Format of ip address in /etc/postfix/access

classic Classic list List threaded Threaded
14 messages Options
Reply | Threaded
Open this post in threaded view
|

Format of ip address in /etc/postfix/access

Durga Prasad Malyala
Hi all,
Sorry for double posting (if done) as I could not locate my sent mail
while sending through my mobile.

I am curious what is the format of IP addresses in /etc/postfix/access.
i.e. will it understand  006.45.023.230 instead of the common 6.45.23.230 ?

Thanks/DP
Reply | Threaded
Open this post in threaded view
|

Re: Format of ip address in /etc/postfix/access

Wietse Venema
Durga Prasad Malyala:
> Hi all,
> Sorry for double posting (if done) as I could not locate my sent mail
> while sending through my mobile.
>
> I am curious what is the format of IP addresses in /etc/postfix/access.
> i.e. will it understand  006.45.023.230 instead of the common 6.45.23.230 ?

The format is described in:

    http://www.postfix.org/access.5.html
    man 5 access

HOST NAME/ADDRESS PATTERNS
       With  lookups  from  indexed files such as DB or DBM, or from networked
       tables such as NIS, LDAP or SQL,  the  following  lookup  patterns  are
       examined in the order as listed:

        ...
       net.work.addr.ess

       net.work.addr

       net.work

       net    Matches  the  specified IPv4 host address or subnetwork. An IPv4
              host address is a sequence of four decimal octets  separated  by
              ".".
        ...
              NOTE 1: The access map lookup key must be in canonical form:  DO
              NOT SPECIFY UNNECESSARY NULL CHARACTERS, and do not enclose net-
              work address information with "[]" characters.

Emphasis added for clarity.

        Wietse
Reply | Threaded
Open this post in threaded view
|

Re: Format of ip address in /etc/postfix/access

Jan Ceuleers
On 10/08/2019 23:22, Wietse Venema wrote:
>               NOTE 1: The access map lookup key must be in canonical form:  DO
>               NOT SPECIFY UNNECESSARY NULL CHARACTERS, and do not enclose net-
>               work address information with "[]" characters.
>
> Emphasis added for clarity.
>
Wietse,

To me a NULL character is the ASCII character which has all of its bits
set to zero. Could I therefore suggest talking about 0 characters
instead in this man page?

HTH, Jan

Reply | Threaded
Open this post in threaded view
|

Re: Format of ip address in /etc/postfix/access

Rich Wales
The best English phrase to use here would be "unnecessary leading zeroes".

Rich Wales
[hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Format of ip address in /etc/postfix/access

Dominic Raferd
On Sun, 11 Aug 2019 at 08:51, Rich Wales <[hidden email]> wrote:
The best English phrase to use here would be "unnecessary leading zeroes".

or just: 'leading zeroes'

BTW I read at https://www.ibm.com/support/knowledgecenter/en/STCMML8/com.ibm.storage.ts3500.doc/opg_3584_IPv4_IPv6_addresses.html that leading zeroes are canonical. If so, then maybe the text should read 'The access map lookup key must be in canonical form and without leading zeroes, and do not...'
Reply | Threaded
Open this post in threaded view
|

Re: Format of ip address in /etc/postfix/access

Andrew Bernard
In reply to this post by Durga Prasad Malyala

Hello Durga,

I think that's a strange way to write an IP address.

If you do man 3 inet_addr the format for the dotted address is explained. As stated in that man page:

In all of the above forms, components of the dotted address can be specified in decimal, octal (with a  leading 0),  or hexadecimal, with a leading 0X).  Addresses in any of these forms are collectively termed IPV4 numbers-and-dots notation.  The form that uses exactly four decimal numbers is referred to as IPv4 dotted-decimal notation (or sometimes: IPv4 dotted-quad notation).

An example is given:

$ ./a.out 226.000.000.037      # Last byte is in octal

So 037 is octal not decimal.

Because 6 is less than 7 you can get away with it, but not for long with other numerical values that exceed octal. I think its inviting trouble for maintainers of your code.


Andrew


On 11/8/19 2:59 am, Durga Prasad Malyala wrote:
I am curious what is the format of IP addresses in /etc/postfix/access.
i.e. will it understand  006.45.023.230 instead of the common 6.45.23.230 ?
Reply | Threaded
Open this post in threaded view
|

Re: Format of ip address in /etc/postfix/access

Richard Damon
In reply to this post by Rich Wales
On 8/11/19 3:49 AM, Rich Wales wrote:
> The best English phrase to use here would be "unnecessary leading zeroes".
>
> Rich Wales
> [hidden email]
>
I suspect that it also doesn't allow embedded spaces or other extraneous
characters (leading 0s and blanks likely being the most common)

--
Richard Damon

Reply | Threaded
Open this post in threaded view
|

Re: Format of ip address in /etc/postfix/access

Durga Prasad Malyala
In reply to this post by Andrew Bernard
On Sun, 11 Aug 2019 at 14:38, Andrew Bernard <[hidden email]> wrote:

>
> Hello Durga,
>
> I think that's a strange way to write an IP address.
>
> If you do man 3 inet_addr the format for the dotted address is explained. As stated in that man page:
>
> In all of the above forms, components of the dotted address can be specified in decimal, octal (with a  leading 0),  or hexadecimal, with a leading 0X).  Addresses in any of these forms are collectively termed IPV4 numbers-and-dots notation.  The form that uses exactly four decimal numbers is referred to as IPv4 dotted-decimal notation (or sometimes: IPv4 dotted-quad notation).
>
> An example is given:
>
> $ ./a.out 226.000.000.037      # Last byte is in octal
>
> So 037 is octal not decimal.
>
> Because 6 is less than 7 you can get away with it, but not for long with other numerical values that exceed octal. I think its inviting trouble for maintainers of your code.
>
>
> Andrew
>
>
> On 11/8/19 2:59 am, Durga Prasad Malyala wrote:
>
> I am curious what is the format of IP addresses in /etc/postfix/access.
> i.e. will it understand  006.45.023.230 instead of the common 6.45.23.230 ?

well Andrew - I am interested in using a list from
https://dshield.org/ipsascii.html
they are providing a list but it is in the format 089.248.172.085  -
notice the leading zeroes. - I am stripping out all data and only
using the first column. Now instead of firing a script to truncate the
leading zeroes within the octets - I am wondering if the IPs can be
used directly by the postfix access file.

Thanks/DP
Reply | Threaded
Open this post in threaded view
|

Re: Format of ip address in /etc/postfix/access

Ralph Seichter-2
* Durga Prasad Malyala:

> they are providing a list but it is in the format 089.248.172.085

You did notice the comments "DO NOT USE AS BLOCKLIST" and "Please use
your API instead. See https://isc.sans.edu/api", did you not?

-Ralph
Reply | Threaded
Open this post in threaded view
|

Re: Format of ip address in /etc/postfix/access

Benny Pedersen-2
In reply to this post by Durga Prasad Malyala
Durga Prasad Malyala skrev den 2019-08-11 16:27:

> well Andrew - I am interested in using a list from
> https://dshield.org/ipsascii.html

reading line 2 of that url, how would you use it in postfix ?
Reply | Threaded
Open this post in threaded view
|

Re: Format of ip address in /etc/postfix/access

Durga Prasad Malyala
In reply to this post by Ralph Seichter-2
On Sun, 11 Aug 2019 at 20:13, Ralph Seichter <[hidden email]> wrote:
>
> * Durga Prasad Malyala:
>
> > they are providing a list but it is in the format 089.248.172.085
>
> You did notice the comments "DO NOT USE AS BLOCKLIST" and "Please use
> your API instead. See https://isc.sans.edu/api", did you not?
>
> -Ralph
Thanks for your reply.
I'm trying to figureout how to use the API with Postfix or MailScanner.
however I am still curious would postfix understand 089.248.172.085?
Thanks/DP
Reply | Threaded
Open this post in threaded view
|

Re: Format of ip address in /etc/postfix/access

Durga Prasad Malyala
On Sun, 11 Aug 2019 at 21:21, Durga Prasad Malyala <[hidden email]> wrote:

>
> On Sun, 11 Aug 2019 at 20:13, Ralph Seichter <[hidden email]> wrote:
> >
> > * Durga Prasad Malyala:
> >
> > > they are providing a list but it is in the format 089.248.172.085
> >
> > You did notice the comments "DO NOT USE AS BLOCKLIST" and "Please use
> > your API instead. See https://isc.sans.edu/api", did you not?
> >
> > -Ralph
> Thanks for your reply.
> I'm trying to figureout how to use the API with Postfix or MailScanner.
> however I am still curious would postfix understand 089.248.172.085?
> Thanks/DP

I did a random survey of the IPs by searching them manually in
talosintelligence and found that they are shown as either listed in
some RBL or shown an increase in email volume. So I have to figure out
how to use it using the API in conjunction with postfix and
Mailscanner or rspamd with some score for a match.
Thanks/DP
Reply | Threaded
Open this post in threaded view
|

Re: Format of ip address in /etc/postfix/access

Wietse Venema
In reply to this post by Durga Prasad Malyala
Durga Prasad Malyala:

> On Sun, 11 Aug 2019 at 20:13, Ralph Seichter <[hidden email]> wrote:
> >
> > * Durga Prasad Malyala:
> >
> > > they are providing a list but it is in the format 089.248.172.085
> >
> > You did notice the comments "DO NOT USE AS BLOCKLIST" and "Please use
> > your API instead. See https://isc.sans.edu/api", did you not?
> >
> > -Ralph
> Thanks for your reply.
> I'm trying to figureout how to use the API with Postfix or MailScanner.
> however I am still curious would postfix understand 089.248.172.085?

ACCESS(5)                                                            ACCESS(5)

NAME
       access - Postfix SMTP server access table
...
       net.work.addr.ess
       net.work.addr
       net.work
       net    Matches  the  specified IPv4 host address or subnetwork. An IPv4
              host address is a sequence of FOUR DECIMAL OCTETS  separated  by
              ".".


              Subnetworks  are  matched  by  repeatedly  truncating  the  last
              ".octet" from the remote IPv4 host address string until a  match
              is found in the access table, or until further truncation is not

Therefore, the access table has to be in decimal form i.e. not octal
(leading zero), not hexadecimal, not something else.

        Wietse

Reply | Threaded
Open this post in threaded view
|

Re: Format of ip address in /etc/postfix/access

Kris Deugau
In reply to this post by Jan Ceuleers
Jan Ceuleers wrote:
> On 10/08/2019 23:22, Wietse Venema wrote:
>>                NOTE 1: The access map lookup key must be in canonical form:  DO
>>                NOT SPECIFY UNNECESSARY NULL CHARACTERS, and do not enclose net-
>>                work address information with "[]" characters.
>>
>> Emphasis added for clarity.

> To me a NULL character is the ASCII character which has all of its bits
> set to zero. Could I therefore suggest talking about 0 characters
> instead in this man page?

Think "semantically null".  There are other things that could be
included in a "convenient for [x]" format for an IP address which do not
change its meaning.

-kgd