#!/usr/bin/perl

#   qsec-bugoff - qsecretary challenge automation
#   Copyright (C) 2003, Erick Calder
#
#   This work may be copied only under the terms
#   of the Artistic License which may be found at:
#   http://www.opensource.org/licenses/artistic-license.php
#
#   This utility automates responses for qsecretary-based
#   mailing lists such as those used at http://cr.yp.to
#
#   - INSTALLATION -
#   Save this script into /usr/bin/qsec-bugoff and set
#   the execute bit on (chmod +x /usr/bin/qsec-bugoff).
#   The script is meant to be used with a procmail rule
#   like this:
#
#   :0
#   * ^From. "The qsecretary program"
#   | /usr/bin/qsec-bugoff 63.194.16.45
# 
#   To verify the source of the challenge, the IP address
#   of the outgoing SMTP server must be passed (note: do
#   not use hidden-block addresses e.g. 192.168.x).  Also
#   please note that verification requires read access to
#   the MTA logfile (typically /var/log/maillog) which may
#   be accomplished either by running the script as root
#   i.e. placing the aforementioned rule in the site-wide
#   configuration file (typically /etc/procmailrc), or
#   granting read access on the logfile to the account
#   running it.

$DEBUG  = 0;
$LOG    = $ENV{MAILLOG} || "/var/log/maillog";
$auth   = shift         || die "no authority!";
$sender = shift         || "stoneport.math.uic.edu";

die "Not an IP address!" unless ipok($auth);

while (<>) {
    ($to) = /^From:.*?<(.*)>/ unless $to;
    ($id) = /message-id:\s+<(.*)>/i unless $id;

    /^--- Below / && !$h++;
    /^Received:\s+from/ && $h++ if $h;
    if ($h == 2) {
        $s .= $_;
        $mine++ if $s =~ /\(@?\Q$auth\E\)\s+by/m;
        }
    }

$to =~ s/'//g;
print "to: $to, mine: $mine" if $DEBUG;
system qq/echo "bugger off!" |mail '$to'/
    if $to && $mine && qx/grep -e $id $LOG |grep "relay=$sender"/;

sub ipok {
    local $_ = shift;
    /^(\d+)\.(\d+)\.(\d+)\.(\d+)$/
        && $1 < 256 && $2 < 256 && $3 < 256 && $4 < 256
        ;
    }