Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/perl
- #
- # addrcheck - mail address checker
- # by tchrist@perl.com
- # Copyright 1997 Tom Christiansen
- # version 1.001 Fri Feb 14 15:20:02 MST 1997
- ####################################
- # this program takes an email address as its argument
- # and decides whether you're being spoofed or not.
- # it exists 0 if it likes the address, and 1 if it doesn't.
- #
- # can be tested interactively. if not interactive, it will
- # use syslog.
- #
- # should be rewritten instead of just growing via hacks.
- ####################################
- $LOGGER = '/usr/bin/logger'; # or /usr/ucb?
- $NSLOOKUP = '/usr/bin/nslookup'; # or /usr/ucb?
- $DEBUG = -t STDIN && -t STDOUT;
- $address = shift || die "usage: $0 address\n";
- for ($address) {
- s/^-+//;
- tr/A-Z/a-z/;
- }
- ($user, $host) = split /\@/, $address;
- # we check in this order because of speed;
- # this way it will fail more quickly.
- check_passwd($user); # picky
- if ($address =~ /\@./) {
- check_host($host);
- ck822($address); # inscrutable
- dns_check($host); # slow
- }
- exit 0;
- ####################################
- sub bad {
- # GLOBAL $hispass and $what
- if ($DEBUG) {
- print "$what `$hispass' is bad: @_\n";
- } else {
- system $LOGGER,
- "-p", "daemon.notice",
- "-t", "ftpucheck",
- "BOGUS \U$what\E $hispass (@_)";
- }
- exit 1;
- }
- ####################################
- #############
- sub check_passwd {
- local $what = 'user';
- local $hispass = shift;
- for (@rude) {
- bad("rude") if index($hispass, lc $_) != -1;
- }
- for (@anywhere) {
- bad("inside") if index($hispass, lc $_) != -1;
- }
- for (@full) {
- bad("full") if $hispass eq lc $_;
- }
- for (@start) {
- bad("start") if index($hispass, lc $_) == 0;
- }
- # single char
- bad("single") if length($hispass) == 1;
- study $hispass;
- bad("dup letters") if $hispass =~ /(\w)\1{3,}/;
- bad("white") if $hispass =~ /\s/;
- bad("junk") if $hispass =~ /[;,\/#^*]/;
- $V = 'aeiouy';
- if ($hispass =~ /netscape/ || $hispass =~ /^m[$V]*[sz]+[$V]*l+[$V]*\W*$/) {
- bad("mozilla");
- }
- if ($hispass =~ /xyz+y/) {
- bad("xyzzy");
- }
- # all same letter
- bad("dup letters") if $hispass =~ /^(.)\1+$/;
- # want letters
- bad("ugly") unless $hispass =~ /[a-z]/;
- bad("backspace") if $hispass =~ /[\010\177]/;
- $letters = "qwertyuiopasdfghjklzxcvbnmmnbvcxzlkjhgfrdsapoiuytrewq";
- # consecutive
- bad("consecutive") if
- length($hispass) > 2 &&
- ( index($letters, $hispass) != -1
- ||
- ($hispass =~ /^(\w+)\1$/ && length($1) > 2
- && index($letters, $1) != -1)
- );
- print "$what: $hispass is good\n" if $DEBUG;
- }
- #############
- sub check_host {
- local $what = 'host';
- local $hispass = shift;
- bad("dotless") unless index($hispass, '.') >= 0;
- for (@rude) {
- bad("rude") if index($hispass, lc $_) != -1;
- }
- for (@full) {
- bad("full") if $hispass eq lc $_;
- }
- # single char
- bad("single") if length($hispass) == 1;
- study $hispass;
- bad("white") if $hispass =~ /\s/;
- bad("junk") if $hispass =~ /[;,\/#^*]/;
- # want letters, darnit; this will cause 127.1 to fail though
- bad("ugly") unless $hispass =~ /[a-z]/;
- bad("backspace") if $hispass =~ /[\010\177]/;
- $letters = "qwertyuiopasdfghjklzxcvbnmmnbvcxzlkjhgfrdsapoiuytrewq";
- # consecutive
- bad("consecutive") if
- length($hispass) > 2 &&
- ( index($letters, $hispass) != -1
- ||
- ($hispass =~ /^(\w+)\1$/ && length($1) > 2
- && index($letters, $1) != -1)
- );
- print "$what: $hispass is good\n" if $DEBUG;
- }
- sub dns_check {
- # first try an MX record, then an A rec (for badly configged hosts)
- my $host = shift;
- local $/ = undef;
- local $what = "DNS record";
- local $hispass = $host;
- # the following is comment out for security reasons:
- # if ( `nslookup -query=mx $host` =~ /mail exchanger/
- # otherwise there could be naughty bits in $host
- # we'll bypass system() and get right at execvp()
- if (open(NS, "-|")) {
- if (<NS> =~ /mail exchanger/) {
- print "$what MX: $hispass is good\n" if $DEBUG;
- close NS;
- return;
- }
- } else {
- open(SE, ">&STDERR");
- open(STDERR, ">/dev/null");
- exec $NSLOOKUP, '-query=mx', $host;
- open(STDERR, ">&SE");
- die "can't exec nslookup: $!";
- }
- if (open(NS, "-|")) {
- $_ = <NS>;
- if (/answer:.*Address/s) {
- print "$what A: $hispass is good\n" if $DEBUG;
- close NS;
- return;
- }
- if (/Name:.*$host.*Address:/si) {
- print "$what A: $hispass is good\n" if $DEBUG;
- close NS;
- return;
- }
- } else {
- open(SE, ">&STDERR");
- open(STDERR, ">/dev/null");
- exec $NSLOOKUP, '-query=a', $host;
- open(STDERR, ">&SE");
- die "can't exec nslookup: $!";
- }
- bad("No DNS");
- }
- sub ck822 {
- # ck822 -- check whether address is valid rfc 822 address
- # tchrist@perl.com
- #
- # pattern developed in program by jfriedl;
- # see "Mastering Regular Expressions" from ORA for details
- # this will error on something like "ftp.perl.com." because
- # even though dns wants it, rfc822 hates it. shucks.
- local $what = 'address';
- local $hispass = shift;
- local $_;
- $is_a_valid_rfc_822_addr = '';
- while (<DATA>) {
- chomp;
- $is_a_valid_rfc_822_addr .= $_;
- }
- bad("rfc822 failure") unless $hispass =~ /^${is_a_valid_rfc_822_addr}$/o;
- print "$what: $hispass is good\n" if $DEBUG;
- }
- ##############################
- # initializations
- ##############################
- BEGIN {
- @full = qw{
- admin
- anon
- anonymous
- bar
- big-liar
- bin
- bizarre
- bla
- blah
- bogus
- cache
- collect
- compuserve
- cool
- crud
- DeleGateMaster
- devnull
- dialup
- dork
- dummy
- employee
- first1
- foo
- friendly
- ftpsearch-collect
- fu
- god
- guest
- gunk
- gw
- harvest
- here
- hi
- ident
- ident
- ie30user
- info
- internet
- junk
- liar
- login
- lycos
- maxima
- me
- mirror
- mosaic
- nobody
- none
- none-known
- nouser
- ntcon
- ok
- outbound
- postmaster
- president
- public
- Put_Your_Email_Address
- report_abuse
- root
- satan
- socks
- spanky
- src
- sticky
- system
- there
- Unknown_Netscape_User
- Unregistered
- unverified
- user
- UserName
- vice-president
- vividnet
- whoever
- wow
- xyz
- xyz
- };
- @start = qw{
- aaa
- abc
- account
- anon
- anon
- asquid
- daemon
- delegate
- ftp
- gopher
- gotch
- oracle
- otthttp
- pass
- satan
- squid
- student
- test
- web
- xx
- };
- @anywhere = qw{
- adresse
- asdf
- asfd
- cache
- firewall
- -gw
- http
- mail
- mirror
- mother
- name
- nobody
- proxy
- sadf
- system
- user
- www
- };
- @rude = qw{
- asshole
- crap
- cunt
- damn
- fuck
- piss
- shit
- suck
- tits
- upyour
- };
- }
- # don't touch this stuff down here or you'll break the rfc822 matcher.
- __END__
- (?:[\040\t]|\((?:[^\\\x80-\xff\n\015()]|\\[^\x80-\xff]|\((?:[^\\\x80-\xff\n
- \015()]|\\[^\x80-\xff])*\))*\))*(?:(?:[^(\040)<>@,;:".\\\[\]\000-\037\x80-\
- xff]+(?![^(\040)<>@,;:".\\\[\]\000-\037\x80-\xff])|"(?:[^\\\x80-\xff\n\015"
- ]|\\[^\x80-\xff])*")(?:(?:[\040\t]|\((?:[^\\\x80-\xff\n\015()]|\\[^\x80-\xf
- f]|\((?:[^\\\x80-\xff\n\015()]|\\[^\x80-\xff])*\))*\))*\.(?:[\040\t]|\((?:[
- ^\\\x80-\xff\n\015()]|\\[^\x80-\xff]|\((?:[^\\\x80-\xff\n\015()]|\\[^\x80-\
- xff])*\))*\))*(?:[^(\040)<>@,;:".\\\[\]\000-\037\x80-\xff]+(?![^(\040)<>@,;
- :".\\\[\]\000-\037\x80-\xff])|"(?:[^\\\x80-\xff\n\015"]|\\[^\x80-\xff])*"))
- *(?:[\040\t]|\((?:[^\\\x80-\xff\n\015()]|\\[^\x80-\xff]|\((?:[^\\\x80-\xff\
- n\015()]|\\[^\x80-\xff])*\))*\))*@(?:[\040\t]|\((?:[^\\\x80-\xff\n\015()]|\
- \[^\x80-\xff]|\((?:[^\\\x80-\xff\n\015()]|\\[^\x80-\xff])*\))*\))*(?:[^(\04
- 0)<>@,;:".\\\[\]\000-\037\x80-\xff]+(?![^(\040)<>@,;:".\\\[\]\000-\037\x80-
- \xff])|\[(?:[^\\\x80-\xff\n\015\[\]]|\\[^\x80-\xff])*\])(?:(?:[\040\t]|\((?
- :[^\\\x80-\xff\n\015()]|\\[^\x80-\xff]|\((?:[^\\\x80-\xff\n\015()]|\\[^\x80
- -\xff])*\))*\))*\.(?:[\040\t]|\((?:[^\\\x80-\xff\n\015()]|\\[^\x80-\xff]|\(
- (?:[^\\\x80-\xff\n\015()]|\\[^\x80-\xff])*\))*\))*(?:[^(\040)<>@,;:".\\\[\]
- \000-\037\x80-\xff]+(?![^(\040)<>@,;:".\\\[\]\000-\037\x80-\xff])|\[(?:[^\\
- \x80-\xff\n\015\[\]]|\\[^\x80-\xff])*\]))*|(?:[^(\040)<>@,;:".\\\[\]\000-\0
- 37\x80-\xff]+(?![^(\040)<>@,;:".\\\[\]\000-\037\x80-\xff])|"(?:[^\\\x80-\xf
- f\n\015"]|\\[^\x80-\xff])*")(?:[^()<>@,;:".\\\[\]\x80-\xff\000-\010\012-\03
- 7]|\((?:[^\\\x80-\xff\n\015()]|\\[^\x80-\xff]|\((?:[^\\\x80-\xff\n\015()]|\
- \[^\x80-\xff])*\))*\)|"(?:[^\\\x80-\xff\n\015"]|\\[^\x80-\xff])*")*<(?:[\04
- 0\t]|\((?:[^\\\x80-\xff\n\015()]|\\[^\x80-\xff]|\((?:[^\\\x80-\xff\n\015()]
- |\\[^\x80-\xff])*\))*\))*(?:@(?:[\040\t]|\((?:[^\\\x80-\xff\n\015()]|\\[^\x
- 80-\xff]|\((?:[^\\\x80-\xff\n\015()]|\\[^\x80-\xff])*\))*\))*(?:[^(\040)<>@
- ,;:".\\\[\]\000-\037\x80-\xff]+(?![^(\040)<>@,;:".\\\[\]\000-\037\x80-\xff]
- )|\[(?:[^\\\x80-\xff\n\015\[\]]|\\[^\x80-\xff])*\])(?:(?:[\040\t]|\((?:[^\\
- \x80-\xff\n\015()]|\\[^\x80-\xff]|\((?:[^\\\x80-\xff\n\015()]|\\[^\x80-\xff
- ])*\))*\))*\.(?:[\040\t]|\((?:[^\\\x80-\xff\n\015()]|\\[^\x80-\xff]|\((?:[^
- \\\x80-\xff\n\015()]|\\[^\x80-\xff])*\))*\))*(?:[^(\040)<>@,;:".\\\[\]\000-
- \037\x80-\xff]+(?![^(\040)<>@,;:".\\\[\]\000-\037\x80-\xff])|\[(?:[^\\\x80-
- \xff\n\015\[\]]|\\[^\x80-\xff])*\]))*(?:(?:[\040\t]|\((?:[^\\\x80-\xff\n\01
- 5()]|\\[^\x80-\xff]|\((?:[^\\\x80-\xff\n\015()]|\\[^\x80-\xff])*\))*\))*,(?
- :[\040\t]|\((?:[^\\\x80-\xff\n\015()]|\\[^\x80-\xff]|\((?:[^\\\x80-\xff\n\0
- 15()]|\\[^\x80-\xff])*\))*\))*@(?:[\040\t]|\((?:[^\\\x80-\xff\n\015()]|\\[^
- \x80-\xff]|\((?:[^\\\x80-\xff\n\015()]|\\[^\x80-\xff])*\))*\))*(?:[^(\040)<
- >@,;:".\\\[\]\000-\037\x80-\xff]+(?![^(\040)<>@,;:".\\\[\]\000-\037\x80-\xf
- f])|\[(?:[^\\\x80-\xff\n\015\[\]]|\\[^\x80-\xff])*\])(?:(?:[\040\t]|\((?:[^
- \\\x80-\xff\n\015()]|\\[^\x80-\xff]|\((?:[^\\\x80-\xff\n\015()]|\\[^\x80-\x
- ff])*\))*\))*\.(?:[\040\t]|\((?:[^\\\x80-\xff\n\015()]|\\[^\x80-\xff]|\((?:
- [^\\\x80-\xff\n\015()]|\\[^\x80-\xff])*\))*\))*(?:[^(\040)<>@,;:".\\\[\]\00
- 0-\037\x80-\xff]+(?![^(\040)<>@,;:".\\\[\]\000-\037\x80-\xff])|\[(?:[^\\\x8
- 0-\xff\n\015\[\]]|\\[^\x80-\xff])*\]))*)*:(?:[\040\t]|\((?:[^\\\x80-\xff\n\
- 015()]|\\[^\x80-\xff]|\((?:[^\\\x80-\xff\n\015()]|\\[^\x80-\xff])*\))*\))*)
- ?(?:[^(\040)<>@,;:".\\\[\]\000-\037\x80-\xff]+(?![^(\040)<>@,;:".\\\[\]\000
- -\037\x80-\xff])|"(?:[^\\\x80-\xff\n\015"]|\\[^\x80-\xff])*")(?:(?:[\040\t]
- |\((?:[^\\\x80-\xff\n\015()]|\\[^\x80-\xff]|\((?:[^\\\x80-\xff\n\015()]|\\[
- ^\x80-\xff])*\))*\))*\.(?:[\040\t]|\((?:[^\\\x80-\xff\n\015()]|\\[^\x80-\xf
- f]|\((?:[^\\\x80-\xff\n\015()]|\\[^\x80-\xff])*\))*\))*(?:[^(\040)<>@,;:".\
- \\[\]\000-\037\x80-\xff]+(?![^(\040)<>@,;:".\\\[\]\000-\037\x80-\xff])|"(?:
- [^\\\x80-\xff\n\015"]|\\[^\x80-\xff])*"))*(?:[\040\t]|\((?:[^\\\x80-\xff\n\
- 015()]|\\[^\x80-\xff]|\((?:[^\\\x80-\xff\n\015()]|\\[^\x80-\xff])*\))*\))*@
- (?:[\040\t]|\((?:[^\\\x80-\xff\n\015()]|\\[^\x80-\xff]|\((?:[^\\\x80-\xff\n
- \015()]|\\[^\x80-\xff])*\))*\))*(?:[^(\040)<>@,;:".\\\[\]\000-\037\x80-\xff
- ]+(?![^(\040)<>@,;:".\\\[\]\000-\037\x80-\xff])|\[(?:[^\\\x80-\xff\n\015\[\
- ]]|\\[^\x80-\xff])*\])(?:(?:[\040\t]|\((?:[^\\\x80-\xff\n\015()]|\\[^\x80-\
- xff]|\((?:[^\\\x80-\xff\n\015()]|\\[^\x80-\xff])*\))*\))*\.(?:[\040\t]|\((?
- :[^\\\x80-\xff\n\015()]|\\[^\x80-\xff]|\((?:[^\\\x80-\xff\n\015()]|\\[^\x80
- -\xff])*\))*\))*(?:[^(\040)<>@,;:".\\\[\]\000-\037\x80-\xff]+(?![^(\040)<>@
- ,;:".\\\[\]\000-\037\x80-\xff])|\[(?:[^\\\x80-\xff\n\015\[\]]|\\[^\x80-\xff
- ])*\]))*(?:[\040\t]|\((?:[^\\\x80-\xff\n\015()]|\\[^\x80-\xff]|\((?:[^\\\x8
- 0-\xff\n\015()]|\\[^\x80-\xff])*\))*\))*>)(?:[\040\t]|\((?:[^\\\x80-\xff\n\
- 015()]|\\[^\x80-\xff]|\((?:[^\\\x80-\xff\n\015()]|\\[^\x80-\xff])*\))*\))*
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement