#!/usr/bin/perl

# This script parses mail sent to spam trap addresses and adds the IP
# address from the last hop to the blocklist. The headers are saved
# to check back on later. I can also pipe messages through it from mutt.

# The database isn't rebuilt though, as this is intended to be used manually
# and the delay for the rebuild is annoying and fast blocking isn't
# particularly useful.

# The received header checks for connecting IP address assume that
# qmail is being used and that there are no local relays or MXs.

umask 022;

chdir '/var/www/html/robot';

$header = '';
$ip = '';
while (<STDIN>) {
  last if m/^$/;
  $header .= $_;
  if ($ip eq '' && m/^received:.*\((\d+\.\d+\.\d+\.\d+)\)\n$/i) {
    $ip = $1;
  }
}

while (<STDIN>) {};

exit(0) unless $ip != '';
exit(0) unless $ip !~ '^127\.';

if (!open(IP,">ip1/$ip")) {
  exit(0);
}
# Save message headers for later reference.
print IP "$header";
close(IP);