#!/usr/bin/perl
#
# $Header: /home/anoncvs/auto-spam-ip-blocker/auto-spam-ip-blocker.pl,v 1.45 2025/12/13 18:44:30 bigby Exp $
#
#
# (C) 2018, Joseph Robinson
# <jrobin@ephemeron.org>

use Getopt::Std;
use Sys::Syslog;
use autospamipblocker;


# models:

# Sep  2 00:05:28 ns1 sm-mta[23987]: t8275RkA023987: from=<testosterone@mademoiselledenoirs.com>, size=8014, class=0, nrcpts=1, msgid=<hhywu.bjgd@mademoiselledenoirs.com>, proto=SMTP, daemon=MTA, relay=mademoiselledenoirs.com [207.244.75.223] (may be forged)
#
# or
# Sep  3 03:12:35 ns1 sm-mta[40046]: t83ACWr0040046: from=<GekksShoeInserts@smellingg.info>, size=13361, class=0, nrcpts=1, msgid=<37992625252093799115821739796776@9m68gz9hh.smellingg.info>, proto=ESMTP, daemon=MTA, relay=[146.0.72.71]
#
# and
#
# Sep  2 00:00:22 localhost spamd[18249]: spamd: result: . -2 - BAYES_00,RCVD_IN_DNSWL_LOW scantime=0.2,size=2782,user=jdaniel,uid=3100,required_score=5.0,rhost=localhost,raddr=127.0.0.1,rport=36960,mid=<236681.363402994-sendEmail@cg3>,bayes=0.000000,autolearn=disabled
# or
# Sep  2 00:04:18 localhost spamd[18249]: spamd: result: Y 30 - BAYES_99,BAYES_999,EMPTY_MESSAGE,INVALID_MSGID,MISSING_SUBJECT,MSGID_SHORT,RCVD_DOUBLE_IP_SPAM,RCVD_HELO_IP_MISMATCH,RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_BRBL_LASTEXT,RCVD_IN_PSBL,RCVD_IN_RP_RNBL,RCVD_IN_SBL_CSS,RCVD_IN_SORBS_WEB,RCVD_IN_XBL,RCVD_NUMERIC_HELO,RDNS_NONE,TT_MSGID_TRUNC,T_FSL_HELO_BARE_IP_2,UNCLOSED_BRACKET scantime=0.1,size=678,user=atolsma,uid=3007,required_score=5.0,rhost=localhost,raddr=127.0.0.1,rport=37195,mid=<?L[20>,bayes=1.000000,autolearn=disabled



#############
# VARIABLES #
#############

$DEBUG=0;
$LIMIT=4;
$WHITELISTFILE="/etc/mail/whitelist";
$KEYFILE="/etc/named/keys/Kephemeron+157+00000.key";
$LOGFILE="/var/log/all.log";
$DOMAIN="block.ephemeron.org";
$BASENAME=$0; $BASENAME=~s/.*\///;
$SYSLOG_TAG=$BASENAME;
$SYSLOG_FACILITY="LOG_MAIL";
$PIDFILE="/var/run/$BASENAME.pid";


########
# MAIN #
########

init_syslog;

process_options;

sanity_check_domain;

check_pidfile;

daemonize;

install_handlers;

sanity_check_keyfile;

write_pidfile;

read_whitelist;

open_logfile;

if ($LOGFILE eq "STDIN")
{
	while(<LOG>)
	{
		process_line($_);
	}
	cleanup;
	logger("exiting");
}
else
{

	# seek to end of file
	seek(LOG,0,2) || daemondie "couldn't seek to eof on LOG FH: $!" ;

	while(1)
	{
		if (eof(LOG))
		{
			sleep(1);
			seek(LOG,0,1);
			check_for_rotated_logfile;
		}
		else
		{
			my $LINE;
			$LINE=<LOG>;
			process_line($LINE);
		}
	}
}