/usr/sbin/bld-pf_log is in bld-postfix 0.3.4.1-4.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 | #!/usr/bin/perl
#
# This Perl script reads mail logs and submits to a BLD daemon anything
# that looks like a "user unknown" Postfix log line
#
# Olivier Beyssac <obld@r14.freenix.org>
#
# Contributors:
# Tim Bynum <tjbynum@timsplace.org>
#
use IO::Socket;
use strict;
my $bld_host = "localhost";
my $bld_port = "2905";
sub bld_submit($$$$)
{
my ($host, $port, $ip, $debug) = @_;
my $sd = IO::Socket::INET->new(PeerHost => $host, PeerPort => $port)
|| return undef;
my $buf;
return if (sysread($sd, $buf, 1024) <= 0);
print "BLD: $buf" if ($debug);
syswrite($sd, "ip=$ip\r\n");
print "YOU: ip=$ip\r\n" if ($debug);
return if (sysread($sd, $buf, 1024) <= 0);
print "BLD: $buf" if ($debug);
close($sd);
}
my $debug;
if ($#ARGV == 0 && $ARGV[0] eq "-d") {
$debug = 1;
}
while (<STDIN>) {
if (/postfix\/smtp[^:]+:[^:]+: reject: RCPT from [^\[]+\[([^\]]+)\]: .* User unknown/) {
bld_submit($bld_host, $bld_port, $1, $debug);
}
}
|