I've put together a test stub to work towards implementing AOL's rules
verbatim in an MD filter. Comments appreciated.
http://www.peregrinehw.com/downloads/MIMEDefang/contrib/check_reverse_stub.pl
Regards,
KAM
#!/usr/bin/perl -w
#This code is a snippet that is designed to drop into MIMEDefang and add
headers that will be suitable for SpamAssassin testing.
#
#To implement, the plan will be to add report_safe_copy_headers
X-KAM-Reverse to the sa config
#
#I am also adding the reverse DNS answer to the headers with the possibility
that this will be useful for URI Blacklist tests.
#
#Draft rules for checking headers added to
http://www.peregrinehw.com/downloads/SpamAssassin/contrib/KAM.cf
use strict;
use Net::DNS;
my ($res, $SenderDomain, $RelayAddr, $packet, @answer, $reverse,
$has_subdomain, $reverse_subdomain);
#TEST CASES
#GOOD
#$RelayAddr = '209.225.49.10';
#NONFQDN
#$RelayAddr = '209.225.49.27';
#DOTQUAD
#$RelayAddr = '209.225.49.28';
#IN-ADDR
#$RelayAddr = '209.225.49.29';
#NO ENTRY
#$RelayAddr = '209.225.49.200';
#MARKED AS DYN
$RelayAddr = '209.225.49.31';
$res = Net::DNS::Resolver->new;
if (defined ($res)) {
$res->tcp_timeout(30); #Number of Seconds before query
will fail
$res->udp_timeout(30); #Number of Seconds before query
will fail
#Perform a reverse DNS lookup and set headers for SpamAssassin Scoring
based on AOL's reverse DNS policy as of Sept/22/2006
#See http://postmaster.aol.com/info/rdns.html
$packet = $res->send($RelayAddr);
if (defined ($packet)) {
#print "No Error - May or may not have resolved. Check ancount.\n";
if (defined ($packet->answer) && $packet->header->ancount) {
#HAS A REVERSE ENTRY
@answer = $packet->answer;
if ($answer[0]->type eq "PTR") {
$reverse = $answer[0]->{'ptrdname'};
#TO AVOID FAILING DYNDNS.ORG, ETC. WE ARE ONLY TESTING THE
SUBDOMAIN(s) (i.e. the part to the left of the domain)
$has_subdomain = ($reverse =~ s/\././g > 1);
if ($has_subdomain) {
$reverse_subdomain = $reverse;
$reverse_subdomain =~ s/[^\.]*\.[^\.]*$//;
}
if ($reverse =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/ or
$reverse !~ /\./ or $reverse =~ /in-addr.arpa/i) {
#FAILED REQUIREMENT HAD AN INVALID IP QUAD, CONTAINED
IN-ADDR.ARPA OR FAILED TO USE A FQDN
print "+5";
#action_change_header("X-KAM-Reverse", "Failed - $reverse -
Reverse PTR was invalid ip quad, contained in-addr.arpa or failed to use a
FQDN");
#&append_header_immediately("X-KAM-Reverse", "Failed -
$reverse - Reverse PTR was invalid ip quad, contained in-addr.arpa or failed
to use a FQDN");
} elsif ($has_subdomain && $reverse_subdomain =~
/pool|dhcp|dyn|dial/i) {
#REVERSE DNS SUBDOMAIN ENTRY IS SUSPECT
print "+3";
#action_change_header("X-KAM-Reverse", "Suspect - $reverse -
Reverse PTR contains data that indicates it is a dynamic IP");
#&append_header_immediately("X-KAM-Reverse", "Suspect -
$reverse - Reverse PTR contains data that indicates it is a dynamic IP");
} else {
#VALID REVERSE DNS. SCORE AS HAM
print "-1";
#action_change_header("X-KAM-Reverse", "Passed - Reverse DNS
of $reverse");
#&append_header_immediately("X-KAM-Reverse", "Passed - Reverse
DNS of $reverse");
}
}
} else {
#FAILED REQUIREMENT DID NOT HAVE A REVERSE ENTRY
print "+7";
#action_change_header("X-KAM-Reverse", "Missing - Reverse PTR for
$RelayAddr was missing!");
#&append_header_immediately("X-KAM-Reverse", "Missing - Reverse
PTR for $RelayAddr was missing!");
}
} else {
#Undef = Error. DO NOT BASE ANY CODE ON THIS RETURN
}
}
exit;
_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
