Mailing List SIMS@mail.stalker.com Message #10996
From: Warren Michelsen <Warren@MDCCLXXVI.com>
Subject: BBEdit Script to list Blacklisted IPs
Date: Fri, 7 Jun 2002 12:18:51 -0700
To: SIMS Discussions <SIMS@mail.stalker.com>
At 11:04 AM -0400 6/7/02, Paul List Hess wrote:
>Anyone care to post a BBEdit "grep" string which would pull out those addresses?

Here's an AppleScript I use in BBEdit to pull out the IP addresses of mail servers that were blocked by a RBL response of 127.0.0.4. Just open the log in BBEdit, then invoke this script.

Adapt as necessary.

tell application "BBEdit"
activate
copy lines containing "127.0.0.4"
make new text window
paste
replace "\\]\\).*$" using "" searching in text 1 of text window 1 options {search mode:grep, starting at top:true, wrap around:false, reverse:false, case sensitive:false, match words:false, extend selection:false}
replace "^.*\\(\\[" using "" searching in text 1 of text window 1 options {search mode:grep, starting at top:true, wrap around:false, reverse:false, case sensitive:false, match words:false, extend selection:false}
end tell

After running this, you need to manually sort the list then run:

tell application ""
activate
«event R*chRepl» "^(.*\\r)\\1+" given «class Repl»:"\\1", «class FnIn»:text 1 of «class TxtW» 1, «class Opts»:{«class SMod»:«constant SModGrep», «class STop»:true, «class Wrap»:false, «class Rvrs»:false, «class Case»:false, «class Wrds»:false, «class ExSl»:false}
end tell

to remove duplicate lines. You're left with a list of IP addresses which, in this example, had a "127.0.0.4" RBL result. The first script contains the Grep patterns used to isolate the IP addresses.

If I could figure out how to get BBEdit to sort, I'd wrap this up into one script... If anyone improves on this (shouldn't be hard) please share the result.


>
>At 6:03 PM -0400 6/6/02, Stefan Jeglinski wrote:
>>True; however, with BBEdit or other it wouldn't be to hard to cull those IPs on a daily basis and paste them into your static blacklist. But since the spammer is not likely to be bright (by definition), there's a likelihood that using an RBL, as mentioned by Craig, would catch a portion of it or possibly most or all of it.
>>
> >Stefan Jeglinski

--
"Your new computer's not gonna be a Mac? Dude, you're getting a Dull!"
Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster