#!/usr/bin/perl -w 

#This code is a snippet that is designed to drop into MIMEDefang and add headers that will be suitable for SpamAssassin testing.
#
#To implement, the plan will be to add report_safe_copy_headers X-KAM-Reverse to the sa config
#
#I am also adding the reverse DNS answer to the headers with the possibility that this will be useful for URI Blacklist tests.
#
#Draft rules for checking headers added to http://www.peregrinehw.com/downloads/SpamAssassin/contrib/KAM.cf


use strict;
use Net::DNS;

  my ($res, $SenderDomain, $RelayAddr, $packet, @answer, $reverse, $has_subdomain, $reverse_subdomain);

  #TEST CASES

  #GOOD
  #$RelayAddr = '209.225.49.10';
  #NONFQDN
  #$RelayAddr = '209.225.49.27';
  #DOTQUAD
  #$RelayAddr = '209.225.49.28';
  #IN-ADDR
  #$RelayAddr = '209.225.49.29';
  #NO ENTRY
  #$RelayAddr = '209.225.49.200';
  #MARKED AS DYN
  $RelayAddr = '209.225.49.31';


  $res = Net::DNS::Resolver->new;

    if (defined ($res)) {
      $res->tcp_timeout(30);              #Number of Seconds before query will fail
      $res->udp_timeout(30);              #Number of Seconds before query will fail


      #Perform a reverse DNS lookup and set headers for SpamAssassin Scoring based on AOL's reverse DNS policy as of Sept/22/2006
      #See http://postmaster.aol.com/info/rdns.html
      
      $packet = $res->send($RelayAddr);

      if (defined ($packet)) {
        #print "No Error - May or may not have resolved. Check ancount.\n";

        if (defined ($packet->answer) && $packet->header->ancount) {
          #HAS A REVERSE ENTRY
          @answer = $packet->answer;

          if ($answer[0]->type eq "PTR") {
            $reverse = $answer[0]->{'ptrdname'};

            #TO AVOID FAILING DYNDNS.ORG, ETC. WE ARE ONLY TESTING THE SUBDOMAIN(s) (i.e. the part to the left of the domain)
            $has_subdomain = ($reverse =~ s/\././g > 1);
            if ($has_subdomain) {
              $reverse_subdomain = $reverse;
              $reverse_subdomain =~ s/[^\.]*\.[^\.]*$//;
            }

            if ($reverse =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/ or $reverse !~ /\./ or $reverse =~ /in-addr.arpa/i) {
              #FAILED REQUIREMENT HAD AN INVALID IP QUAD, CONTAINED IN-ADDR.ARPA OR FAILED TO USE A FQDN
              print "+5";
              #action_change_header("X-KAM-Reverse", "Failed - $reverse - Reverse PTR was invalid ip quad, contained in-addr.arpa or failed to use a FQDN");
              #&append_header_immediately("X-KAM-Reverse", "Failed - $reverse - Reverse PTR was invalid ip quad, contained in-addr.arpa or failed to use a FQDN");
            } elsif ($has_subdomain && $reverse_subdomain =~ /pool|dhcp|dyn|dial/i) {
              #REVERSE DNS SUBDOMAIN ENTRY IS SUSPECT
              print "+3";
              #action_change_header("X-KAM-Reverse", "Suspect - $reverse - Reverse PTR contains data that indicates it is a dynamic IP");
              #&append_header_immediately("X-KAM-Reverse", "Suspect - $reverse - Reverse PTR contains data that indicates it is a dynamic IP");
            } else {
              #VALID REVERSE DNS.  SCORE AS HAM
              print "-1";
              #action_change_header("X-KAM-Reverse", "Passed - Reverse DNS of $reverse");
              #&append_header_immediately("X-KAM-Reverse", "Passed - Reverse DNS of $reverse");
            }
          }
        } else {
          #FAILED REQUIREMENT DID NOT HAVE A REVERSE ENTRY
          print "+7";
          #action_change_header("X-KAM-Reverse", "Missing - Reverse PTR for $RelayAddr was missing!");
          #&append_header_immediately("X-KAM-Reverse", "Missing - Reverse PTR for $RelayAddr was missing!");
        }
      } else {
        #Undef = Error.  DO NOT BASE ANY CODE ON THIS RETURN
      }
    }

exit;