RECEIVEDIPFORGEDB(1) RECEIVEDIPFORGEDB(1)
NAME
receivedIPforgedb - validate the domain IP addresses in "Received: "
records in the header of e-mail against IP addresses in a database file
SYNOPSIS
receivedIPforgedb [-p | -P] [-r m|n] [-v] fqdn dbfilename [filename(s)]
DESCRIPTION
ReceivedIPforgedb is for validating the IP addresses in "Received: "
records in the headers of e-mail files against IP addresses in a
database file. The fully qualified domain name is a required argument,
and only "Received: " records from that domain will be validated.
The program requires a Posix compatible regex(3) library to parse the
IP addresses, and mmap(2) to map the database file of IP addresses into
the Unix VM system. The IP addresses from the e-mail header are vali-
dated against the database file using a binary search. The database
file name is a required command line argument.
The database is a standard Unix text file, one IP address per line, in
lexical order, constructed with "sort -u infile > outfile", or equiva-
lent. An IP address range can be represented as a Class A, B, or C
range. For example, the IP address "123.210." in the database file
would match "123.210.1.0" in a "Received: " e-mail header record.
The database mechanism is conservative with machine resources, requir-
ing about 12.5 micro-seconds of machine time to lookup a word in the
Unix system dictionary, (2.5 MB, quarter of a million words, single 466
MHz., Pentium, lightly loaded, Linux 2.2, time(1) command to lookup
every word in the dictionary, divided by the number of words.) Concep-
tually, the database mechanism is implemented similar to the the tech-
nique used in the look(1) command, but requires exact matches, as
opposed to partial key matches.
The program has implicit IP addresses that do not have to be included
in the database-those with invalid "dotted quad" element values, (such
as greater than 255, for example.) Such IP addresses will be rejected-
if the -p, or -P arguments are used, such values will be denoted by not
having a trailing "dot".
The input e-mail file name(s) may be supplied as additional optional
command line arguments, or redirected to the program via stdin for com-
patibility with procmail(1), and other e-mail scripting agents.
A suitable procmail(1) recipe example might be:
:0 wfh
* ? receivedIPforgedb domain accept.db
| formail -A "X-Notice: Message in accept.db database"
which could be, if necessary, overridden, on a case-by-case basis, with
the example recipe:
:0 wfh
* ^X-Notice: +Message +in +accept.db +database
* ? receivedIPforgedb domain.com accept.db
| formail -I "X-Notice: Message in accept.db database"
or similar construct.
The program contains less than 300 lines of declarations and state-
ments, all of which are documented with in line comments.
The program has been compiled and tested on SunOS, Solaris, and Linux,
and may work on other brands of Unix.
The program returns 0 if no error and all IP addresses were found in
the database file, that were found in all "Received: " header records,
containing the domain name, 1 if no error and the domain name found in
a "Received: " header record, but no corresponding IP address match
found; else returns a unique error code greater than 1 representing the
error encountered-which will, also, print an error diagnostic to
stderr.
The -r option is useful for controlling the return value under error
conditions-for example, the program return can be preempted if the
database file can not be opened, (or read,) with a return value of
match, or no match, depending on environmental requirements.
OPTIONS
fqdn Fully qualified domain name.
dbfilename
Database file name.
filename(s)
E-mail file name(s), (defaults to stdin).
-p Print the IP address match from the database.
-P Print the IP address if it is not in the database.
-r m|n On file error, exit return = match for m, no match for n.
-v Print the program's version information.
WARNINGS
Under buffer overflow conditions, the program makes no attempts at han-
dling the situation-it just detects it, prints an error message, and
exits.
The program is capable of rejecting entire Class A, Class B, or Class
C, IP address ranges. Discretion is advised.
SEE ALSO
receivedIP(1), receivedIPdb(1), receivedIPdbdedup(1),
receivedIPdbrm(1), receivedIPdbusort(1), bsearchtext(1), receivedAd-
dress(1), receivedTodb(1), receivedMSGIDdb(1), receivedUnknowndb(1),
tolower(1), toupper(1), bsorttext(1) receivedIPforgedb(1), hsearch-
text(1), bsearchbody(1)
DIAGNOSTICS
Error messages for incompatible arguments, failure to allocate memory,
inaccessible files, opening and closing files, input record buffer
overflow, compiling regular expressions, and e-mail header format or
structure errors.
AUTHORS
----------------------------------------------------------------------
A license is hereby granted to reproduce this software source code and
to create executable versions from this source code for personal,
non-commercial use. The copyright notice included with the software
must be maintained in all copies produced.
THIS PROGRAM IS PROVIDED "AS IS". THE AUTHOR PROVIDES NO WARRANTIES
WHATSOEVER, EXPRESSED OR IMPLIED, INCLUDING WARRANTIES OF
MERCHANTABILITY, TITLE, OR FITNESS FOR ANY PARTICULAR PURPOSE. THE
AUTHOR DOES NOT WARRANT THAT USE OF THIS PROGRAM DOES NOT INFRINGE THE
INTELLECTUAL PROPERTY RIGHTS OF ANY THIRD PARTY IN ANY COUNTRY.
Copyright (c) 2001-2007, John Conover, All Rights Reserved.
Comments and/or bug reports should be addressed to:
john@email.johncon.com (John Conover)
----------------------------------------------------------------------
January 16, 2007 RECEIVEDIPFORGEDB(1)