* bi...@sent.at <bi...@sent.at>: > Hi > > I'm building my 1st Postfix server and working on getting Postscreen setup. > > I RTFM here > > http://www.postfix.org/POSTSCREEN_README.html > > Where it says > > The third layer performs light-weight content inspection with the Postfix > built-in header_checks and body_checks. This can block unacceptable > attachments such as > executable programs, and worms or viruses with easy-to-recognize signatures.
To clarify: postscreen never sees a message body. It probes the client IP and fakes a few SMTP commands, but that's it. However your content test should work. > So in my main.cf I added > > body_checks = /etc/postfix/body_checks.pcre > > Checked that it's in there > > postconf -n | grep body_checks > body_checks = /etc/postfix/body_checks.pcre The right [tm] method would be to use the postconf utility and let it return the parameter setting: % postconf -n body_checks If it does not return anything chances are you mistyped the parameter or something similiar. (That's make makes postconf better than grep). > and edited > > /etc/postfix/body_checks.pcre > /TEST BAD CONTENT/ REJECT 554 5.7.1 Message not allowed > > Then I test it with > > postmap -q "TEST BAD CONTENT" pcre:/etc/postfix/body_checks.pcre > REJECT 554 5.7.1 [P5] Message not allowed > > So it looks ok to me. > > But then I send myself a test message from gmail, making sure the text "TEST > BAD CONTENT" is in the body. > > And it passes right through :-( Save the message to a file. And test like this: % postmap -q - pcre:/etc/postfix/body_checks.pcre <messagefile p@rick -- [*] sys4 AG https://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein