GUIDE TO (mostly) HARMLESS HACKING
Vol. 3 Number 1
How to protect yourself from email bombs!
Email bombs! People like angry johnny, AKA the "Unamailer,"
have made the news lately by arranging for 20 MB or more of email
-- tens of thousands of messages -- to flood every day
into his victims' email accounts.
Email bombing can be bad news for two reasons. One, the victim
can't easily find any of their legitimate email in that giant
garbage heap of spam. Two, the flood of messages ties up mail
servers and chews up communications bandwidth.
Of course, those are the two main reasons that email bombers
make their attacks: to mess up people's email and/or harm the
ISPs they target. The email bomb is a common weapon of war against
Internet hosts controlled by spammers and con artists. It also
is used by lusers with a grudge.
News stories make it sound like email bombing victims are,
ahem, s*** out of luck. But we aren't. We know, because angry
-- the Christmas email bomber -- told the press that he had targeted
the Happy Hacker list's Supreme Commanderess, Carolyn Meinel.
(Someone simultaneously attempted to email bomb the Happy Hacker
list itself but no one has stepped forward to take credit for
the attempt).
But as you know from the fact that we got the Happy Hacker
Digest out after the attack, and by the fact that I kept answering
my email, there are ways to beat the email bombers.
Now most of these are techniques for use by experts only.
But if you are, like most of us on this list, a newbie, you may
be able to win points with your ISP by emailing its technical
help people with some of the information within this guide. Maybe
then they'll forgive you if your shell log file gets to looking
a little too exciting!
My first line of defense is to use several on-line services.
That way, whenever one account is getting hacked, bombed, etc.,
I can just email all my correspondents and tell them where to
reach me. Now I've never gotten bombed into submission, but I
have gotten hacked badly and often enough that I once had to
dump an ISP in disgust. Or, an ISP may get a little too anxious
over your hacking experiments. So it's a good idea to be prepared
to jump accounts.
But that's a pretty chicken way to handle email bombing. Besides,
a member of the Happy Hacker list says that the reason angry
johnny didn't email bomb all the accounts I most commonly use
is because he persuaded johnny to just bomb one for publicity
purposes. But even if johnny had bombed all my favorite accounts,
I could have been back on my feet in a hurry.
There are several ways that either your ISP or you can defeat
these attacks.
The simplest defense is for your ISP to block mail bombs at
the router. This only works, however, if the attack is coming
from one or a few hosts. It also only works if your ISP agrees
to help you out. Your ISP may just chicken out instead and close
your account.
***************************
Newbie note: routers are specialized computers that direct traffic.
A host is a computer on the Internet.
***************************
But what if the attack comes from many places on the Internet?
That happened to me on Christmas day when angry johnny took credit
for an email bombing attack that also hit a number of well-known
US figures such as evangelist Billy Graham, President Bill Clinton
and Speaker of the US House of Representatives Newt Gingrich.
(I blush to find myself in such company.)
The way angry johnny worked this attack was to set up a program
that would go to one computer that runs a program to handle email
lists and automatically subscribe his targets to all lists handled
by that computer. Then his program went to another computer that
handles email lists and subscribed his targets to all the lists
it handled, and so on.
I was able to fix my problem within a few minutes of discovery.
johnny had subscribed all these lists to my address cmeinel@swcp.com.
But I use my private domain, cmeinel.com, to receive email.
Then I pipe all this from my nameserver at Highway Technologies
to whatever account I find useful at the time. So all I had to
do was go to the Highway Technologies Web site and configure
my mail server to pipe email to another account.
**************************
Newbie note: a mail server is a computer that handles email.
It is the one to which you hook your personal computer when you
give it a command to upload or download your email.
**************************
***********************
Evil genius tip: You can quickly reroute email by creating a
file in your shell account (you do have a shell account, don't
you? SHELL ACCOUNT! All good hackers should have a SHELL ACCOUNT!)
named .forward. This file directs your email to another email
account of your choice.
***********************
If angry johnny had email bombed , I
would have piped all that crud to dev/null and requested that
my correspondents email to carolyn@cmeinel.com, etc. It's
a pretty flexible way of handling things. And my swcp.com accounts
work the same way. That ISP, Southwest Cyberport, offers each
user several accounts all for the same price, which is based
on total usage. So I can create new email addresses as
needed.
Warning -- this technique -- every technique we cover here
-- will still cause you to lose some email. But I figure, why
get obsessive over it? According to a study by a major paging
company, a significant percentage of email simply disappears.
No mail daemon warning that the message failed, nothing. It just
goes into a black hole. So if you are counting on getting every
piece of email that people send you, dream on.
But this doesn't solve my ISP's problem. They still have to
deal with the bandwidth problem of all that crud flooding in.
And it's a lot of crud. One of the sysadmins at Southwest Cyberport
told me that almost every day some luser email bombs one of their
customers. In fact, it's amazing that angry johnny got as much
publicity as he did, considering how commonplace email bombing
is. So essentially every ISP somehow has to handle the email
bomb problem.
How was angry johnny was able to get as much publicity as
he did? You can get an idea from this letter from Lewis Koch,
the journalist who broke the story (printed with his permission):
From: Lewis Z Koch <lzkoch@mcs.net>
Subject: Question
Carolyn:
First, and perhaps most important, when I called you to check
if you had indeed been email bombed, you were courteous enough
to respond with information. I think it is a tad presumptuous
for you to state that "as a professional courtesy I am _letting_
Lewis Koch get the full scoop." This was a story that
was, in fact, exclusive.
(Carolyn's note: as a victim I knew
technical details about the attack that Koch didn't know. But
since Koch tells me he was in contact with angry johnny in the
weeks leading up to the mass email bombings of Christmas 1996,
he clearly knew a great deal more than I about the list of johnny's
targets. I also am a journalist, but deferred to Koch by not
trying to beat him to the scoop.)
Second, yes I am a subscriber and I am interested in the ideas
you advance. But that interest does not extend to feeding you
-- or single individual or group -- :"lots of juicy details."
The details of any story lay in the writing and commentary I
offer the public. "Juicy" is another word for
sensationalism, a tabloid approach -- and something I carefully
avoid.
(Carolyn's note: If you wish to see
what Koch wrote on angry johnny, you may see it in the Happy
Hacker Digest of Dec. 28, 1996.)
The fact is I am extraordinarily surprised by some of the
reactions I have received from individuals, some of whom were
targets, others who are bystanders.
The whole point is that there are extraordinary vulnerabilities
to and on the Net -- vulnerabilities which are being ignored...at
the peril of us all.
Continuing: "However, bottom line is that the email bomber
used a technique that is ridiculously lame -- so lame that even
Carolyn Meinel could turn off the attack in mere minutes. Fry
in dev/null, email bomber!"
johnny made the point several times that the attack was "simple."
It was deliberately designed to be simple. I imagine -- I know
-- that if he, or other hackers had chosen to do damage, serious,
real damage, they could easily do so. They chose not to.
One person who was attacked and was angry with my report.
He used language such as "his campaign of terror,"
"the twisted mind of 'johnny'," "psychos like
'johnny'," "some microencephalic moron," "a
petty gangster" to describe johnny.
This kind of thinking ignores history and reality. If
one wants to use a term such as "campaign of terror"
they should check into the history of the Unabomber, or the group
that bombed the Trade Center, or the Federal Building in Oklahoma
City...or look to what has happened in Ireland or Israel.
There one finds "terrorism."
What happened was an inconvenience --equivalent, in my estimation,
to the same kind of inconvenience people experienced when young
people blocked the streets of major cities in protest against
the war in Vietnam. People were inconvenienced --- but
the protesters were making a point about an illegal and unnecessary
war that even the prosecutors of the war, like Robert McNamara
knew from the beginning was a lost venture. Hundreds of
thousands of people lost their lives in that war -- and if some
people found themselves inconvenienced by people protesting against
it -- I say, too d*** bad.
Thank you for forwarding my remarks to your list
Ahem. I'm flattered, I guess. Is Koch suggesting the Happy
Hacker list -- with its habit of ***ing out naughty words --
and evangelist Billy Graham -- whose faith I share -- are of
an Earth-shaking level of political bad newsness comparable to
the Vietnam War?
So let's say you don't feel that it is OK for any two-bit
hacker wannabe to keep you from receiving email. what are some
more ways to fight email bombs?
For bombings using email lists, one approach is to run a program
that sorts through the initial flood of the email bomb for those
"Welcome to the Tomato Twaddler List!" messages which
tell how to unsubscribe. These programs then automatically compose
unsubscribe messages and send them out.
Another way your ISP can help you is to provide a program
called Procmail (which runs on the Unix operating system. For
details, Zach Babayco (zachb@netcom.com) has provided the following
article. Thank you, Zach!
*******************************
Defending Against Email-Bombing and Unwanted Mail
© (C) Zach Babayco, 1996
[Before I start this article, I would like to thank Nancy
McGough for letting me quote liberally from her Filtering Mail
FAQ, available at http://www.cis.ohio-state.edu/hypertext/faq/usenet/mail/filtering-faq/faq.html.
This is one of the best filtering-mail FAQs out there, and if
you have any problems with my directions or want to learn more
about filtering mail, this is where you should look.]
Lately, there are more and more people out there sending you
email that you just don't want, like "Make Money Fast!"
garbage or lame ezines that you never requested or wanted in
the first place. Worse, there is the email bomb.
There are two types of email bombs, the Massmail and the Mailing
List bomb:
1) Massmail-bombing. This is when an attacker sends
you hundreds, or perhaps even thousands of pieces of email, usually
by means of a script and fakemail. Of the two types, this
is the easier to defend against, since the messages will be coming
from just a few addresses at the most.
2) Mailing List bombs. In this case, the attacker will
subscribe you to as many mailing lists as he or she can.
This is much worse than a massmail because you will be getting
email from many different mailing lists, and will have to save
some of it so that you can figure out how to unsubscribe from
each list.
This is where Procmail comes in. Procmail (pronounced
prok-mail) is a email filtering program that can do some very
neat things with your mail, like for example, if you subscribe
to several high-volume mailing lists, it can be set up to sort
the mail into different folders so that all the messages aren't
all mixed up in your Inbox. Procmail can also be configured
to delete email from certain people and addresses.
Setting up Procmail
-------------------
First, you need to see if your system has Procmail installed.
From the prompt, type:
> which procmail
If your system has Procmail installed, this command will tell
you where Procmail is located. Write this down - you will
need it later.
*NOTE* If your system gives you a response like "Unknown
command: which" then try substituting 'which' with 'type',
'where', or 'whereis'.
If you still cannot find Procmail, then it is probably a good
bet that your system does not have it installed. However,
you're not completely out of luck - look at the FAQ I mentioned
at the beginning of this file and see if your system has any
of the programs that it talks about.
Next, you have to set up a resource file for Procmail.
For the rest of this document, I will use the editor Pico.
You may use whichever editor you feel comfortable with.
Make sure that you are in your home directory, and then start
up your editor.
> cd
> pico .procmailrc
Enter the following in the .procmailrc file:
# This line tells Procmail what to put in its log file.
Set it to on when
# you are debugging.
VERBOSE=off
# Replace 'mail' with your mail directory.
MAILDIR=$HOME/mail
# This is where the logfile and rc files will be kept
PMDIR=$HOME/.procmail
LOGFILE=$PMDIR/log
# INCLUDERC=$PMDIR/rc.ebomb
(yes, type the INCLUDERC line WITH the #)
Now that you've typed this in, save it and go back up to your
home directory.
> cd
> mkdir .procmail
Now go into the directory that you just made, and start your
editor up with
a new file: rc.ebomb:
IMPORTANT: Be sure that you turn off your editor's word
wrapping during this part. You will need to have the second,
third, and fourth lines of this next example all on one line.
With Pico, use the -w flag. Consult your editor's manual
page for instructions on turning off its word wrapping. Make
sure that when you edit it, you leave NO SPACES in that line.
> cd .procmail
> pico -w rc.noebomb
# noebomb - email bomb blocker
:0
* ! ^((((Resent-)?(From|Sender)|X-Envelope-From):|From )(.*[^.%@a-z0-9])?
(Post(ma?(st(e?r)?|n)|office)|Mail(er)?|daemon|mmdf|root|uucp|LISTSERV|owner
|request|bounce|serv(ices?|er))([^.!:a-z0-9]|$)))
* ! ^From:.*(postmaster|Mailer|listproc|majordomo|listserv|cmeinel|johnb)
* ! ^TO(netstuff|computing|pcgames)
/dev/null
Lets see what these do. The first line tells Procmail
that this is the beginning of a "recipe" file.
A recipe it basically what it sounds like -- it tells the program
what it should look for in each email message, and if it finds
what it is looking for, it performs an action on the message
- forwarding it to someone; putting it in a certain folder; or
in this case, deleting it.
The second, third, and fourth lines (the ones beginning with
a *)are called CONDITIONS. The asterisk (*) tells Procmail
that this is the beginning of a condition. The ! tells
it to do the OPPOSITE of what it would normally do.
Condition 1:
* ! ^((((Resent-)?(From|Sender)|X-Envelope-From):|From )(.*[^.%@a-z0-9])?
(Post(ma?(st(e?r)?|n)|office)|Mail(er)?|daemon|mmdf|root|uucp|LISTSERV|owner
|request|bounce|serv(ices?|er))([^.!:a-z0-9]|$)))
Don't freak out over this, it is simpler than it seems at
first glance. This condition tells Procmail to look at the header
of a message, and see if it is from one of the administrative
addresses like root or postmaster, and also check to see if it
is from a mailer-daemon (the thing that sends you mail when you
bounce a message). If a message IS
from one of those addresses, the recipe will put the message
into your inbox and not delete it.
Advanced User Note: Those of you who are familiar with
Procmail are probably wondering why I require the user to type
in that whole long line of commands, instead of using the FROM_MAILER
command. Well, it looked like a good idea at first, but
I just found out a few days ago that FROM_MAILER also checks
the Precedence: header for the words junk, bulk, and list.
Many (if not all) mailing-list servers have either Precedence:
bulk or Precedence: list, so if someone subscribes you to several
hundred lists, FROM_MAILER would let most of the messages through,
which is NOT what we want.
Condition 2:
* ! ^From:.*(listproc|majordomo|cmeinel|johnb)
This condition does some more checking of the From: line in
the header. In this example, it checks for the words listproc,
majordomo, cmeinel, and johnb. If it is from any of those
people, it gets passed on to your Inbox. If not, it's a
goner. This is where you would put the usernames of people
who normally email you, and also the usernames of mailing-list
servers, such as listproc and majordomo. When editing this
line, remember to: only put the username in the condition, not
a persons full email address, and remember to put a | between
each name.
Condition 3:
* ! ^TO(netnews|crypto-stuff|pcgames)
This final condition is where you would put the usernames
of the mailing lists that you are subscribed to (if any).
For example, I am subscribed to the netnews, crypto-stuff, and
pcgames lists. When you get a message from most mailing
lists, most of the time the list address will be in the To: or
Cc: part of the header, rather than the From: part. This
line will check for those usernames and pass them through to
your Inbox if they match. Editing instructions are the
same as the ones for Condition 2.
The final line, /dev/null, is essentially the trash can of
your system. If a piece of email does not match any of
the conditions, (i.e. it isn't from a mail administrator, it
isn't from a listserver or someone you write to, and it's not
a message from one of your usual mailing lists) Procmail dumps
the message into /dev/null, never to be seen again.
Ok. Now you should have created two files: .procmailrc
and rc.noebomb. We need one more before everything will work
properly. Save rc.noebomb and exit your editor, and go
to your home directory. Once there, start your editor up
with the no word wrapping command.
> cd
> pico -w .forward
We now go to an excerpt from Nancy M.'s Mail Filtering FAQ:
Enter a modified version of the following
in your ~/.forward:
"|IFS=' ' && exec /usr/local/bin/procmail
-f- || exit 75 #nancym"
== IMPORTANT NOTES ==
* Make sure you include all the quotes, both
double (") and single (').
* The vertical bar (|) is a pipe.
* Replace /usr/local/bin with the correct
path for procmail (see step 1).
* Replace `nancym' with your userid.
You need to put our userid in your .forward so that it
will be different than anyother .forward ile on your system.
* Do NOT use ~ or environment variables, like
$HOME, in your .forward file. If procmail resides
below your home directory write out the *full* path.
On many systems you need to make your .forward
world
readable and your home directory world searchable in order
for the mail transport agent to "see" it. To
do this type:
cd
chmod 644 .forward
chmod a+x .
If the .forward template above doesn't work the following
alternatives might be helpful:
In a perfect world:
"|exec /usr/local/bin/procmail
#nancym"
In an almost perfect world:
"|exec /usr/local/bin/procmail
USER=nancym"
In another world:
"|IFS=' ';exec
/usr/local/bin/procmail #nancym"
In a different world:
"|IFS=' ';exec
/usr/local/bin/procmail USER=nancym"
In a smrsh world:
"|/usr/local/bin/procmail
#nancym"
Now that you have all the necessary files made, it's time
to test this filter. Go into your mailreader and create
a new folder called Ebombtest. This procedure differs from
program to program, so you may have to experiment a little.
Then open up the rc.noebomb file and change /dev/null to Ebombtest.
(You should have already changed Conditions 2 and 3 to what you
want; if not, go do it now!) Finally, open up .procmailrc
and remove the # from the last line.
You will need to leave this on for a bit to test it.
Ask some of the people in Condition 2 to send you some test messages.
If the messages make it through to your Inbox, then that condition
is working fine. Send yourself some fake email under a
different name and check to see if it ends up in the Ebombtest
folder. Also, send yourself some fakemail from root@wherever.com
to make sure that Condition 1 works. If you're on any mailing
lists, those messages should be ending up in your Inbox as well.
If all of these test out fine, then congratulations!
You now have a working defense against email bombs. For
the moment, change the Ebombtest line in the rc.noebomb file
back to /dev/null, and put the # in front of the INCLUDERC line
in the .procmailrc file. If someone ever decides to emailbomb
you, you only need to remove the #, and you will have greatly
cut down on the amount of messages coming into your Inbox, giving
you a little bit of breathing room to start unsubscribing to
all those lists, or start tracking down those idiots who did
it and get their asses kicked off their ISP's.
If you have any comments or questions about this, email me
at zachb@netcom.com. Emailbombs WILL go to /dev/null, so
don't bother!
Disclaimer: When you activate this program, it is inevitable
that a small amount of wanted mail MAY get put into /dev/null,
due to the fact that it is nearly impossible to know the names
of all the people that may write to you. Therefore, I assume
no responsibility for any email which may get lost, and any damages
which may come from those lost messages.
********************
Don't have procmail? If you have a Unix box, you can download
procmail from ftp://ftp.informatik.rwth-aachen.de/pub/packages/procmail/
*******************
A note of thanks goes to Damien Sorder (jericho@dimensional.com)
for his assistance in reviewing this guide.
And now, just to make certain you can get this invaluable
Perl script to automatically unsubscribe email lists, here is
the listing:
#!/usr/local/bin/perl
# unsubscribe
#
# A perl script by Kim Holburn, University of Canberra 1996.
# kim@canberra.edu.au
# Feel free to use this and adjust it. If you make any
useful adjustments or
# additions send them back to me.
#
# This script will unsubscribe users in bulk from whatever mail
lists they are
# subscribed to. It also mails them that it has done this.
# It is useful for sys admins of large systems with many accounts
and
# floating populations, like student servers.
# This script must be run by root although I don't check for
this.
# You have to be root to read someone else's mailbox and to
# su to their account, both of which this script need to do.
#
# This script when applied to a mailbox will look through it
to find
# any emails sent by mailing lists, attempt to determine the
address of the
# mailing list and then send an unsubscribe message from that
user.
# If invoked with no options only the mailbox name(s) it will
assume
# the mailbox filename is the same as the username, as it is
on a sun.
#
# Technical details:
# To find emails from mailing lists it looks for "owner"
as part of
# the originating email address in the BSD From line (envelope).
# list servers that don't do this will be missed if you can figure
a way
# round this let me know.
# The script doesn't do any file locking but then it only reads
the mailbox
# file.
sub fail_usage {
if (@_ ne '') { print "Error : ", @_, "\n";
}
print "Usage : $0 [-d] mailboxes\n";
print "Usage : $0 [-d] -u user mailbox\n";
print "Usage : $0 [-d] -u user -l listname -h host
-a listserver\n";
print "where listserver is the full email address
of the listserver\n";
exit;
}
sub unsub {
local ($myuser, $mylist, $myhost, $myaddress) = @_;
if (!$debug) {
if (!open (SEND,
"|(USER=$myuser;LOGNAME=$myuser;su $myuser -c \"/usr/ucb/mail
$myaddress\")"))
{ print "Couldn't open mailer
for user \"$myuser\"\n"; next; }
print SEND "unsubscribe $mylist\n"
;
close SEND;
} else {
print "No unsub \"$myuser\"
on \"$mylist@$myhost\" to :\n";
print "
$myaddress\n";
}
}
sub notify {
local($myuser, $mylist, $myhost, $myaddress) = @_;
if (!$debug) {
if (!open (SEND, "|/usr/ucb/mail -s \"unsubscribed
$mylist\" $myuser"))
{ print "Couldn't open mailer
for user \"$myuser\"\n"; next; }
$mess = <<EOM;
You have been automatically unsubscribed from the mailing list
:
$mylist@$myhost
to resubscribe follow the original directions or
EOM
print SEND $mess;
if ($myaddress !~ /,/) {
print SEND "send a message
to the address $myaddress \n" ;
} else {
print SEND "send a message
to the appropriate one of the addresses:\n";
print SEND "$myaddress \n"
;
}
$mess4 = <<EOM2;
with no subject, no signature and a single line :
subscribe (your name)
EOM2
print SEND $mess4 ;
close SEND;
} else {
print "No notify \"$myuser\"
on \"$mylist@$myhost\" to :\n";
print "
$myaddress\n";
}
}
$debug=0;
$usersupplied=0;
while (($#ARGV > (-1)) && ($ARGV[0] =~ /^-/)) {
if ($ARGV[0] eq '-d') { shift ARGV; $debug=1; }
elsif ($#ARGV < 1) { &fail_usage("option \"$ARGV[0]\"
needs an argument"); }
elsif ($ARGV[0] eq '-u') { shift ARGV; $user=shift ARGV;
}
elsif ($ARGV[0] eq '-l') { shift ARGV; $list=shift ARGV;
}
elsif ($ARGV[0] eq '-h') { shift ARGV; $host=shift ARGV;
}
elsif ($ARGV[0] eq '-a') { shift ARGV; $address=shift
ARGV; }
else { &fail_usage(); }
}
$usersupplied = ($user ne '') ;
#print "debug d=\"$debug\" u=\"$user\"
l=\"$list\" h=\"$host\"\n";
#print "debug \$#ARGV=$#ARGV a=\"$address\" \n";
if ($#ARGV == (-1)) {
if ($usersupplied && $list ne '' && $host
ne '' && $address ne '' && $#ARGV) {
$list =~ s/@.*$//;
$user =~ s/@.*$//;
$host =~ s/^.*@//;
if ($address !~ /@/) { &fail_usage("bad
address"); }
&unsub ($user, $list, $host, $address);
¬ify ($user, $list, $host, $address);
exit;
} else { &fail_usage("no files and no addresses");
}
}
if ($usersupplied && $#ARGV > 0) { &fail_usage();
}
foreach $file (@ARGV) {
%addresses=();
if (!$usersupplied) { $user=$file; }
$user =~ s@^.*/@@;
if ($file =~ /^\./) { print "skipping wrong type
of file \"$file\"\n"; next; }
if ($file =~ /\.lock/)
{ print "skipping lock file \"$file\"\n";
next; }
if ($file =~ /\./) { print "skipping wrong type of
file \"$file\"\n"; next; }
$user =~ s/^\.//;
$user =~ s/\..*$//;
if (!open (MYFILE, "<$file" ))
{ print "Couldn't open file \"$file\"\n";
next; }
print "--------------------------opening file \"$file\"\n";
while (<MYFILE>) {
# if (/(\bnews-[-\w.]+@)|([-\w.]+-news@)/i)
# if (/(\brequest-[-\w.]+@)|([-\w.]+-request@)/i)
if (/(\bowner-[-\w.]+@)|([-\w.]+-owner@)/i)
{
chop;
tr/A-Z/a-z/;
if (/\bowner-[-\w.]+@/) { s/^.*\bowner-([-\w.]+@[\w.]+)\b.*$/\1/;
}
else { s/(^|^.*[^-\w.])([-\w.]+)-owner(@[\w.]+)\b.*$/\2\3/;
}
if (/[^a-z0-9@.-]/) { next; }
if (!defined ($addresses{$_}))
{ $addresses{$_}=""; }
}
if (/(\bl-[-\w.]+@)|([-\w.]+-l@)/i) {
chop;
tr/A-Z/a-z/;
if (/\bl-[-\w.]+@/) { s/^.*\bl-([-\w.]+@[\w.]+)\b.*$/\1/;
}
else { s/(^|^.*[^-\w.])([-\w.]+)-l(@[\w.]+)\b.*$/\2\3/;
}
if (/[^a-z0-9@.-]/) { next; }
if (!defined ($addresses{$_}))
{ $addresses{$_}=""; }
}
}
close MYFILE;
while (($key,$value)=each %addresses) { print "$key\n";
}
if (! keys %addresses ) { print "no listservers\n";
next; }
if (! open (MYFILE, "<$file" ))
{ print "Couldn't open file \"$file\"\n";
next; }
print "looking for listserver addresses\n";
while (<MYFILE>) {
foreach $address (keys %addresses) {
$host=$address;
$host =~ s/^.*@//;
if (/(listserv|listproc|majordomo)@$host/i)
{
$addresses{$address}=$1;
# print "found
1 = \"$1\"\n";
}
}
}
close MYFILE;
while (($key,$value)=each %addresses) {
$host=$key;
$host=~s/^.*@//;
$list=$key;
$list=~s/@.*$//;
# print "$value@$host key=\"$key\"
list=\"$list\" \n";
if ($value eq '')
{ $address="listserv@$host,listproc@$host,majordomo@$host";
}
else { $address="$value@$host";
}
print "address=\"$address\"\n";
print "unsubscribe $list\n";
if (!$debug) {
print "Mailing $user\n";
&unsub ($user, $list, $host,
$address);
¬ify ($user, $list, $host,
$address);
} else {
print "debug no mail\n";
}
}
}
________________________________________
Want to share some kewl stuph with the Happy Hacker list? Correct
mistakes?
To send me confidential email (please, no discussions of illegal
activities) use and be sure to state in
your message that you want me to keep this confidential. If you
wish your message posted anonymously, please say so! Please direct
flames to dev/null@cmeinel.com. Happy hacking!
© 1997 Carolyn P. Meinel. You may forward or post
on your Web site this GUIDE TO (mostly) HARMLESS HACKING as long
as you leave this notice at the end..
