| line |
true |
false |
branch |
|
64
|
49 |
53 |
if ref $suppl_attrib
|
|
99
|
82 |
20 |
unless ($did_user_specify_trust and $did_user_specify_internal)
|
|
100
|
44 |
38 |
if (not $did_user_specify_trust || $did_user_specify_internal) { }
|
|
|
36 |
2 |
elsif (not $did_user_specify_internal) { }
|
|
131
|
328 |
4 |
unless $str and $str =~ /($IP_ADDRESS)/
|
|
142
|
0 |
71 |
if ($self->{'qmail_scanner_env_from'})
|
|
150
|
0 |
71 |
unless (defined $relay)
|
|
156
|
5 |
66 |
unless ($relay)
|
|
157
|
1 |
4 |
if $in_trusted
|
|
158
|
1 |
4 |
if $in_internal
|
|
164
|
0 |
66 |
if ($qms_env_from)
|
|
171
|
46 |
20 |
if ($in_trusted and not $found_msa)
|
|
172
|
37 |
9 |
if ($did_user_specify_trust or $did_user_specify_internal) { }
|
|
178
|
4 |
5 |
if ($relay->{'ip_private'})
|
|
185
|
0 |
9 |
if ($relay->{'auth'})
|
|
193
|
5 |
4 |
unless ($inferred_as_trusted)
|
|
201
|
7 |
30 |
if (not $relay->{'auth'} || $trusted->contains_ip($relay->{'ip'})) { }
|
|
202
|
7 |
0 |
if (not $originating) { }
|
|
209
|
0 |
0 |
!$in_internal ? :
|
|
214
|
6 |
24 |
if ($in_internal and not $relay->{'auth'} and not $internal->contains_ip($relay->{'ip'}))
|
|
218
|
3 |
27 |
if ($msa->contains_ip($relay->{'ip'}))
|
|
219
|
3 |
0 |
$in_trusted ? :
|
|
|
2 |
1 |
$in_internal ? :
|
|
232
|
37 |
29 |
$in_trusted ? :
|
|
|
30 |
36 |
$in_internal ? :
|
|
|
3 |
63 |
$relay->{'msa'} ? :
|
|
241
|
37 |
29 |
if ($in_trusted) { }
|
|
250
|
30 |
36 |
if ($in_internal) { }
|
|
274
|
102 |
0 |
if ($self->{'msg'}->can('delete_header'))
|
|
280
|
102 |
0 |
if ($self->{'msg'}->can('put_metadata'))
|
|
360
|
2 |
214 |
unless /^\(?from /i
|
|
364
|
0 |
214 |
if /\bwith local for\b/
|
|
369
|
1 |
213 |
if (/^from (\S+) by [^\s;]+ ?;/i and not $1 =~ /^\[[\d.]+\]$/)
|
|
388
|
112 |
101 |
if (/ id <?([^\s<>;]{3,})/)
|
|
392
|
9 |
204 |
if (m[\bhelo=([-A-Za-z0-9\.\^+_&:=?!\@%*\$\\/]+)(?:[^-A-Za-z0-9\.\^+_&:=?!\@%*\$\\/]|$)]) { }
|
|
|
17 |
187 |
elsif (m[\b(?:HELO|EHLO) ([-A-Za-z0-9\.\^+_&:=?!\@%*\$\\/]+)(?:[^-A-Za-z0-9\.\^+_&:=?!\@%*\$\\/]|$)]) { }
|
|
398
|
207 |
6 |
if (/ by (\S+)(?:[^-A-Za-z0-9\;\.]|$)/)
|
|
412
|
14 |
199 |
if (/ by / and / with ((?:ES|L|UTF8S|UTF8L)MTPS?A|ASMTP|HTTP[SU]?)(?: |;|$)/i) { }
|
|
|
0 |
199 |
elsif (/ by mx\.google\.com with ESMTPS id [a-z0-9]{1,4}sm[0-9]{2,9}[a-z]{3}\.[0-9]{1,3}\.[0-9]{4}\.(?:[0-6][0-9]\.){4}[0-6][0-9]/ and /\(version=([^ ]+) cipher=([^\)]+)\)/) { }
|
|
|
4 |
195 |
elsif (/^from .*?(?:\]\)|\)\]) \(AUTH: (LOGIN|PLAIN|DIGEST-MD5|CRAM-MD5) \S+(?:, .*?)?\) by /) { }
|
|
|
6 |
189 |
elsif (/authenticated/ and /^from .*?(?:\](?: \([^)]*\))?\)|\)\]) .*?\(.*?authenticated.*?\).*? by/) { }
|
|
|
1 |
188 |
elsif (/from \S* \((?:HELO|EHLO) (\S*)\) \[($IP_ADDRESS)\] by (mail\.gmx\.(?:net|com)) \([^\)]+\) with ((?:ESMTP|SMTP))/) { }
|
|
|
3 |
185 |
elsif (/ \(authenticated as / and /\) by .+ \(\d{1,2}\.\d\.\d{3}(?:\.\d{1,3})?\) \(authenticated as .+\) id /) { }
|
|
|
1 |
184 |
elsif (/\) \(Authenticated sender: \S+\) by \S+ \(Postfix\) with /) { }
|
|
|
0 |
184 |
elsif (/CommuniGate Pro (HTTP|SMTP|XIMSS|IMAP)/ and / \(account /) { }
|
|
|
0 |
184 |
elsif (/ with Microsoft Exchange Server HTTP-DAV\b/) { }
|
|
|
1 |
189 |
elsif (/ by / and / \(via (HTTP.?)\)(?: |;|$)/i) { }
|
|
456
|
206 |
7 |
if (s/^from //) { }
|
|
|
2 |
5 |
elsif (s/^FROM //) { }
|
|
|
5 |
0 |
elsif (s/^\(from //) { }
|
|
458
|
6 |
200 |
if (/(?:return-path:? |envelope-(?:sender|from)[ =])(\S+)\b/i)
|
|
465
|
3 |
203 |
if (/ \((?:SquirrelMail|NaSMail) authenticated user /)
|
|
467
|
3 |
0 |
if (/($IP_ADDRESS)\b(?![.-]).{10,80}by (\S+) with HTTP/)
|
|
473
|
0 |
203 |
if (/aol\.com/ and /with HTTP \(WebMailUI\)/)
|
|
475
|
0 |
0 |
if (/($IP_ADDRESS) by (\S+) \($IP_ADDRESS\) with HTTP \(WebMailUI\)/)
|
|
481
|
7 |
196 |
if (/ SMTPSVC/) { }
|
|
|
2 |
194 |
elsif (/\[XMail /) { }
|
|
|
3 |
191 |
elsif (/\(ecelerity\b/) { }
|
|
|
11 |
180 |
elsif (/Exim/) { }
|
|
|
20 |
160 |
elsif (/ \(Postfix\) with/) { }
|
|
|
1 |
159 |
elsif (/\(Scalix SMTP Relay/) { }
|
|
|
0 |
159 |
elsif (/ \(Lotus Domino /) { }
|
|
494
|
5 |
2 |
if (/^(\S*) \(\[($IP_ADDRESS)\][^\)]{0,40}\) by (\S+) with Microsoft SMTPSVC/)
|
|
500
|
1 |
1 |
if (/^mail pickup service by (\S+) with Microsoft SMTPSVC$/)
|
|
508
|
2 |
0 |
if (/^(\S+) \((\[?$IP_ADDRESS\]?)(?::\d+)\) by (\S+)(?: \(\S+\))? with \[XMail/)
|
|
511
|
2 |
0 |
if / id <(\S+)>/
|
|
512
|
2 |
0 |
if / from <(\S+)>/
|
|
521
|
2 |
1 |
if (/^\(\[($IP_ADDRESS):\d+\] helo=(\S+)\) by (\S+) /)
|
|
526
|
1 |
0 |
if (/^\S+ \(\[($IP_ADDRESS):\d+\]\) by (\S+) /)
|
|
541
|
0 |
11 |
if (/\bwith local(?:-\S+)? /)
|
|
545
|
1 |
10 |
if (/^\[($IP_ADDRESS)\] \((.*?)\) by (\S+) /)
|
|
547
|
0 |
1 |
if $sub =~ s/helo=(\S+)//
|
|
548
|
0 |
1 |
if $sub =~ s/ident=(\S*)//
|
|
561
|
7 |
3 |
if (/^(\S+) \(\[($IP_ADDRESS)\](.*?)\) by (\S+) /)
|
|
564
|
5 |
2 |
if $sub =~ s/helo=(\S+)//
|
|
565
|
0 |
7 |
if $sub =~ s/ident=(\S*)//
|
|
572
|
0 |
3 |
if (/^(\S+) \[($IP_ADDRESS)\](:\d+)? by (\S+) /)
|
|
581
|
3 |
0 |
if (/^(\S+) /)
|
|
584
|
2 |
1 |
if (/ \((\S+)\) /)
|
|
587
|
1 |
2 |
if (/ \[($IP_ADDRESS)(?:\.\d+)?\] /)
|
|
590
|
3 |
0 |
if (/by (\S+) /)
|
|
594
|
1 |
2 |
if ($ip)
|
|
604
|
17 |
3 |
if (/^(\S+) \((\S+) \[($IP_ADDRESS)\]\) by (\S+) /)
|
|
607
|
4 |
13 |
if ($rdns eq 'unknown')
|
|
615
|
0 |
3 |
if (/^(\S+) \((\S+)\[($IP_ADDRESS)\]\) by (\S+) /)
|
|
618
|
0 |
0 |
if ($rdns eq 'unknown')
|
|
625
|
1 |
0 |
if (/^(\S+) \( ?($IP_ADDRESS)\) by (\S+)/)
|
|
632
|
0 |
0 |
if (/^(\S+) \(\[($IP_ADDRESS)\]\) by (\S+) \(Lotus/)
|
|
641
|
0 |
165 |
if (/\bwith HTTP\b/ and /^($IP_ADDRESS) \(\[$IP_ADDRESS\]\) by (\S+)/)
|
|
653
|
164 |
1 |
unless (/ by \S+ \(qmail-\S+\) with /)
|
|
661
|
27 |
137 |
if (/^(\S+) \((\S+) \[($IP_ADDRESS)\].*\) by (\S+) \(/)
|
|
664
|
0 |
27 |
if $rdns =~ s/^IDENT:([^\@]*)\@//
|
|
665
|
0 |
27 |
if $rdns =~ s/^([^\@]*)\@//
|
|
677
|
2 |
136 |
if (/^(\S+) \((\S+) \[($IP_ADDRESS)\]\) by (\S+) with \S+ \(/)
|
|
683
|
0 |
136 |
if (/^(\S+) \(\[($IP_ADDRESS)\] helo=(\S+)\) by (\S+) with /)
|
|
689
|
0 |
136 |
if (/^(\S+) \(<unknown\S*>\[($IP_ADDRESS)\]\) by (\S+) /)
|
|
695
|
0 |
136 |
if (/^(\S+) \((\S+\.\S+)\[($IP_ADDRESS)\]\) by (\S+) /)
|
|
703
|
0 |
136 |
if (/^(\S+) \((\S*)\@\[($IP_ADDRESS)\].*\) by (\S+) \(/)
|
|
712
|
1 |
135 |
if (/by (\S+\.hotmail\.msn\.com) /)
|
|
714
|
1 |
0 |
if /^(\S+) /
|
|
721
|
0 |
135 |
if (m[^(\S+) \((?:HELO|EHLO) (\S*)\) \(($IP_ADDRESS)\) by (\S+) \(qpsmtpd/\S+\) with (?:ESMTP|SMTP)])
|
|
726
|
1 |
134 |
if (/^(\S+) \(LHLO (\S*)\) \(($IP_ADDRESS)\) by (\S+) with LMTP/)
|
|
731
|
1 |
133 |
if (/^(\S+) \((?:HELO|EHLO) (\S*)\) \[($IP_ADDRESS)\] by (\S+) \([^\)]+\) with (?:ESMTP|SMTP)/)
|
|
741
|
0 |
133 |
if (/^(\S+) \(\[($IP_ADDRESS)\]\) by (\S+) via smtpd \(for \S+\) with SMTP\(/)
|
|
775
|
54 |
79 |
if (/^\S+( \((?:HELO|EHLO) \S*\))? \((\S+\@)?\[?$IP_ADDRESS\]?\)( \(envelope-sender <\S+>\))? by \S+( \(.+\))* with (.* )?(SMTP|QMQP)(?! id )/)
|
|
776
|
4 |
50 |
if (/^(\S+) \((?:HELO|EHLO) ([^ \(\)]*)\) \((\S*)\@\[?($IP_ADDRESS)\]?\)( \(envelope-sender <\S+>\))? by (\S+)/) { }
|
|
|
7 |
43 |
elsif (/^(\S+) \((?:HELO|EHLO) ([^ \(\)]*)\) \(\[?($IP_ADDRESS)\]?\)( \(envelope-sender <\S+>\))? by (\S+)/) { }
|
|
|
4 |
39 |
elsif (/^(\S+) \((\S*)\@\[?($IP_ADDRESS)\]?\)( \(envelope-sender <\S+>\))? by (\S+)/) { }
|
|
|
39 |
0 |
elsif (/^(\S+) \(\[?($IP_ADDRESS)\]?\)( \(envelope-sender <\S+>\))? by (\S+)/) { }
|
|
795
|
49 |
5 |
if ($rdns ne 'unknown') { }
|
|
807
|
0 |
79 |
if (/ via HTTP$/ and /^\[($IP_ADDRESS)\] by (\S+) via HTTP$/)
|
|
812
|
0 |
79 |
if (/^(\S+) \( \[($IP_ADDRESS)\]\).*? by (\S+) /)
|
|
818
|
0 |
79 |
if (/^\((\S+) \[($IP_ADDRESS)\]\) by (\S+) /)
|
|
823
|
1 |
78 |
if (/^\[($IP_ADDRESS)\] by (\S+) /)
|
|
830
|
4 |
74 |
if (/^\(\[?($IP_ADDRESS)\]?\) by (\S+) /)
|
|
835
|
0 |
74 |
if (/^(\S+) \[($IP_ADDRESS)\] by (\S+) \[(\S+)\] with /)
|
|
845
|
4 |
70 |
if (/^(\S+) \(\[($IP_ADDRESS)\]\) by (\S+) \(/)
|
|
854
|
4 |
66 |
if (/^(\S+) \((\S+) \[($IP_ADDRESS)\]\).*? by (\S+)\b/)
|
|
855
|
1 |
3 |
if ($2 eq 'softdnserr') { }
|
|
866
|
6 |
60 |
if (/^(\S+) \(\[($IP_ADDRESS)(?:[.:]\d+)?\]\).*? by (\S+) /)
|
|
875
|
0 |
60 |
if (/^(\S+) \((\S+) \[($IP_ADDRESS)\]\)(?: \(authenticated bits=\d+\))? by (\S+) \(/)
|
|
890
|
4 |
56 |
if (/with (?:POP3|IMAP)/)
|
|
899
|
1 |
55 |
if (/^(\S+) \((?:HELO|EHLO) ([^\)]*)\) \((\S*@)?\[?($IP_ADDRESS)\]?\).* by (\S+) /)
|
|
904
|
1 |
0 |
defined $3 ? :
|
|
907
|
1 |
0 |
if ($ident)
|
|
914
|
4 |
51 |
if (/^(\S+) \((\S*@)?\[?($IP_ADDRESS)\]?\).* by (\S+) /)
|
|
918
|
0 |
4 |
defined $2 ? :
|
|
920
|
0 |
4 |
if ($ident)
|
|
926
|
0 |
51 |
if (/ with http for / and /^\[($IP_ADDRESS)\] by (\S+) with http for /)
|
|
932
|
0 |
51 |
if (/ via smap / and /^(\S+)\(($IP_ADDRESS)\) by (\S+) via smap /)
|
|
939
|
0 |
51 |
if (/^(\S+)\(($IP_ADDRESS), (?:HELO|EHLO) (\S*)\) by (\S+) via smap /)
|
|
947
|
0 |
51 |
if (/ \(Post/ and /^\[($IP_ADDRESS)\] by (\S+) \(Post/)
|
|
953
|
0 |
51 |
if (/ \(ArGoSoft/ and /^\[($IP_ADDRESS)\] by (\S+) \(ArGoSoft/)
|
|
960
|
1 |
50 |
if (/^($IP_ADDRESS) by (\S+) \((?:SMTPL|InterScan)\b/)
|
|
966
|
0 |
50 |
if (/ with BSMTP/ and /^\S+ by \S+ with BSMTP/)
|
|
972
|
0 |
50 |
if (/^(\S+) \((\S+) \[($IP_ADDRESS)\]\) by (\S+) with /)
|
|
980
|
0 |
50 |
if (/^(\S+) \((?:HELO|EHLO) (\S*)\) \((\S+).*?\) by (\S+) with /)
|
|
983
|
0 |
0 |
if $ip =~ s/([^\@]*)\@//g
|
|
990
|
7 |
43 |
if (/^\[($IP_ADDRESS)\] \((?:account \S+ )?(?:HELO|EHLO) (\S*)\) by (\S+) \(/)
|
|
997
|
4 |
39 |
if (/ \(CommuniGate Pro/ and /^(\S+) \(\[($IP_ADDRESS)\] verified\) by (\S+) \(/)
|
|
1004
|
0 |
39 |
if (/^\(\[($IP_ADDRESS)\]\) by (\S+) with /)
|
|
1010
|
0 |
39 |
if (/^([^\d]\S+) \(($IP_ADDRESS)\) by (\S+) /)
|
|
1016
|
0 |
39 |
if (/^\S+ \(\S+\) by \S+ \(Content Technologies /)
|
|
1022
|
0 |
39 |
if (/^(\S+) \(\[(\S+)\] \[(\S+)\]\) by (\S+) with /)
|
|
1030
|
1 |
38 |
if (/^($IP_ADDRESS) by (\S+) with /)
|
|
1038
|
0 |
38 |
if (/^(\S+) \((\S+)\[($IP_ADDRESS)\]\) by (\S+) /)
|
|
1044
|
0 |
38 |
if (/^\[($IP_ADDRESS)\]\S+ \((?:HELO|EHLO) (\S*)\) by (\S+) /)
|
|
1049
|
0 |
38 |
if (/^($IP_ADDRESS) \((?:HELO|EHLO) (\S*)\) by (\S+) /)
|
|
1054
|
0 |
38 |
if (/^(\S+) \[($IP_ADDRESS)\] by (\S+) /)
|
|
1059
|
0 |
38 |
if (/^(\S+)\(($IP_ADDRESS)\) by (\S+) /)
|
|
1065
|
0 |
38 |
if (/^\[($IP_ADDRESS)\] by (\S+) \(MailGate /)
|
|
1070
|
0 |
38 |
if (/^(\S+) \(unverified \[($IP_ADDRESS)\]\) by (\S+) /)
|
|
1078
|
0 |
38 |
if (/^($IP_ADDRESS) \([A-Za-z][^\)]+\) by (\S+) with /)
|
|
1089
|
3 |
35 |
if (/^\[($IP_ADDRESS)\] \(([^\)]+)\) by (\S+) /)
|
|
1091
|
1 |
2 |
if $sub =~ s/helo=(\S+)//
|
|
1092
|
0 |
3 |
if $sub =~ s/ident=(\S*)//
|
|
1097
|
0 |
35 |
if (/^(\S+) \((?:\S+\@)?($IP_ADDRESS)\) by (\S+) with /)
|
|
1106
|
2 |
33 |
if (/^(\S+)\(($IP_ADDRESS)\)(?:, claiming to be "(\S+)")? via \S+ by (\S+),/)
|
|
1107
|
1 |
1 |
defined $3 ? :
|
|
1108
|
2 |
0 |
if ($1 ne 'UNKNOWN')
|
|
1117
|
0 |
33 |
if (/^(\S+) \((\S+)@($IP_ADDRESS) with login\) by (\S+\.yahoo\.com) with SMTP/)
|
|
1123
|
4 |
29 |
if (/^X-Originating-IP: (\S+)$/)
|
|
1133
|
1 |
28 |
if (/^\S+ \([^\s\@]+\@$LOCALHOST\) by \S+ \(/)
|
|
1138
|
0 |
28 |
if (/^\S+ \S+ by \S+ with local-e?smtp /)
|
|
1141
|
0 |
28 |
if (/^127\.0\.0\.1 \(AVG SMTP \S+ \[\S+\]\)/)
|
|
1144
|
1 |
27 |
if (/^\S+\@\S+ by \S+ by uid \S+ /)
|
|
1147
|
1 |
26 |
if (/^\S+\@\S+ by \S+ /)
|
|
1150
|
0 |
26 |
if (m[^Unknown/Local \(])
|
|
1156
|
0 |
26 |
if (/^$LOCALHOST \((?:\S+\@)?${LOCALHOST}[\)\[]/)
|
|
1160
|
0 |
26 |
if (/^\S+ \((?:\S+\@)?$LOCALHOST\) /)
|
|
1163
|
0 |
26 |
if (/^\S+ \(\S+\@\S+ \[$LOCALHOST\]\) /)
|
|
1166
|
0 |
26 |
if (/^\(AUTH: \S+\) by \S+ with /)
|
|
1170
|
0 |
26 |
if (/^localhost \(localhost \[\[UNIX: localhost\]\]\) by /)
|
|
1174
|
0 |
26 |
if (/^\S+\.amazon\.com by \S+\.amazon\.com with ESMTP \(peer crosscheck: /)
|
|
1177
|
0 |
26 |
if (/^[^\.]+ by \S+ with Novell_GroupWise/)
|
|
1185
|
0 |
26 |
if (/^no\.name\.available by \S+ via smtpd \(for /)
|
|
1191
|
1 |
25 |
if (/^\S+ by \S+ \(.{0,100}\) with qmail-scanner/)
|
|
1200
|
0 |
25 |
if (/^\S+ by \S+ with local/)
|
|
1205
|
0 |
25 |
if (/^\S+ \(\[unix socket\]\) by \S+ \(Cyrus v[0-9]*?\.[0-9]*?\.[0-9]*?\) with LMTPA/)
|
|
1216
|
20 |
5 |
if (/^\S+ by \S+ (?:with|via|for|\()/)
|
|
1220
|
2 |
3 |
if (/^\S+ (?:(?:with|via|for) \S+|\(unverified\)) by\b/)
|
|
1223
|
1 |
2 |
if (/\(LSMTP for/)
|
|
1227
|
1 |
1 |
if (not $helo and /^(\S+)[^-A-Za-z0-9\.]/)
|
|
1239
|
2 |
0 |
if (/^(\S+) \((\S+) \[($IP_ADDRESS)\]\) BY (\S+) ID (\S+)$/)
|
|
1253
|
1 |
4 |
if (/^(\S*) \[($IP_ADDRESS)\]\) by (\S+) \(NAVGW .*?\) with /)
|
|
1261
|
4 |
0 |
if (/^\S+\@localhost\) by \S+ /)
|
|
1264
|
0 |
0 |
if (/^[^\s\@]+\@[^)]+\) by \S+\(jqueuemail\) id [^\s;]+/)
|
|
1271
|
2 |
0 |
if (not $ip and /\[($IP_ADDRESS)\]/)
|
|
1278
|
2 |
0 |
if ($ip and $by)
|
|
1290
|
0 |
177 |
if ($ip eq '')
|
|
1306
|
0 |
177 |
if ($rdns =~ /^unknown$/i)
|
|
1347
|
60 |
117 |
if ($rdns eq '')
|
|
1348
|
14 |
46 |
if ($mta_looked_up_dns) { }
|
|
1389
|
1 |
3 |
if ($self->{'allow_mailfetch_markers'}) { }
|