[Mimedefang] Bouncing on invalid HELO/EHLO

Michael Sims michaels at crye-leike.com
Thu Jun 12 14:47:02 EDT 2003


Quoting Edgars Klepers <mimedefanglist at eklynx.com>:

> Not knowing perl that well, am I able to use a check with a /27 subnet end,
> or do I have to list out each IP address?

I'm using a method that was supplied by another poster to this list many weeks
back that allows me to define a IP/netmask pair for exclusions.  It doesn't use
the CIDR notation directly, so I use something like:

http://www.burly-mango.com/reference/cidr/cidr.txt

To translate CIDR to netmask.

To use the sub, you need to use the Socket module, which I believe it part of
most Perl distributions.  If not, you can install it via the CPAN shell pretty
easily.  I like to put my module initialization at the top of the script, but I
don't suppose it particularly matters.  Here's the basic idea:

use Socket;

sub relayIsTrusted($) {

  my ($address) = @_;
  
  # This hash defines a list of IPs and networks that are considered "trusted".
  # If a connected client has a source IP that matches one of these
  # entries, MIMEDefang will not perform any filtering on the message.
  # This is so outgoing messages aren't flagged as spam.  Each entry
  # should be a subnet/netmask pair.  To specifiy a single host, use
  # 255.255.255.255 as the netmask
  
  my %trustedSubnets = (
  
    '127.0.0.1'       => '255.255.255.255', 
    '10.62.148.196'   => '255.255.255.255', 
    '10.62.148.198'   => '255.255.255.255'  
    
  );
  
  my $trustedRelay = 0;
  
  my $addr = inet_aton $address;
  while (my ($networkString, $netmaskString) = each %trustedSubnets) {
    my $network = inet_aton $networkString;
    my $netmask = inet_aton $netmaskString;
    if (($addr & $netmask) eq $network) { $trustedRelay = 1; last; }
  }
  
  return $trustedRelay;
  
}

To add a network with a /27 netmask, you'd just add the network address as the
hash key, and the netmask (according to the reference above it's
255.255.255.224) as the value.  For example, to add 192.168.0.0/16 to your list
of trusted relays, you'd add:

    '192.168.0.0' => '255.255.0.0'

to the %trustedSubnets hash above.

Let me know if you need help...

___________________________________________
Michael Sims
Project Analyst - Information Technology
Crye-Leike Realtors
Office: (901)758-5648  Pager: (901)769-3722
___________________________________________



More information about the MIMEDefang mailing list