mirror of https://github.com/tLDP/LDP
86 lines
2.2 KiB
Bash
86 lines
2.2 KiB
Bash
#!/bin/bash
|
|
# Script by Francisco Lobo,
|
|
#+ and slightly modified and commented by ABS Guide author.
|
|
# Used in ABS Guide with permission. (Thank you!)
|
|
|
|
# This script will not run under Bash versions -lt 3.0.
|
|
|
|
|
|
E_MISSING_ARG=87
|
|
if [ -z "$1" ]
|
|
then
|
|
echo "Usage: $0 mailbox-file"
|
|
exit $E_MISSING_ARG
|
|
fi
|
|
|
|
mbox_grep() # Parse mailbox file.
|
|
{
|
|
declare -i body=0 match=0
|
|
declare -a date sender
|
|
declare mail header value
|
|
|
|
|
|
while IFS= read -r mail
|
|
# ^^^^ Reset $IFS.
|
|
# Otherwise "read" will strip leading & trailing space from its input.
|
|
|
|
do
|
|
if [[ $mail =~ ^From ]] # Match "From" field in message.
|
|
then
|
|
(( body = 0 )) # "Zero out" variables.
|
|
(( match = 0 ))
|
|
unset date
|
|
|
|
elif (( body ))
|
|
then
|
|
(( match ))
|
|
# echo "$mail"
|
|
# Uncomment above line if you want entire body
|
|
#+ of message to display.
|
|
|
|
elif [[ $mail ]]; then
|
|
IFS=: read -r header value <<< "$mail"
|
|
# ^^^ "here string"
|
|
|
|
case "$header" in
|
|
[Ff][Rr][Oo][Mm] ) [[ $value =~ "$2" ]] && (( match++ )) ;;
|
|
# Match "From" line.
|
|
[Dd][Aa][Tt][Ee] ) read -r -a date <<< "$value" ;;
|
|
# ^^^
|
|
# Match "Date" line.
|
|
[Rr][Ee][Cc][Ee][Ii][Vv][Ee][Dd] ) read -r -a sender <<< "$value" ;;
|
|
# ^^^
|
|
# Match IP Address (may be spoofed).
|
|
esac
|
|
|
|
else
|
|
(( body++ ))
|
|
(( match )) &&
|
|
echo "MESSAGE ${date:+of: ${date[*]} }"
|
|
# Entire $date array ^
|
|
echo "IP address of sender: ${sender[1]}"
|
|
# Second field of "Received" line ^
|
|
|
|
fi
|
|
|
|
|
|
done < "$1" # Redirect stdout of file into loop.
|
|
}
|
|
|
|
|
|
mbox_grep "$1" # Send mailbox file to function.
|
|
|
|
exit $?
|
|
|
|
# Exercises:
|
|
# ---------
|
|
# 1) Break the single function, above, into multiple functions,
|
|
#+ for the sake of readability.
|
|
# 2) Add additional parsing to the script, checking for various keywords.
|
|
|
|
|
|
|
|
$ mailbox_grep.sh scam_mail
|
|
MESSAGE of Thu, 5 Jan 2006 08:00:56 -0500 (EST)
|
|
IP address of sender: 196.3.62.4
|