Re: Problems with greylistd and exim and gmail
On Sun, 09 Nov 2014 18:07:02 +1100
Andrew McGlashan <andrew.mcglashan@affinityvision.com.au> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> On 2/11/2014 8:24 PM, Virgo Pärna wrote:
> > Ok problem is solved. I did have invalid lines in file: like
> > that 209.85.128/17 line. And exim stops processing file, if it
> > meets invalid host line. I guess, that it was just coincidence,
> > that it started happening now.
>
> I would like to know the best way to validate the file, offline,
> before it effects greylisting. Anyone?
>
I have used aggregate, which also merged adjacent CIDR blocks which had
collected over time. It would choke on the lines without three dots,
which is a common way of specifying CIDR blocks in the LACNIC WHOIS,
and was my most common error. It also complained, as you might expect
from a CIDR block merge tool, if the dotted decimal part was not
followed by a consistent number of bits i.e. if the remaining bits at
the end were not all zero.
But there may be malformed addresses it will pass, I don't think there's
any guaranteed answer other than writing a script.
A regular expression seems to be a quick and dirty answer for IP
addresses, and a simple one does eliminate the worst errors, but it's
tricky to also make sure it only allows numbers 0 to 255, and even
harder to validate an arbitrary CIDR block specification. The rgxg tool
will produce an RE to match addresses *in* a CIDR block, but you first
have to feed it a valid CIDR block...
But an RE still has to be wrapped into some kind of script, and you
might as well just use a simple RE to select for shape, then split on
the punctuation and check the numerical values using the scripting
language, and check the overall binary value against the / number. Or
trust that aggregate makes a reasonable job of doing that.
--
Joe
Reply to: