Re: pcre header_checks
some lines from header_check file: /^from:.*root@/ REJECT [SN046] /^from:.*anonymous@*/ REJECT [SN047] /^from:.*@ajufe.org.br/ OK /^from:/ HOLD the *TABLE SEARCH ORDER documentation says:* When a pattern is found that matches the input line, the corresponding action is executed and then the next input line is inspected. So, if i have some rejects and OKs before hold, it will not hold right? postfix log file: Dec 7 16:57:03 srvchunk01 postfix/smtpd[35383]: 2E1DB2111FE: client=li389-50.members.linode.com[106.187.46.50] Dec 7 16:57:03 srvchunk01 postfix/cleanup[42501]: 2E1DB2111FE: warning: header Subject: fw:Financiamento aprovado Volkswagen Leasing. from li389-50.members.linode.com[106.187.46.50]; from=r...@li389-50.members.linode.com to=carlos.bran...@trf1.gov.br proto=ESMTP helo=li389-50.members.linode.com Dec 7 16:57:03 srvchunk01 postfix/cleanup[42501]: 2E1DB2111FE: hold: header From: s...@volkswagen.com.br from li389-50.members.linode.com[106.187.46.50]; from=r...@li389-50.members.linode.com to=x...@yyy.zzz.br proto=ESMTP helo=li389-50.members.linode.com Dec 7 16:57:03 srvchunk01 postfix/cleanup[42501]: 2E1DB2111FE: message-id=20111207181748.253f71073...@li389-50.members.linode.com att, Marcello Coutinho On Wed, Dec 7, 2011 at 4:52 PM, Ralf Hildebrandt ralf.hildebra...@charite.de wrote: * Marcello Coutinho marcellocouti...@gmail.com: Hi all, I'm new to this list so forgive me if it was already posted here. I'm unsing pcre to filter header_checks, but not all rules are working /^from:.*root@/ REJECT [SN046] is not working Define not working. What kind of mail should it block? Show an example. log with masked recipients: Search Results*Date**From**to**Delay**Status*Dec 7 01:13:31 r...@mx.unifacs.brxxx.yyy@zzz.br5.1sentDec 7 01:09:12r...@globo.com xxx.yyy@zzz.br5.1sentDec 7 01:07:41r...@globo.comxxx.yyy@zzz.br5sent This is not a log from postfix.
Re: pcre header_checks
On 12/7/2011 12:03 PM, Marcello Coutinho wrote: Hi all, I'm new to this list so forgive me if it was already posted here. I'm unsing pcre to filter header_checks, but not all rules are working /^from:.*root@/ REJECT [SN046] is not working Don't confuse envelope sender as shown in postfix logs with From: header. -- Noel Jones
Re: pcre header_checks
* Marcello Coutinho marcellocouti...@gmail.com: some lines from header_check file: /^from:.*root@/ REJECT [SN046] /^from:.*anonymous@*/ REJECT [SN047] /^from:.*@ajufe.org.br/ OK /^from:/ HOLD These match headers Dec 7 16:57:03 srvchunk01 postfix/cleanup[42501]: 2E1DB2111FE: warning: header Subject: fw:Financiamento aprovado Volkswagen Leasing. from li389-50.members.linode.com[106.187.46.50]; from=r...@li389-50.members.linode.com this is the ENVELOPE (not the header FROM) Use /^from:/ WARN to see the actual headers. You might want to use check_sender_access instead, judging from your example. -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de
Re: pcre header_checks
Thank you, i'll test and feedback.
On Wed, Dec 7, 2011 at 5:33 PM, Ralf Hildebrandt
ralf.hildebra...@charite.de wrote:
* Marcello Coutinho marcellocouti...@gmail.com:
some lines from header_check file:
/^from:.*root@/ REJECT [SN046]
/^from:.*anonymous@*/ REJECT [SN047]
/^from:.*@ajufe.org.br/ OK
/^from:/ HOLD
These match headers
Dec 7 16:57:03 srvchunk01 postfix/cleanup[42501]: 2E1DB2111FE:
warning: header Subject: fw:Financiamento aprovado Volkswagen Leasing.
from li389-50.members.linode.com[106.187.46.50];
from=r...@li389-50.members.linode.com
this is the ENVELOPE (not the header FROM)
Use
/^from:/ WARN
to see the actual headers. You might want to use check_sender_access
instead, judging from your example.
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
ralf.hildebra...@charite.de | http://www.charite.de
