DevHeads.net

Format of ip address in /etc/postfix/access

Hi all,
Sorry for double posting (if done) as I could not locate my sent mail
while sending through my mobile.

I am curious what is the format of IP addresses in /etc/postfix/access.
i.e. will it understand 006.45.023.230 instead of the common 6.45.23.230 ?

Thanks/DP

Comments

Re: Format of ip address in /etc/postfix/access

By Andrew Bernard at 08/11/2019 - 04:06

Hello Durga,

I think that's a strange way to write an IP address.

If you do man 3 inet_addr the format for the dotted address is
explained. As stated in that man page:

In all of the above forms, components of the dotted address can be
specified in decimal, octal (with a  leading 0),  or hexadecimal,
with a leading 0X).  Addresses in any of these forms are
collectively termed IPV4 numbers-and-dots notation. The form that
uses exactly four decimal numbers is referred to as IPv4
dotted-decimal notation (or sometimes: IPv4 dotted-quad notation).

An example is given:

$ ./a.out 226.000.000.037      # Last byte is in octal

So 037 is octal not decimal.

Because 6 is less than 7 you can get away with it, but not for long with
other numerical values that exceed octal. I think its inviting trouble
for maintainers of your code.

Andrew

On 11/8/19 2:59 am, Durga Prasad Malyala wrote:

Re: Format of ip address in /etc/postfix/access

By Durga Prasad Malyala at 08/11/2019 - 09:27

On Sun, 11 Aug 2019 at 14:38, Andrew Bernard <andrew. ... at gmail dot com> wrote:
well Andrew - I am interested in using a list from
<a href="https://dshield.org/ipsascii.html" title="https://dshield.org/ipsascii.html">https://dshield.org/ipsascii.html</a>
they are providing a list but it is in the format 089.248.172.085 -
notice the leading zeroes. - I am stripping out all data and only
using the first column. Now instead of firing a script to truncate the
leading zeroes within the octets - I am wondering if the IPs can be
used directly by the postfix access file.

Thanks/DP

Re: Format of ip address in /etc/postfix/access

By Benny Pedersen at 08/11/2019 - 09:58

Durga Prasad Malyala skrev den 2019-08-11 16:27:

reading line 2 of that url, how would you use it in postfix ?

Re: Format of ip address in /etc/postfix/access

By Ralph Seichter at 08/11/2019 - 09:42

* Durga Prasad Malyala:

You did notice the comments "DO NOT USE AS BLOCKLIST" and "Please use
your API instead. See https://isc.sans.edu/api", did you not?

-Ralph

Re: Format of ip address in /etc/postfix/access

By Durga Prasad Malyala at 08/11/2019 - 10:51

On Sun, 11 Aug 2019 at 20:13, Ralph Seichter < ... at monksofcool dot net> wrote:

Re: Format of ip address in /etc/postfix/access

By Wietse Venema at 08/11/2019 - 12:04

Durga Prasad Malyala:
ACCESS(5) ACCESS(5)

NAME
access - Postfix SMTP server access table
...
net.work.addr.ess
net.work.addr
net.work
net Matches the specified IPv4 host address or subnetwork. An IPv4
host address is a sequence of FOUR DECIMAL OCTETS separated by
".".

Subnetworks are matched by repeatedly truncating the last
".octet" from the remote IPv4 host address string until a match
is found in the access table, or until further truncation is not

Therefore, the access table has to be in decimal form i.e. not octal
(leading zero), not hexadecimal, not something else.

Wietse

Re: Format of ip address in /etc/postfix/access

By Durga Prasad Malyala at 08/11/2019 - 10:57

On Sun, 11 Aug 2019 at 21:21, Durga Prasad Malyala <dp. ... at gmail dot com> wrote:
I did a random survey of the IPs by searching them manually in
talosintelligence and found that they are shown as either listed in
some RBL or shown an increase in email volume. So I have to figure out
how to use it using the API in conjunction with postfix and
Mailscanner or rspamd with some score for a match.
Thanks/DP

Re: Format of ip address in /etc/postfix/access

By Wietse Venema at 08/10/2019 - 16:22

Durga Prasad Malyala:
The format is described in:

<a href="http://www.postfix.org/access.5.html" title="http://www.postfix.org/access.5.html">http://www.postfix.org/access.5.html</a>
man 5 access

HOST NAME/ADDRESS PATTERNS
With lookups from indexed files such as DB or DBM, or from networked
tables such as NIS, LDAP or SQL, the following lookup patterns are
examined in the order as listed:

...
net.work.addr.ess

net.work.addr

net.work

net Matches the specified IPv4 host address or subnetwork. An IPv4
host address is a sequence of four decimal octets separated by
".".
...
NOTE 1: The access map lookup key must be in canonical form: DO
NOT SPECIFY UNNECESSARY NULL CHARACTERS, and do not enclose net-
work address information with "[]" characters.

Emphasis added for clarity.

Wietse

Re: Format of ip address in /etc/postfix/access

By Jan Ceuleers at 08/11/2019 - 02:25

On 10/08/2019 23:22, Wietse Venema wrote:
To me a NULL character is the ASCII character which has all of its bits
set to zero. Could I therefore suggest talking about 0 characters
instead in this man page?

HTH, Jan

Re: Format of ip address in /etc/postfix/access

By Kris Deugau at 08/12/2019 - 10:07

Jan Ceuleers wrote:
Think "semantically null". There are other things that could be
included in a "convenient for [x]" format for an IP address which do not
change its meaning.

-kgd

Re: Format of ip address in /etc/postfix/access

By Rich Wales at 08/11/2019 - 02:49

The best English phrase to use here would be "unnecessary leading zeroes".

Rich Wales
<a href="mailto: ... at richw dot org"> ... at richw dot org</a>

Re: Format of ip address in /etc/postfix/access

By Richard Damon at 08/11/2019 - 07:03

On 8/11/19 3:49 AM, Rich Wales wrote:

Re: Format of ip address in /etc/postfix/access

By Dominic Raferd at 08/11/2019 - 02:58

or just: 'leading zeroes'

BTW I read at
<a href="https://www.ibm.com/support/knowledgecenter/en/STCMML8/com.ibm.storage.ts3500.doc/opg_3584_IPv4_IPv6_addresses.html" title="https://www.ibm.com/support/knowledgecenter/en/STCMML8/com.ibm.storage.ts3500.doc/opg_3584_IPv4_IPv6_addresses.html">https://www.ibm.com/support/knowledgecenter/en/STCMML8/com.ibm.storage.t...</a>
that leading zeroes are canonical. If so, then maybe the text should read
'The access map lookup key must be in canonical form and without leading
zeroes, and do not...'