email parsing->mysql:: Can someone explain me this perl script?

From: albatroz (alejandro.lengua_at_gmail.com)
Date: 08/30/04 

Date: 30 Aug 2004 11:20:50 -0700

I am a perl noob that can learn if you give me a hand.
I currently need a script to read emails using email piping,
extract some information and put it inside a MySQL database.

The reason? Make some statistics of my email server antivirus.

The sample body of my emails is as follows:

-----------------> Source of Sample email source <---------

From: "MailScanner" <postmaster@mydomain.com>
To: postmaster@mail.mydomain.com
Subject: Advertencia: Virus detectado en e-mail
Message-Id: <E1C1YEW-000372-5g@mail.mydomain.com>
Date: Sun, 29 Aug 2004 17:33:08 -0500
Body:
Se han encontrado virus en el siguiente e-mail:
Sender: noreply@mydomain.org.pe
IP Address: 200.106.12.141.22214
Recipient: mipersona@mydomain.org.pe
 Subject: RETURNED MAIL: SEE TRANSCRIPT FOR DETAILS
MessageID: 1C1YEL-0002Zn-VA
Informe: message.zip contains Worm.Mydoom.M
-----------------> Source of Sample email source <---------

For this purpose I got this script (called amavistat), however
I need that someone tells me what modifications should I do to
to make it work in my case, here I am attaching the source of
the script

#!/usr/bin/perl
# Veghead 2001
# Fixed stupid '=' vs 'eq' bug - Veghead 2003-08-14
#
# changes 18.08.03 - Marcus Schopen <marcus@localguru.de>

use DBD::mysql;
$server='localhost';
$dbname='amavistat';
$table='virus';
$username='xxx';
$password='xxx';

$state="inheader";
$dbh=DBI->connect("DBI:mysql:$dbname:$server",$username,$password) or
                                        die("Can't connect to MySQL");

$state="inheader";

while(<>) {
        chomp;
        if ($state eq "inheader") {
                if (length($_)<2) {$state="inbody";}
                elsif ($_=~/^Subject: VIRUS FROM <(.*)> \((.*)\)/) {
                        $virusfrom=$1;
                        $viruses=$2;
                        $viruswarn++;
                }
        } elsif ($state="inbody") {
                if ($_=~/^-> <([^\@]+\@[^\@]+)>/) {
                        $virusto=$1;
                        if ($viruswarn) {do_something();}
                }
        }
}

sub do_something {
        foreach $vname ($viruses) {
                print "From: $virusfrom\nTo: $virusto\nVirus: $vname\n\n";
                $sth = $dbh->prepare("insert into $table values
                                        (0,now(),'$virusfrom','$virusto',
                                        '$vname')");
                $sth->execute;
                $sth->finish;
        }
}

Relevant Pages

  • Re: OT: spammers are using my domain again
    ... our virtual hosting servers and boom 150 returned emails from the ... Server load wasn't jumping ... Its a simple script that is written in php and can use a DB to retrieve ... they do anything) and the other hosting company that the file was ...
    (Fedora)
  • Re: Reading remote Session ID
    ... require that the IP that makes the request for the page be the same ... capability of the user, if it's a script the js will fail, so require ... I am using the free version of SPAMfighter for private users. ... It has removed 1384 spam emails to date. ...
    (alt.php)
  • Re: [PHP] limiting the amount of emails sent at a time in a batch send
    ... I want to limit these script two send 100 email and then pause for a few ... all the emails that are dated for today. ... I am using swift ... used for many unique mails. ...
    (php.general)
  • Re: Reading remote Session ID
    ... Perhaps you can just make it harder for the script by ... require that the IP that makes the request for the page be the same ... Using a session i nice here. ... It has removed 1384 spam emails to date. ...
    (alt.php)
  • Re: Port Scanner Reports
    ... In port scanning, ... A routine schedule system that emails ... I have been using a homemade script for both. ... and emails changes for each host scanned. ...
    (Pen-Test)