RECEIVEDIPDB(1) RECEIVEDIPDB(1) NAME receivedIPdb - validate the IP addresses in "Received: " records in the header of e-mail against IP addresses in a database file SYNOPSIS receivedIPdb [-p|-P] [-r m|n] [-v] dbfilename [filename(s)] DESCRIPTION ReceivedIPdb is for validating the IP addresses in "Received: " records in the headers of e-mail files against IP addresses in a database file. The program requires a Posix compatible regex(3) library to parse the IP addresses, and mmap(2) to map the database file of IP addresses into the Unix VM system. The IP addresses from the e-mail header are vali- dated against the database file using a binary search. The database file name is a required command line argument. The database is a standard Unix text file, one IP address per line, in lexical order, constructed with "sort -u infile > outfile", or equiva- lent. An IP address range can be represented as a Class A, B, or C range. For example, the IP address "123.210." in the database file would match "123.210.1.0" in a "Received: " e-mail header record. The database mechanism is conservative with machine resources, requir- ing about 12.5 micro-seconds of machine time to lookup a word in the Unix system dictionary, (2.5 MB, quarter of a million words, single 466 MHz., Pentium, lightly loaded, Linux 2.2, time(1) command to lookup every word in the dictionary, divided by the number of words.) Concep- tually, the database mechanism is implemented similar to the the tech- nique used in the look(1) command, but requires exact matches, as opposed to partial key matches. The program has implicit IP addresses that do not have to be included in the database-those with invalid "dotted quad" element values, (such as greater than 255, for example.) Such IP addresses will be rejected- if the -p, or -P arguments are used, such values will be denoted by not having a trailing "dot". The input e-mail file name(s) may be supplied as additional optional command line arguments, or redirected to the program via stdin for com- patibility with procmail(1), and other e-mail scripting agents. A suitable procmail(1) recipe example might be: :0 wfh * ? receivedIPdb reject.db | formail -A "X-Notice: Message in reject.db database" which could be, if necessary, overridden, on a case-by-case basis, with the example recipe: :0 wfh * ^X-Notice: +Message +in +reject.db +database * ? receivedIPdb accept.db | formail -I "X-Notice: Message in reject.db database" or similar construct. The program contains less than 300 lines of declarations and state- ments, all of which are documented with in line comments. The program has been compiled and tested on SunOS, Solaris, and Linux, and may work on other brands of Unix. The program returns 0 if no error and a match was found in the database file for the IP addresses in any "Received: " header records, 1 if no error and no match found; else returns a unique error code greater than 1 representing the error encountered-which will, also, print an error diagnostic to stderr. The -r option is useful for controlling the return value under error conditions-for example, the program return can be preempted if the database file can not be opened, (or read,) with a return value of match, or no match, depending on environmental requirements. OPTIONS dbfilename Database file name. filename(s) E-mail file name(s), (defaults to stdin). -p Print the IP address match from the database. -P Print the IP address if it is not in the database. -r m|n On file error, exit return = match for m, no match for n. -v Print the program's version information. WARNINGS Under buffer overflow conditions, the program makes no attempts at han- dling the situation-it just detects it, prints an error message, and exits. The program is capable of rejecting entire Class A, Class B, or Class C, IP address ranges. Discretion is advised. SEE ALSO receivedIP(1), receivedIPdb(1), receivedIPdbdedup(1), receivedIPdbrm(1), receivedIPdbusort(1), bsearchtext(1), receivedAd- dress(1), receivedTodb(1), receivedMSGIDdb(1), receivedUnknowndb(1), tolower(1), toupper(1), bsorttext(1) receivedIPforgedb(1), hsearch- text(1), bsearchbody(1) DIAGNOSTICS Error messages for incompatible arguments, failure to allocate memory, inaccessible files, opening and closing files, input record buffer overflow, compiling regular expressions, and e-mail header format or structure errors. AUTHORS ---------------------------------------------------------------------- A license is hereby granted to reproduce this software source code and to create executable versions from this source code for personal, non-commercial use. The copyright notice included with the software must be maintained in all copies produced. THIS PROGRAM IS PROVIDED "AS IS". THE AUTHOR PROVIDES NO WARRANTIES WHATSOEVER, EXPRESSED OR IMPLIED, INCLUDING WARRANTIES OF MERCHANTABILITY, TITLE, OR FITNESS FOR ANY PARTICULAR PURPOSE. THE AUTHOR DOES NOT WARRANT THAT USE OF THIS PROGRAM DOES NOT INFRINGE THE INTELLECTUAL PROPERTY RIGHTS OF ANY THIRD PARTY IN ANY COUNTRY. Copyright (c) 2001-2007, John Conover, All Rights Reserved. Comments and/or bug reports should be addressed to: john@email.johncon.com (John Conover) ---------------------------------------------------------------------- January 16, 2007 RECEIVEDIPDB(1)