Re: body_checks with postscreen. Test works at blocking, but 'real mail' slips through?

2016-01-18 Thread wilfried.es...@essignetz.de
Am 18.01.2016 um 23:21 schrieb bi...@sent.at: > So now when I send email with the test string in it it gets rejected, I get > this in the reject message > > : host mx.example.com[###.###.###.###] > said: 550 5.7.1 id=04518-01 - Rejected by next-hop MTA on

Re: body_checks with postscreen. Test works at blocking, but 'real mail' slips through?

2016-01-18 Thread billb
Hi Wilfried > As i understand, amavis is putting the "from MTA(smtp > [127.0.0.1]:50100)" into the reject message. I assume, postfix can't > filter this message out, because it's all happening during the smtp > dialog, while getting the mail from sending outside server. You will > have to rewrite

Re: body_checks with postscreen. Test works at blocking, but 'real mail' slips through?

2016-01-18 Thread Christian Kivalo
Save the message to a file. And test like this: % postmap -q - pcre:/etc/postfix/body_checks.pcre So does this. cat << EOF > /tmp/testfile TEST BAD CONTENT EOF postmap -q - pcre:/etc/postfix/body_checks.pcre You could use the message file from your imap server or look at the raw message

Re: body_checks with postscreen. Test works at blocking, but 'real mail' slips through?

2016-01-18 Thread Noel Jones
On 1/18/2016 3:28 PM, bi...@sent.at wrote: > Hi Wietse > > On Mon, Jan 18, 2016, at 01:20 PM, Wietse Venema wrote: >> bi...@sent.at: >>> postconf -n | grep body_checks >>> body_checks = /etc/postfix/body_checks.pcre >> >> That's your problem. You have SPACE before body_checks. > > No sorry .

Re: body_checks with postscreen. Test works at blocking, but 'real mail' slips through?

2016-01-18 Thread Patrick Ben Koetter
* bi...@sent.at : > Hi Patrick > > Thanks for the reply. > > > To clarify: postscreen never sees a message body. It probes the client IP > > and > > fakes a few SMTP commands, but that's it. > > Ok, took me a couple of rereads, but it's not postscreen doing the check. > It's

Re: body_checks with postscreen. Test works at blocking, but 'real mail' slips through?

2016-01-18 Thread billb
Hi Patrick Thanks for the reply. > To clarify: postscreen never sees a message body. It probes the client IP and > fakes a few SMTP commands, but that's it. Ok, took me a couple of rereads, but it's not postscreen doing the check. It's that postscreen is "part 1" of several checks. > The

Re: body_checks with postscreen. Test works at blocking, but 'real mail' slips through?

2016-01-18 Thread billb
Hi Noel > Or just a really bad job of cut/paste? Damn. Here I am trying to keep things all tidy-like and f'ing it all up with cp-n-paste. Sorry. Typo. Without any monkeying by me, postconf -n body_checks body_checks = pcre:/etc/postfix/body_checks.pcre postconf -n | grep body_checks

Re: body_checks with postscreen. Test works at blocking, but 'real mail' slips through?

2016-01-18 Thread billb
Re-looking at my config, I set up Postfix to 1) receive via postfix 2) hand off what passes postscreen and the body_checks to amavis So I have master.cf [mx.example.com]:25 inet n - n - 1 postscreen -o smtpd_service_name=ps-int ps-int pass - - n - - smtpd -o

Re: body_checks with postscreen. Test works at blocking, but 'real mail' slips through?

2016-01-18 Thread Patrick Ben Koetter
* bi...@sent.at : > Hi > > I'm building my 1st Postfix server and working on getting Postscreen setup. > > I RTFM here > > http://www.postfix.org/POSTSCREEN_README.html > > Where it says > > The third layer performs light-weight content inspection with the Postfix >

Re: body_checks with postscreen. Test works at blocking, but 'real mail' slips through?

2016-01-18 Thread Wietse Venema
bi...@sent.at: > postconf -n | grep body_checks > body_checks = /etc/postfix/body_checks.pcre That's your problem. You have SPACE before body_checks. Wietse

Re: body_checks with postscreen. Test works at blocking, but 'real mail' slips through?

2016-01-18 Thread billb
Hi Wietse On Mon, Jan 18, 2016, at 01:20 PM, Wietse Venema wrote: > bi...@sent.at: > > postconf -n | grep body_checks > > body_checks = /etc/postfix/body_checks.pcre > > That's your problem. You have SPACE before body_checks. No sorry . That's just me. I indented output 'vs' input like I

Re: body_checks with postscreen. Test works at blocking, but 'real mail' slips through?

2016-01-18 Thread wilfried.es...@essignetz.de
Hi, seems you are using amavis in before-queue mode?. As i remember, a proxy-smtpd, doesn't do any header- and body-checks The more interresting master.cf lines are the ones who get the mail from amavis. Do you have somthing like -o receive_override_options=no_header_body_checks or

Re: body_checks with postscreen. Test works at blocking, but 'real mail' slips through?

2016-01-18 Thread billb
Hi Wilfried > seems you are using amavis in before-queue mode? Yep, at this first step it's before-queue > As i remember, a proxy-smtpd, doesn't do any header- and body-checks Ok, so I must have missed that :-/ I don't yet grok all the details of before-VS-after queuing. WOrkinf on that -