Re: pcre header_checks
some lines from header_check file: /^from:.*root@/ REJECT [SN046] /^from:.*anonymous@*/ REJECT [SN047] /^from:.*@ajufe.org.br/ OK /^from:/ HOLD the *TABLE SEARCH ORDER documentation says:* When a pattern is found that matches the input line, the corresponding action is executed and then the next input line is inspected. So, if i have some rejects and OKs before hold, it will not hold right? postfix log file: Dec 7 16:57:03 srvchunk01 postfix/smtpd[35383]: 2E1DB2111FE: client=li389-50.members.linode.com[106.187.46.50] Dec 7 16:57:03 srvchunk01 postfix/cleanup[42501]: 2E1DB2111FE: warning: header Subject: fw:Financiamento aprovado Volkswagen Leasing. from li389-50.members.linode.com[106.187.46.50]; from=r...@li389-50.members.linode.com to=carlos.bran...@trf1.gov.br proto=ESMTP helo=li389-50.members.linode.com Dec 7 16:57:03 srvchunk01 postfix/cleanup[42501]: 2E1DB2111FE: hold: header From: s...@volkswagen.com.br from li389-50.members.linode.com[106.187.46.50]; from=r...@li389-50.members.linode.com to=x...@yyy.zzz.br proto=ESMTP helo=li389-50.members.linode.com Dec 7 16:57:03 srvchunk01 postfix/cleanup[42501]: 2E1DB2111FE: message-id=20111207181748.253f71073...@li389-50.members.linode.com att, Marcello Coutinho On Wed, Dec 7, 2011 at 4:52 PM, Ralf Hildebrandt ralf.hildebra...@charite.de wrote: * Marcello Coutinho marcellocouti...@gmail.com: Hi all, I'm new to this list so forgive me if it was already posted here. I'm unsing pcre to filter header_checks, but not all rules are working /^from:.*root@/ REJECT [SN046] is not working Define not working. What kind of mail should it block? Show an example. log with masked recipients: Search Results*Date**From**to**Delay**Status*Dec 7 01:13:31 r...@mx.unifacs.brxxx.yyy@zzz.br5.1sentDec 7 01:09:12r...@globo.com xxx.yyy@zzz.br5.1sentDec 7 01:07:41r...@globo.comxxx.yyy@zzz.br5sent This is not a log from postfix.
Re: pcre header_checks
On 12/7/2011 12:03 PM, Marcello Coutinho wrote: Hi all, I'm new to this list so forgive me if it was already posted here. I'm unsing pcre to filter header_checks, but not all rules are working /^from:.*root@/ REJECT [SN046] is not working Don't confuse envelope sender as shown in postfix logs with From: header. -- Noel Jones
Re: pcre header_checks
* Marcello Coutinho marcellocouti...@gmail.com: some lines from header_check file: /^from:.*root@/ REJECT [SN046] /^from:.*anonymous@*/ REJECT [SN047] /^from:.*@ajufe.org.br/ OK /^from:/ HOLD These match headers Dec 7 16:57:03 srvchunk01 postfix/cleanup[42501]: 2E1DB2111FE: warning: header Subject: fw:Financiamento aprovado Volkswagen Leasing. from li389-50.members.linode.com[106.187.46.50]; from=r...@li389-50.members.linode.com this is the ENVELOPE (not the header FROM) Use /^from:/ WARN to see the actual headers. You might want to use check_sender_access instead, judging from your example. -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de
Re: pcre header_checks
Thank you, i'll test and feedback. On Wed, Dec 7, 2011 at 5:33 PM, Ralf Hildebrandt ralf.hildebra...@charite.de wrote: * Marcello Coutinho marcellocouti...@gmail.com: some lines from header_check file: /^from:.*root@/ REJECT [SN046] /^from:.*anonymous@*/ REJECT [SN047] /^from:.*@ajufe.org.br/ OK /^from:/ HOLD These match headers Dec 7 16:57:03 srvchunk01 postfix/cleanup[42501]: 2E1DB2111FE: warning: header Subject: fw:Financiamento aprovado Volkswagen Leasing. from li389-50.members.linode.com[106.187.46.50]; from=r...@li389-50.members.linode.com this is the ENVELOPE (not the header FROM) Use /^from:/ WARN to see the actual headers. You might want to use check_sender_access instead, judging from your example. -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de