Gerard Seibert wrote:
On Sunday October 15, 2006 at 03:21:37 (PM) Erik Norgaard wrote:
Ian Smith wrote:
Maybe I didn't make clear how the filtering in Postfix works? Each
header line is unwrapped and then filtered independent of the others.
There is no info as to if that is the first or last Received line.
I can make a rule to reject the mail. And I can make a rule that accept
a given header line, but the remaining header will still be filtered and
I can't make a header check for Received cause checks for content-type
to be skipped.
Nor can I make incoming mail from white listed servers skip the header
checks. The two things are independent: The first applies when
establishing the connection: HELO, MAIL FROM, RCPT TO etc. The header
checks are invoked if the initial delivery request was accepted.
Yes, that sucks, but that's how Postfix works.
Are you sure about that? I use Postfix myself and that does not appear
to be correct, although it might be. Have you ever posted this question
on the postfix forum? <[EMAIL PROTECTED]> There are some pretty
sharp individuals there who might be able to give you some advice.
I am certain that:
1) header/body checks are independent of the smtpd_restrictions - I can
send a mail that is rejected even though I have authenticated and permit
2) OK when a header line is matched does not affect the parsing of other
header lines, and if you think about it you wouldn't want that: Then it
would be possible to include a secret keyword or forged header line in
the top of the header to get by the other rules.
Basically, the only line that you can trust is the first Received which
our server inserted - which as mentioned is waste to check. So, no
header check in itself should allow an entire mail.
There is a FILTER keyword which you can use to "tag" a mail for further
content filtering. That action is taken after all the header checks have
Ph: +34.666334818 web: http://www.locolomo.org
X.509 Certificate: http://www.locolomo.org/crt/8D03551FFCE04F0C.crt
Key ID: 69:79:B8:2C:E3:8F:E7:BE:5D:C3:C3:B1:74:62:B8:3F:9F:1F:69:B9
firstname.lastname@example.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"