mail_get_sender_ip.sh: find (probably) original sender IP based on mail header

2017-01-12 21:47:27 +01:00 · 2017-01-12 21:47:27 +01:00 · 635ba3e91b
commit 635ba3e91b
parent b50c37b3ef
1 changed files with 10 additions and 0 deletions
--- a/mail_get_sender_ip.sh
+++ b/mail_get_sender_ip.sh
@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+#
+# Extracts the IP address from the first 'Received:' header
+dir="$1"
+
+if [ -z $dir ]; then
+	echo "Usage: $(basename $0) <path-to-mailbox>"
+	exit 1
+fi
+for spammail in $(find "$dir" -type f); do grep '^Received:' $spammail | tail -1; done | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'