On Tue, Apr 24, 2007 at 09:03:51PM -0700, Marc Perkel wrote: > Is there an algorithm that one can feed an IP address into and return > the email address of the responsible person for the IP to report spam to?
There is the command-line "whois", as well as the ARIN web site http://www.arin.net/whois/index.html whois is quicker and easier and drills down to foreign registries, but doesn't always return what you need. The ARIN web site isn't as easy to use, but always returns useful information for North American networks, and provides links to foreign registries like it. I have a policy of reporting any spam I have to touch, such as that sent to my postmaster address and submissions to my closed mailing list. I have developed a script to automate as much of the look-up as I can. I herewith offer it. I call it "ew" for "extended whois". It sorts the email addresses found, so "abuse" is easily found at the beginning of the list. =================8<-------------------------------- #!/usr/bin/perl -w use strict; my $myname = $0; $myname =~ [EMAIL PROTECTED]/@@; @ARGV || die("usage: $myname <IPaddr_or_netname>\n"); &whois(shift); exit 0; sub whois { my($arg) = @_; # Strip out IPV6 stuff. $arg =~ s/^::ffff://; my($line, $head, %ip, $val); my(%email) = (); my $state = ""; my $country = ""; my $netname = ""; if(open(WHO, "whois $arg|")) { while(defined($line = <WHO>)) { chop $line; # Some of these have CRs, too. $line =~ s/\r//g; # Look for any net names in parens. $line =~ /\((NET-[\w-]+)\)/ && do { $netname = $1; }; next unless (($arg, $val) = split(/ *: */, $line, 2)); # Extract any email addresses; $arg =~ /mail/i && do { $email{$val} = 1; # If it's the abuse email, that's enough for us. last if $arg =~ /abuseemail/i; }; $arg =~ /trouble/i && do { $val =~ /([EMAIL PROTECTED])/ && ($email{$1} = 1); next; }; $arg =~ /remarks/i && do { $val =~ /([EMAIL PROTECTED])/ && ($email{$1} = 1); next; }; # Take the first state entry. $line =~ /state/i && do { $state = $val unless $state; next; }; # Take the first country entry. $line =~ /country/i && do { $country = $val unless $country; next; }; # Catch-all $line =~ /([EMAIL PROTECTED])/ && ($email{$1} = 1); } close WHO; ($state || $country) && print "Owner is in $state, $country\n"; %email && print "Email to ", join(", ", sort keys %email), "\n"; } else { warn "Could not run whois: $!\n"; } $netname && do { # warn "netname found: $netname"; $netname ne $arg && &whois($netname); } } =================8<-------------------------------- Cheers, -- Bob McClure, Jr. Bobcat Open Systems, Inc. [EMAIL PROTECTED] http://www.bobcatos.com If my people, who are called by my name, will humble themselves and pray and seek my face and turn from their wicked ways, then will I hear from heaven and will forgive their sin and will heal their land. 2 Chronicles 7:14 (NIV)
