject: Re: Using script to get header info
> Does your script do reverse DNS lookups on the IP address as well so you
can
> make sure you didn't just block a major business partner by IP because one
> of your users is clueless?
>
> On 1/24/03 13:27, "Mike" <[EMAIL PROTECTED]> wrote:
>
>
>
> Well, I wrestled with this for a few days, and this is what I've come up
> with. It may not be pretty, but it works for my purposes. This is a VBA
> macro in Outlook 2002. It prompts for a folder, then retrieves the IP
> address of the originating server for each message in that folder,
reverses
> the octets and writes it out to a file, for inclusion in a dns blacklist
> file.
>
> '****************************************** exported from Outlook 2002 ***
> Attribute VB_Name = "GetSpam"
> '
> ' NOTE: Requires a reference to the Microsoft CDO 1.21 Library
> '
> Sub ShowFolderInfo_Click()
>
> '*** this is the string to search for in the message headers
> '*** substitute your own "servername.domain" in the search string
> strSMTPSearch = "]) by servername.domain with SMTP"
> strSpamOutFile = "c:\spam.txt"
>
> Set MyNameSpace = Application.GetNamespace("MAPI")
> Set myFolder = MyNameSpace.PickFolder
> If myFolder Is Nothing Then
> MsgBox "User pressed cancel.", vbInformation
> Exit Sub
> End If
>
> Set oSession = New MAPI.Session
> oSession.Logon
> Set oSpamFolder = oSession.GetFolder(myFolder.EntryID)
> Set oMsgColl = oSpamFolder.Messages
>
> If oMsgColl.Count > 0 Then
> outfile = FreeFile(0)
> Open strSpamOutFile For Output As #outfile
> For Each oMessage In oMsgColl
> oHeader = oMessage.Fields(&H7D001E)
> '^^^^^ this is the full header
>
> oHeader = Left(oHeader, InStr(oHeader, strSMTPSearch - 1)
> '^^^^^ this strips everything after the search string
>
> oHeader = Right(oHeader, Len(oHeader) - InStrRev(oHeader, "["))
> '^^^^^ this gives us the offending IP address
>
> strOctet = Split(oHeader, ".")
> '^^^^^ this creates an array of the octets
>
> strBadMachine = strOctet(3) & "." & strOctet(2) & "." &_
> strOctet(1) & "." & strOctet(0) &_
> vbTab & vbTab & "A" & vbTab & "127.0.0.2"
> '^^^^^ reverses the octets and builds the dns entry for blacklisting
>
> Write #outfile, strBadMachine
> '^^^^^ and then writes it out to the file
> Next
> Close outfile
> End If
>
> MsgBox "Finished!" & vbCrLf & vbCrLf & "File is at " & strSpamOutFile
> End Sub
>
'***************************************************************************
>
> ***
>
> The WRITE statement puts double quotes around the string when it's
written,
> so I still have to load it in notepad and remove those (a simple replace
> with nothing). Next I load it into Excel along with the existing blacklist
> entries, sort them and save them back out.
>
> Today I processed 90 new messages in about 3 minutes. Yesterday, that same
> task would have taken an hour or more.
>
> Regards,
> Mike
>
>
> -----Original Message-----
> From: Ken Cornetet [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, January 22, 2003 4:31 PM
> To: Exchange Maillist
> Subject: RE: Using script to get header info
>
>
> Hmmm, I've been wrestling with CDO as of late, and your question piqued my
> interest. See
> http://support.microsoft.com/default.aspx?scid=KB;en-us;q194870 for code.
>
> -----Original Message-----
> From: Mike [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, January 22, 2003 4:03 PM
> To: Exchange Discussions
> Subject: Using script to get header info
>
>
> Hi folks,
>
> I created a public folder and asked several of our users to move their
spam
> into it. From there, I can open the messages, view the headers, pluck the
IP
>
> addresses of the offending mail servers, and add them to our internal dns
> blacklist.
>
> Works like a charm, but it's very labor-intensive.
>
> I wrote some vbscript code that examines all the messages in the folder,
and
>
> returns things like Sender, Subject, etc., all of which are basically
> useless to me in this case, but the practice was good. There doesn't seem
to
>
> be any property that will return the header info, no? I don't have a good
> reference book handy, but searching through the online MSDN library was
> helpful.
>
> Now it looks like maybe ADO/CDOEX might be the way to go. Does anyone have
> any sample code that might give me some pointers? This doesn't have to be
> fandy or polished. If I can retrieve the headers, I can parse through them
> and find the right "received by" line, and pull the address from that line
> and output it to the screen. I'd greatly appreciate any pointers at all,
be
> it a web page, KB article, book, etc.
>
> Thanks,
> Mike
>
> _________________________________________________________________
> List posting FAQ: http://www.swinc.com/resource/exch_faq.htm
> Archives: http://www.swynk.com/sitesearch/search.asp
> To unsubscribe: mailto:[EMAIL PROTECTED]
> Exchange List admin: [EMAIL PROTECTED]
>
> _________________________________________________________________
> List posting FAQ: http://www.swinc.com/resource/exch_faq.htm
> Archives: http://www.swynk.com/sitesearch/search.asp
> To unsubscribe: mailto:[EMAIL PROTECTED]
> Exchange List admin: [EMAIL PROTECTED]
>
> _________________________________________________________________
> List posting FAQ: http://www.swinc.com/resource/exch_faq.htm
> Archives: http://www.swynk.com/sitesearch/search.asp
> To unsubscribe: mailto:[EMAIL PROTECTED]
> Exchange List admin: [EMAIL PROTECTED]
>
>
>
>
>
>
> _________________________________________________________________
> List posting FAQ: http://www.swinc.com/resource/exch_faq.htm
> Archives: http://www.swynk.com/sitesearch/search.asp
> To unsubscribe: mailto:[EMAIL PROTECTED]
> Exchange List admin: [EMAIL PROTECTED]
>
_________________________________________________________________
List posting FAQ: http://www.swinc.com/resource/exch_faq.htm
Archives: http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin: [EMAIL PROTECTED]
_________________________________________________________________
List posting FAQ: http://www.swinc.com/resource/exch_faq.htm
Archives: http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin: [EMAIL PROTECTED]
