From 839598fac9a89e1641767344603e05afdf029209 Mon Sep 17 00:00:00 2001
From: Paul Menzel <pmenzel@molgen.mpg.de>
Date: Tue, 9 Dec 2025 14:46:34 +0100
Subject: [PATCH 1/2] misc: Add validate.pl to check for reject identifier
 presence

Basically the script checks with the regular expression below:

        if ($is_regexp) {
            $re = qr"^/(.+)/ REJECT \(#$tag(\d+)\)$";
        } else {
            $re = qr"^(\S+) \(#$tag(\d+)\)$";
        }

The identifiers are added to the reject message, so that problems can be
pinpointed more easily in case of complaints.
---
 misc/validate.pl | 63 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 63 insertions(+)
 create mode 100755 misc/validate.pl

diff --git a/misc/validate.pl b/misc/validate.pl
new file mode 100755
index 0000000..e10001e
--- /dev/null
+++ b/misc/validate.pl
@@ -0,0 +1,63 @@
+#! /usr/bin/perl
+use strict;
+use warnings;
+
+sub do_blacklist {
+    my ($filename, $tag, $is_regexp) = @_;
+    open my $in, '<', $filename or die "$filename: $!\n";
+    my $errors = 0;
+    my $last_id = 0;
+    while (<$in>) {
+        chomp;
+        /^#/ and next;
+        /\S/ or next;
+        my $re;
+        if ($is_regexp) {
+            $re = qr"^/(.+)/ REJECT \(#$tag(\d+)\)$";
+        } else {
+            $re = qr"^(\S+) \(#$tag(\d+)\)$";
+        }
+        if (my ($inner, $id) = $_ =~ $re) {
+            if ($is_regexp) {
+                eval {
+                    my $test = qr/$inner/;
+                };
+                if ($@) {
+                    $@ =~ s / at \S+ line .+\n$//;
+                    warn "$filename: $. : $@\n";
+                    $errors++;
+                }
+            }
+            if ($id > $last_id) {
+                $last_id = $id;
+            } else {
+                $errors++;
+                warn "$filename:$. : ident not increasing: $_\n";
+            }
+            next;
+        }
+
+        warn "$filename:$. : bad format: $_\n";
+        $errors++;
+    }
+    exit 1 if $errors;
+}
+
+
+@ARGV == 1 or die "usage: $0 filename\n";
+my ($filename) = @ARGV;
+if ($filename eq "blacklist_header_rx") {
+    do_blacklist($filename, 'h', 1)
+} elsif ($filename eq 'blacklist_sender_rx') {
+    do_blacklist($filename, 'sx', 1)
+} elsif ($filename eq 'blacklist_sender') {
+    do_blacklist($filename, 's', 0)
+} elsif ($filename eq 'blacklist_client') {
+    do_blacklist($filename, 'c', 0)
+} elsif ($filename eq 'blacklist_client_cidr') {
+    warn "todo\n";
+} elsif ($filename eq 'blacklist_helo') {
+    do_blacklist($filename, 'he', 0)
+} else {
+    die "unknown filename: $filename\n";
+}

From 5b2a5815c1aa987d69de7c0dc7a916c802c93a15 Mon Sep 17 00:00:00 2001
From: Paul Menzel <pmenzel@molgen.mpg.de>
Date: Tue, 9 Dec 2025 14:52:16 +0100
Subject: [PATCH 2/2] misc: Add example Makefile
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Add Makefile to easily copy changed configuration files to the
DFN-MailSupport portal.

    # make
    […]
    # make test
    /project/mx/etc/dfn/dfnmscp -u buczek@molgen.mpg.de -c /project/mx/etc/dfn/.dfnpw test
    Login successful url: https://portal.mailsupport.dfn.de/
---
 misc/Makefile | 69 +++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 69 insertions(+)
 create mode 100644 misc/Makefile

diff --git a/misc/Makefile b/misc/Makefile
new file mode 100644
index 0000000..3a714c8
--- /dev/null
+++ b/misc/Makefile
@@ -0,0 +1,69 @@
+DFNMSCP=/project/mx/etc/dfn/dfnmscp -u buczek@molgen.mpg.de -c /project/mx/etc/dfn/.dfnpw
+
+.PHONY: default
+default: put-if
+
+.PHONY: put-if
+put-if: .blacklist_sender.uploaded .spamassassin-rules.uploaded .blacklist_client.uploaded
+put-if: .blacklist_header_rx.uploaded
+put-if: .blacklist_sender_rx.uploaded
+put-if: .blacklist_client_cidr.uploaded
+put-if: .blacklist_helo.uploaded
+
+.blacklist_sender.uploaded: blacklist_sender
+	./validate.pl blacklist_sender
+	${DFNMSCP} put blacklist_sender postfix/124-1/blacklist_sender && touch $@
+
+.spamassassin-rules.uploaded: spamassassin-rules
+	${DFNMSCP} put spamassassin-rules spamassassin/124-1/rules && touch $@
+
+.blacklist_client.uploaded: blacklist_client
+	./validate.pl blacklist_client
+	${DFNMSCP} put blacklist_client postfix/124-1/blacklist_client && touch $@
+
+.blacklist_header_rx.uploaded: blacklist_header_rx
+	./validate.pl blacklist_header_rx
+	${DFNMSCP} put blacklist_header_rx postfix/124-1/blacklist_header_rx && touch $@
+
+.blacklist_sender_rx.uploaded: blacklist_sender_rx
+	./validate.pl blacklist_sender_rx
+	${DFNMSCP} put blacklist_sender_rx postfix/124-1/blacklist_sender_rx && touch $@
+
+.blacklist_client_cidr.uploaded: blacklist_client_cidr
+	./validate.pl blacklist_client_cidr
+	${DFNMSCP} put blacklist_client_cidr postfix/124-1/blacklist_client_cidr && touch $@
+
+.blacklist_helo.uploaded: blacklist_helo
+	./validate.pl blacklist_helo
+	${DFNMSCP} put blacklist_helo postfix/124-1/blacklist_helo && touch $@
+
+test:
+	${DFNMSCP} test
+
+.PHONY: get-blacklist-sender
+get-blacklist-sender:
+	${DFNMSCP} get postfix/124-1/blacklist_sender blacklist_sender
+
+.PHONY: get-blacklist-sender-rx
+get-blacklist-sender-rx:
+	${DFNMSCP} get postfix/124-1/blacklist_sender_rx blacklist_sender_rx
+
+.PHONY: get-spamassassin-rules
+get-spamassassin-rules:
+	${DFNMSCP} get spamassassin/124-1/rules spamassassin-rules
+
+.PHONY: get-blacklist_client
+get-blacklist_client:
+	${DFNMSCP} get postfix/124-1/blacklist_client blacklist_client
+
+.PHONY: get-blacklist_header_rx
+get-blacklist_header_rx:
+	${DFNMSCP} get postfix/124-1/blacklist_header_rx blacklist_header_rx
+
+.PHONY: get-blacklist_client_cidr
+get-blacklist_client_cidr:
+	${DFNMSCP} get postfix/124-1/blacklist_client_cidr blacklist_client_cidr
+
+.PHONY: get-blacklist_helo
+get-blacklist_helo:
+	${DFNMSCP} get postfix/124-1/blacklist_helo blacklist_helo