Hi
I run a postfix 3.5.9 smtp relay for a webserver that sends user signup and
forgot password emails. That's the only use case and the server does not
receive any other emails and neither generates any locally.
I'm trying to prevent leaking internal information (hostname & IP) in
Received header.
For this, I've setup `smtp_header_checks = regexp:/etc/postfix/header_checks`
with the contents:
/^(Received: from \[127\.0\.0\.1\] \(web\d\w+
\[\d+\.\d+\.\d+\.\d+\]\))((.|\n|\t)*)/m REPLACE Received: from email.domain.tld
(email.domain.tld. [1.2.3.4])$2
I've tested the regex on a regex validation website and it identifies group 1
on first line and group 2 the other two lines.
However I've ran a `postmap` test and it only produces the first line, and
skipping the other two lines. With actual incoming emails, replacing does not
happen at all.
The postmap input looks like this:
echo -e "Received: from [127.0.0.1] (web1dev [10.11.12.13])\n\tby
email.domain.tld (Postfix) with ESMTPS id C9056
7E002\n\tfor <em...@gmail.com>; Fri, 8 Mar 2024 19:20:29 +0200 (EET)" |
postmap -q - pcre:/etc/postfix/header_checks
Received: from [127.0.0.1] (web1dev [10.11.12.13]) REPLACE Received:
from email.domain.tld (email.domain.tld. [1.2.3.4])
What I am doing wrong?
#postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
bounce_queue_lifetime = 1d
command_directory = /usr/sbin
compatibility_level = 2
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd
$daemon_directory/$process_name $process_id & sleep 5
header_checks = regexp:/etc/postfix/header_checks
html_directory = no
inet_interfaces = all
inet_protocols = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
maximal_queue_lifetime = 1d
meta_directory = /etc/postfix
mydestination = $myhostname, localhost.$mydomain, localhost
mydomain = $myhostname
myhostname = email.domain.tld
mynetworks = $config_directory/mynetworks
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix/README_FILES
sample_directory = /usr/share/doc/postfix/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
shlib_directory = /usr/lib64/postfix
smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
smtp_tls_CApath = /etc/pki/tls/certs
smtp_tls_security_level = may
smtpd_tls_cert_file = /etc/pki/tls/certs/postfix.pem
smtpd_tls_key_file = /etc/pki/tls/private/postfix.key
smtpd_tls_security_level = may
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
