Loading ...
Sorry, an error occurred while loading the content.

Re: Regexp for blocking dynamic hosts?

Expand Messages
  • Stan Hoeppner
    ... I have some basic PCREs I created and use for some header checks and client restrictions, but they re super simple, and I m still king nubie WRT regexes.
    Message 1 of 19 , Sep 2 8:14 AM
    • 0 Attachment
      mouss put forth on 9/1/2010 6:10 PM:

      >> Over 1600 regex patterns matching generic dynamics and statics. Rejects
      >> all generic dynamics, tags generic statics. Provided with no
      >> warranties, use at your own risk, etc. Has worked well here.
      >>
      >> http://www.hardwarefreak.com/fqrdns.regexp
      >>
      >> Use in main.cf as:
      >>
      >> check_client_access regexp:/etc/postfix/fqrdns.regexp
      >
      > Try pcre and you'll love it:)

      I have some basic PCREs I created and use for some header checks and
      client restrictions, but they're super simple, and I'm still king nubie
      WRT regexes. Alas, even if I had the skill, I wouldn't feel like taking
      the time to convert those 1600+ POSIX regexes to PCRE syntax. ;) As I
      said, these were donated to me. :)

      --
      Stan
    • Noel Jones
      ... Since pcre is a superset of regexp syntax, there s no need to convert to pcre. Specify the pcre: map type for an instant performance improvement. Using
      Message 2 of 19 , Sep 2 8:41 AM
      • 0 Attachment
        On 9/2/2010 10:14 AM, Stan Hoeppner wrote:
        > mouss put forth on 9/1/2010 6:10 PM:
        >
        >>> Over 1600 regex patterns matching generic dynamics and statics. Rejects
        >>> all generic dynamics, tags generic statics. Provided with no
        >>> warranties, use at your own risk, etc. Has worked well here.
        >>>
        >>> http://www.hardwarefreak.com/fqrdns.regexp
        >>>
        >>> Use in main.cf as:
        >>>
        >>> check_client_access regexp:/etc/postfix/fqrdns.regexp
        >>
        >> Try pcre and you'll love it:)
        >
        > I have some basic PCREs I created and use for some header checks and
        > client restrictions, but they're super simple, and I'm still king nubie
        > WRT regexes. Alas, even if I had the skill, I wouldn't feel like taking
        > the time to convert those 1600+ POSIX regexes to PCRE syntax. ;) As I
        > said, these were donated to me. :)
        >

        Since pcre is a superset of regexp syntax, there's no need to
        "convert" to pcre. Specify the pcre: map type for an instant
        performance improvement.

        Using pcre also reveals a few malformed expressions:
        # postmap -q bubba pcre:fqrdns.regexp
        postmap: warning: pcre map fqrdns.regexp, line 228: error in
        regex at offset 22: unmatched parentheses
        postmap: warning: pcre map fqrdns.regexp, line 1162: error in
        regex at offset 45: unmatched parentheses
        postmap: warning: pcre map fqrdns.regexp, line 1536: error in
        regex at offset 32: unmatched parentheses

        The regexp library can't use these malformed lines, but
        doesn't complain. The patch to fix is pretty easy (beware
        line wraps):

        --- fqrdns.regexp Thu Sep 2 10:19:52 2010
        +++ fixed.regexp Tue Sep 2 10:34:18 2010
        @@ -228 +228 @@
        -/^dyn-[12]?[0-9]{1,2}\.){4}[a-z]{2,4}\.upcnet\.ro$/ REJECT
        Dynamic - Please relay via ISP (upcnet.ro)
        +/^dyn-([12]?[0-9]{1,2}\.){4}[a-z]{2,4}\.upcnet\.ro$/ REJECT
        Dynamic - Please relay via ISP (upcnet.ro)
        @@ -1162 +1162 @@
        -/^ip-[12]?[0-9]{1,2}\.net(-[12]?[0-9]{1,2}){2})\.[12]?[0-9]{1,2}\.[a-z]{3,10}\.rev\.numericable\.fr$/
        REJECT Generic - Please relay via ISP (numericable.fr)
        +/^ip-[12]?[0-9]{1,2}\.net(-[12]?[0-9]{1,2}){2}\.[12]?[0-9]{1,2}\.[a-z]{3,10}\.rev\.numericable\.fr$/
        REJECT Generic - Please relay via ISP (numericable.fr)
        @@ -1536 +1536 @@
        -/^[12]?[0-9{1,2}(-[12]?[0-9]{1,2}){3}\.[a-z]{3}\.unitline\.ru$/
        REJECT Generic - Please relay via ISP (unitline.ru)
        +/^[12]?[0-9]{1,2}(-[12]?[0-9]{1,2}){3}\.[a-z]{3}\.unitline\.ru$/
        REJECT Generic - Please relay via ISP (unitline.ru)


        (This does not constitute an endorsement of the file. Use at
        your own risk.)

        -- Noel Jones
      • Steffan A. Cline
        I can t imagine needing to change them. They are AWESOME! They work great just as they are. Kills off 80% of the spam at the least. Thank you, Stan the ma
        Message 3 of 19 , Sep 2 8:59 AM
        • 0 Attachment
          I can't imagine needing to change them. They are AWESOME!

          They work great just as they are. Kills off 80% of the spam at the least.

          Thank you, Stan the ma




          Thanks

          Steffan

          ---------------------------------------------------------------
          T E L 6 0 2 . 7 9 3 . 0 0 1 4 | F A X 6 0 2 . 9 7 1 . 1 6 9 4
          Steffan A. Cline
          Steffan@... Phoenix, Az
          http://www.ExecuChoice.net USA
          AIM : SteffanC ICQ : 57234309
          YAHOO : Steffan_Cline MSN : steffan@...
          GOOGLE: Steffan.Cline Lasso Partner Alliance Member
          ---------------------------------------------------------------





          On 9/2/10 8:14 AM, "Stan Hoeppner" <stan@...> wrote:

          >mouss put forth on 9/1/2010 6:10 PM:
          >
          >>> Over 1600 regex patterns matching generic dynamics and statics.
          >>>Rejects
          >>> all generic dynamics, tags generic statics. Provided with no
          >>> warranties, use at your own risk, etc. Has worked well here.
          >>>
          >>> http://www.hardwarefreak.com/fqrdns.regexp
          >>>
          >>> Use in main.cf as:
          >>>
          >>> check_client_access regexp:/etc/postfix/fqrdns.regexp
          >>
          >> Try pcre and you'll love it:)
          >
          >I have some basic PCREs I created and use for some header checks and
          >client restrictions, but they're super simple, and I'm still king nubie
          >WRT regexes. Alas, even if I had the skill, I wouldn't feel like taking
          >the time to convert those 1600+ POSIX regexes to PCRE syntax. ;) As I
          >said, these were donated to me. :)
          >
          >--
          >Stan
          >
          >
        • Stan Hoeppner
          ... That s what I thought, but when I plugged it into main.cf as a pcre type I got log errors, so I switched it to regexp and the errors went away. Thus I
          Message 4 of 19 , Sep 2 9:17 AM
          • 0 Attachment
            Noel Jones put forth on 9/2/2010 10:41 AM:
            > On 9/2/2010 10:14 AM, Stan Hoeppner wrote:
            >> mouss put forth on 9/1/2010 6:10 PM:
            >>
            >>>> Over 1600 regex patterns matching generic dynamics and statics.
            >>>> Rejects
            >>>> all generic dynamics, tags generic statics. Provided with no
            >>>> warranties, use at your own risk, etc. Has worked well here.
            >>>>
            >>>> http://www.hardwarefreak.com/fqrdns.regexp
            >>>>
            >>>> Use in main.cf as:
            >>>>
            >>>> check_client_access regexp:/etc/postfix/fqrdns.regexp
            >>>
            >>> Try pcre and you'll love it:)
            >>
            >> I have some basic PCREs I created and use for some header checks and
            >> client restrictions, but they're super simple, and I'm still king nubie
            >> WRT regexes. Alas, even if I had the skill, I wouldn't feel like taking
            >> the time to convert those 1600+ POSIX regexes to PCRE syntax. ;) As I
            >> said, these were donated to me. :)
            >>
            >
            > Since pcre is a superset of regexp syntax, there's no need to "convert"

            That's what I thought, but when I plugged it into main.cf as a pcre type
            I got log errors, so I switched it to regexp and the errors went away.
            Thus I thought it was a compatibility issue.

            > to pcre. Specify the pcre: map type for an instant performance
            > improvement.

            Done. Not sure I'll notice as this is a really lightly loaded MX. But
            if PCRE processing is faster, I'm down with that. ;)

            > Using pcre also reveals a few malformed expressions:
            > # postmap -q bubba pcre:fqrdns.regexp
            > postmap: warning: pcre map fqrdns.regexp, line 228: error in regex at
            > offset 22: unmatched parentheses
            > postmap: warning: pcre map fqrdns.regexp, line 1162: error in regex at
            > offset 45: unmatched parentheses
            > postmap: warning: pcre map fqrdns.regexp, line 1536: error in regex at
            > offset 32: unmatched parentheses
            >
            > The regexp library can't use these malformed lines, but doesn't
            > complain. The patch to fix is pretty easy (beware line wraps):

            Ahh, that explains the errors. Due to my regex nubness, I didn't
            realize these were due to author errors.

            > --- fqrdns.regexp Thu Sep 2 10:19:52 2010
            > +++ fixed.regexp Tue Sep 2 10:34:18 2010
            > @@ -228 +228 @@
            > -/^dyn-[12]?[0-9]{1,2}\.){4}[a-z]{2,4}\.upcnet\.ro$/ REJECT Dynamic
            > - Please relay via ISP (upcnet.ro)
            > +/^dyn-([12]?[0-9]{1,2}\.){4}[a-z]{2,4}\.upcnet\.ro$/ REJECT Dynamic
            > - Please relay via ISP (upcnet.ro)
            > @@ -1162 +1162 @@
            > -/^ip-[12]?[0-9]{1,2}\.net(-[12]?[0-9]{1,2}){2})\.[12]?[0-9]{1,2}\.[a-z]{3,10}\.rev\.numericable\.fr$/
            > REJECT Generic - Please relay via ISP (numericable.fr)
            > +/^ip-[12]?[0-9]{1,2}\.net(-[12]?[0-9]{1,2}){2}\.[12]?[0-9]{1,2}\.[a-z]{3,10}\.rev\.numericable\.fr$/
            > REJECT Generic - Please relay via ISP (numericable.fr)
            > @@ -1536 +1536 @@
            > -/^[12]?[0-9{1,2}(-[12]?[0-9]{1,2}){3}\.[a-z]{3}\.unitline\.ru$/
            > REJECT Generic - Please relay via ISP (unitline.ru)
            > +/^[12]?[0-9]{1,2}(-[12]?[0-9]{1,2}){3}\.[a-z]{3}\.unitline\.ru$/
            > REJECT Generic - Please relay via ISP (unitline.ru)

            Fixed. Thanks Noel. :)

            --
            Stan
          • Steffan A. Cline
            How weird. That was supposed to say Stan the man! Thanks Steffan ... T E L 6 0 2 . 7 9 3 . 0 0 1 4 | F A X 6 0 2 . 9 7 1 . 1 6 9 4 Steffan A. Cline
            Message 5 of 19 , Sep 2 9:19 AM
            • 0 Attachment
              How weird. That was supposed to say Stan the man!


              Thanks

              Steffan

              ---------------------------------------------------------------
              T E L 6 0 2 . 7 9 3 . 0 0 1 4 | F A X 6 0 2 . 9 7 1 . 1 6 9 4
              Steffan A. Cline
              Steffan@... Phoenix, Az
              http://www.ExecuChoice.net USA
              AIM : SteffanC ICQ : 57234309
              YAHOO : Steffan_Cline MSN : steffan@...
              GOOGLE: Steffan.Cline Lasso Partner Alliance Member
              ---------------------------------------------------------------





              On 9/2/10 8:59 AM, "Steffan A. Cline" <steffan@...> wrote:

              >I can't imagine needing to change them. They are AWESOME!
              >
              >They work great just as they are. Kills off 80% of the spam at the least.
              >
              >Thank you, Stan the ma
              >
              >
              >
              >
              >Thanks
              >
              >Steffan
              >
              >---------------------------------------------------------------
              >T E L 6 0 2 . 7 9 3 . 0 0 1 4 | F A X 6 0 2 . 9 7 1 . 1 6 9 4
              >Steffan A. Cline
              >Steffan@... Phoenix, Az
              >http://www.ExecuChoice.net USA
              >AIM : SteffanC ICQ : 57234309
              >YAHOO : Steffan_Cline MSN : steffan@...
              >GOOGLE: Steffan.Cline Lasso Partner Alliance Member
              >---------------------------------------------------------------
              >
              >
              >
              >
              >
              >On 9/2/10 8:14 AM, "Stan Hoeppner" <stan@...> wrote:
              >
              >>mouss put forth on 9/1/2010 6:10 PM:
              >>
              >>>> Over 1600 regex patterns matching generic dynamics and statics.
              >>>>Rejects
              >>>> all generic dynamics, tags generic statics. Provided with no
              >>>> warranties, use at your own risk, etc. Has worked well here.
              >>>>
              >>>> http://www.hardwarefreak.com/fqrdns.regexp
              >>>>
              >>>> Use in main.cf as:
              >>>>
              >>>> check_client_access regexp:/etc/postfix/fqrdns.regexp
              >>>
              >>> Try pcre and you'll love it:)
              >>
              >>I have some basic PCREs I created and use for some header checks and
              >>client restrictions, but they're super simple, and I'm still king nubie
              >>WRT regexes. Alas, even if I had the skill, I wouldn't feel like taking
              >>the time to convert those 1600+ POSIX regexes to PCRE syntax. ;) As I
              >>said, these were donated to me. :)
              >>
              >>--
              >>Stan
              >>
              >>
              >
              >
            • Stan Hoeppner
              ... Given your MX and general system load Steffan, if you edit those three lines and fix the syntax errors Noel mentioned, then change the map type to pcre:
              Message 6 of 19 , Sep 2 9:24 AM
              • 0 Attachment
                Steffan A. Cline put forth on 9/2/2010 10:59 AM:
                > I can't imagine needing to change them. They are AWESOME!
                >
                > They work great just as they are. Kills off 80% of the spam at the least.
                >
                > Thank you, Stan the ma

                Given your MX and general system load Steffan, if you edit those three
                lines and fix the syntax errors Noel mentioned, then change the map type
                to pcre: instead of regexp: your system will probably notice some
                decreased load. Given all the stuff you're running I'd do it. IIRC the
                errors are a single character added or deleted from each of those 3
                lines. The edit was simple. Don't forget "postfix reload" after the
                edits of the file and of main.cf.

                --
                Stan
              Your message has been successfully submitted and would be delivered to recipients shortly.