#
# Antispam flu shots.
#
# The idea is that we have certain RCPT TO: addresses that are only hit by
# spammers. When they are hit, we take the MAIL FROM: address and immunize
# ourselves against future hits from it.

# This is HOPELESSLY machine specific.
FLUDB=$MAILVAR/db/relay/flushots

# establish the database of immunizations.
# We use an unordered file so that we don't have to keep sorting it.
relation -t unordered -f $FLUDB -lm -b fludb

# Check to see if a given origin is in the database.
# As a side effect, remember the address.
flu_immunized (type, addr) {
	local t
	t="$(smtp_useratdomain "$addr")"

	# we are temporarily immunized against all all-numeric userids
	sift "$t" in
	(.+)@($badnumdoms)	break;;
	(.+)@(.+)	case "\1" in
			*[a-zA-Z._-]*)	;;
			*)		case "\2" in
					adi-ltd.adi.ca)	;;
					transport.com)	;;
					*)		return 0;;
					esac;;
			esac;;
	tfis
	if [ "$(fludb "$t")" ]; then
		return 0;
	else
		[ "$type" = "from" ] && flu_from="$t"
		return 1;
	fi
}

# Check to see if the delivery address is one of the things we immunize
# on, and if so use $flu_from to give ourselves a shot by appending it
# to $FLUDB.
flu_maybeshot (addr) {
	# No current origin? Next.
	[ "$flu_from" ] || return;

	# Check for victims
	if flu_victim "$addr"; then
		{ echo "# $(rfc822date) added from $rchecksource ($rcheckip) hitting $addr";
		  echo "$flu_from" } >>$FLUDB
	fi
}

# The list of addresses to trigger on.
# We use the unparsed address for the sake of caution, to avoid
# false positives.
flu_victim (addr) {
	sift "$addr" in
	# These are heuristics
	# but you need to write your own.
	no-such-user@here		return 0;;
	tfis

	return 1;
}