[PLUG] Building an IP server in perl...

Michael C. Robinson plug_1 at robinson-west.com
Mon Aug 15 23:20:26 UTC 2011


So far, I have a perl script that pulls the originating IP from email
and another perl script that uses the file created by it to serve that
information.

Question is, should I implement an IP whitelist and if so, how do I do
partial pattern matches?  For example, 192.168. could represent
private class C subnets.  Another fragment that would likely be used
is 127.0.0., which represents loopback addresses.  I might want to add a
partial remote address for pdx.edu, 131 something.  I need to check the
IP's that are listed for partial matches and remove matches from the
list.  What I am envisioning, a spammer manages to forge an IP address I
have to accept email from causing me to lose legitimate email.  While
spam is not going to have an RFC1918 address in it, someone may put a
local message in their spam folder accidentally.  If the timing is
right, that message ends up in the spam account and could end up being
processed.  While this is only a problem if the IP server is probed by
an internal email server, having bad information in the IP server is
probably a bad idea.

All the server does is answer YES meaning that the IP is listed or NO
which means that it isn't listed.  I don't know how to encrypt data
transmissions that are established using Net::EasyTCP, another issue.
Logically, it should say NO if asked about a local address or an address
that should never be listed.

What is the likelihood of a spammer forging say pdx.edu or the google
address that hosts gmail?  Is this a problem I need to solve or not?




More information about the PLUG mailing list