IP_In_Range

Test an IP-address against a IP-range

SYNOPSIS

To test on address:

ip_in_range first_in_range last_in_range ip_to_check

To verify Received-headers:

ip_in_range < [email] first_in_range last_in_range

or

ip_in_range < [email] [range_list.txt]
where range_list.txt contains a list of IP-ranges, one per line

Description

You can pipe-in an email-message to filter and name a text-file as only program-argument to ip_in_range. This text-file contains a simple list of IP-ranges, one per line, like:

192.168.0.1 192.168.0.255
Some Evil Exemplary Range: 192.168.2.100 192.168.2.168
192.200.12.20 192.200.12.100 I do no like this
(...)

Text outside the IP-addresses is ignored by ip_in_range and can be used to comment an entry.

Use with Procmail

Procmail can delegate tasks to external programs, either to react to a matching filter or to test a condition which depends on the exit code of a program. Such call of a program in the condition of a Procmail-filter is initiated with the ? flag. The recipe which tests if the Received-headers of a mail contain any IP-address from a range that you want to filter:

:0
* !FROM_DAEMON
* !FROM_MAILER
* !^X-Loop: my_mail@address
* 1^0 ? ip_in_range ~/.procmail/range_list.txt
/home/[path to my mail-folder]/refused/ip_refused

This way, all mail which matches the filter will be written to a mail-folder “ip_refused” in the sub-directory “refused” of my mail-folder.

ip_in_range writes to STDOUT some informative log-message, i.e. the positiv result of a test. You can thus know, which IP-address from a mail had been found in which IP-range. To make these messages appear in the procmail log-file, you can alter the condition in the above recipe to:

* 1^0 ? ip_in_range ~/.procmail/range_list.txt >> [logfile]

See the Procmail manual for more detailed explications.

Remarks about the pertinence of this kind of filter

If you can, you should make your Mail-Transfer-Agent (MTA) filter mail and only fetch the mail you want to read. If you do not know how to do this, then the filter described above can be an alternative. If you do not use software like Exim (sendmail), Postfix and the like be however aware of the limits of the Procmail-solutions.

Even better are server-side filters that you would not have to activate anew each time that you consult your mail-account.

Also, the author of IP_In_Range does not advocate filters against whole IP-ranges as an efficient way to fight SPAM.

Other Information

Development and source code

IP_In_Range has been written in Ruby. As Ruby is an interpreted programming language, the executable file and all those that it may refer to at one point in time, are themselves the source-files of the current program-version. You can open them in any text-editor to scrutinize the source-code. If you have received the program as a Ruby-gem, you can also decompress a copy of the gem-file with
tar -x, then tar -xzf.

License
IP_In_Range is distributed under the conditions of the WTF 2.0 or later version
of the license. See http://www.wtfpl.net/about/ for details.

Author
IP_In_Range has been developed by
Michael Uplawski michael.uplawski@uplawski.eu Ω