| 192 |
- |
1 |
# HEADER_CHECKS(5) HEADER_CHECKS(5)
|
|
|
2 |
#
|
|
|
3 |
# NAME
|
|
|
4 |
# header_checks - Postfix built-in content inspection
|
|
|
5 |
#
|
|
|
6 |
# SYNOPSIS
|
|
|
7 |
# header_checks = pcre:/etc/postfix/header_checks
|
|
|
8 |
# mime_header_checks = pcre:/etc/postfix/mime_header_checks
|
|
|
9 |
# nested_header_checks = pcre:/etc/postfix/nested_header_checks
|
|
|
10 |
# body_checks = pcre:/etc/postfix/body_checks
|
|
|
11 |
#
|
|
|
12 |
# milter_header_checks = pcre:/etc/postfix/milter_header_checks
|
|
|
13 |
#
|
|
|
14 |
# smtp_header_checks = pcre:/etc/postfix/smtp_header_checks
|
|
|
15 |
# smtp_mime_header_checks = pcre:/etc/postfix/smtp_mime_header_checks
|
|
|
16 |
# smtp_nested_header_checks = pcre:/etc/postfix/smtp_nested_header_checks
|
|
|
17 |
# smtp_body_checks = pcre:/etc/postfix/smtp_body_checks
|
|
|
18 |
#
|
|
|
19 |
# postmap -q "string" pcre:/etc/postfix/filename
|
|
|
20 |
# postmap -q - pcre:/etc/postfix/filename <inputfile
|
|
|
21 |
#
|
|
|
22 |
# DESCRIPTION
|
|
|
23 |
# This document describes access control on the content of
|
|
|
24 |
# message headers and message body lines; it is implemented
|
|
|
25 |
# by the Postfix cleanup(8) server before mail is queued.
|
|
|
26 |
# See access(5) for access control on remote SMTP client
|
|
|
27 |
# information.
|
|
|
28 |
#
|
|
|
29 |
# Each message header or message body line is compared
|
|
|
30 |
# against a list of patterns. When a match is found the
|
|
|
31 |
# corresponding action is executed, and the matching process
|
|
|
32 |
# is repeated for the next message header or message body
|
|
|
33 |
# line.
|
|
|
34 |
#
|
|
|
35 |
# Note: message headers are examined one logical header at a
|
|
|
36 |
# time, even when a message header spans multiple lines.
|
|
|
37 |
# Body lines are always examined one line at a time.
|
|
|
38 |
#
|
|
|
39 |
# For examples, see the EXAMPLES section at the end of this
|
|
|
40 |
# manual page.
|
|
|
41 |
#
|
|
|
42 |
# Postfix header or body_checks are designed to stop a flood
|
|
|
43 |
# of mail from worms or viruses; they do not decode attach-
|
|
|
44 |
# ments, and they do not unzip archives. See the documents
|
|
|
45 |
# referenced below in the README FILES section if you need
|
|
|
46 |
# more sophisticated content analysis.
|
|
|
47 |
#
|
|
|
48 |
# FILTERS WHILE RECEIVING MAIL
|
|
|
49 |
# Postfix implements the following four built-in content
|
|
|
50 |
# inspection classes while receiving mail:
|
|
|
51 |
#
|
|
|
52 |
# header_checks (default: empty)
|
|
|
53 |
# These are applied to initial message headers
|
|
|
54 |
# (except for the headers that are processed with
|
|
|
55 |
# mime_header_checks).
|
|
|
56 |
#
|
|
|
57 |
# mime_header_checks (default: $header_checks)
|
|
|
58 |
# These are applied to MIME related message headers
|
|
|
59 |
# only.
|
|
|
60 |
#
|
|
|
61 |
# This feature is available in Postfix 2.0 and later.
|
|
|
62 |
#
|
|
|
63 |
# nested_header_checks (default: $header_checks)
|
|
|
64 |
# These are applied to message headers of attached
|
|
|
65 |
# email messages (except for the headers that are
|
|
|
66 |
# processed with mime_header_checks).
|
|
|
67 |
#
|
|
|
68 |
# This feature is available in Postfix 2.0 and later.
|
|
|
69 |
#
|
|
|
70 |
# body_checks
|
|
|
71 |
# These are applied to all other content, including
|
|
|
72 |
# multi-part message boundaries.
|
|
|
73 |
#
|
|
|
74 |
# With Postfix versions before 2.0, all content after
|
|
|
75 |
# the initial message headers is treated as body con-
|
|
|
76 |
# tent.
|
|
|
77 |
#
|
|
|
78 |
# FILTERS AFTER RECEIVING MAIL
|
|
|
79 |
# Postfix supports a subset of the built-in content inspec-
|
|
|
80 |
# tion classes after the message is received:
|
|
|
81 |
#
|
|
|
82 |
# milter_header_checks (default: empty)
|
|
|
83 |
# These are applied to headers that are added with
|
|
|
84 |
# Milter applications.
|
|
|
85 |
#
|
|
|
86 |
# This feature is available in Postfix 2.7 and later.
|
|
|
87 |
#
|
|
|
88 |
# FILTERS WHILE DELIVERING MAIL
|
|
|
89 |
# Postfix supports all four content inspection classes while
|
|
|
90 |
# delivering mail via SMTP.
|
|
|
91 |
#
|
|
|
92 |
# smtp_header_checks (default: empty)
|
|
|
93 |
#
|
|
|
94 |
# smtp_mime_header_checks (default: empty)
|
|
|
95 |
#
|
|
|
96 |
# smtp_nested_header_checks (default: empty)
|
|
|
97 |
#
|
|
|
98 |
# smtp_body_checks (default: empty)
|
|
|
99 |
# These features are available in Postfix 2.5 and
|
|
|
100 |
# later.
|
|
|
101 |
#
|
|
|
102 |
# COMPATIBILITY
|
|
|
103 |
# With Postfix version 2.2 and earlier specify "postmap -fq"
|
|
|
104 |
# to query a table that contains case sensitive patterns. By
|
|
|
105 |
# default, regexp: and pcre: patterns are case insensitive.
|
|
|
106 |
#
|
|
|
107 |
# TABLE FORMAT
|
|
|
108 |
# This document assumes that header and body_checks rules
|
|
|
109 |
# are specified in the form of Postfix regular expression
|
|
|
110 |
# lookup tables. Usually the best performance is obtained
|
|
|
111 |
# with pcre (Perl Compatible Regular Expression) tables. The
|
|
|
112 |
# regexp (POSIX regular expressions) tables are usually
|
|
|
113 |
# slower, but more widely available. Use the command "post-
|
|
|
114 |
# conf -m" to find out what lookup table types your Postfix
|
|
|
115 |
# system supports.
|
|
|
116 |
#
|
|
|
117 |
# The general format of Postfix regular expression tables is
|
|
|
118 |
# given below. For a discussion of specific pattern or
|
|
|
119 |
# flags syntax, see pcre_table(5) or regexp_table(5),
|
|
|
120 |
# respectively.
|
|
|
121 |
#
|
|
|
122 |
# /pattern/flags action
|
|
|
123 |
# When /pattern/ matches the input string, execute
|
|
|
124 |
# the corresponding action. See below for a list of
|
|
|
125 |
# possible actions.
|
|
|
126 |
#
|
|
|
127 |
# !/pattern/flags action
|
|
|
128 |
# When /pattern/ does not match the input string,
|
|
|
129 |
# execute the corresponding action.
|
|
|
130 |
#
|
|
|
131 |
# if /pattern/flags
|
|
|
132 |
#
|
|
|
133 |
# endif If the input string matches /pattern/, then match
|
|
|
134 |
# that input string against the patterns between if
|
|
|
135 |
# and endif. The if..endif can nest.
|
|
|
136 |
#
|
|
|
137 |
# Note: do not prepend whitespace to patterns inside
|
|
|
138 |
# if..endif.
|
|
|
139 |
#
|
|
|
140 |
# if !/pattern/flags
|
|
|
141 |
#
|
|
|
142 |
# endif If the input string does not match /pattern/, then
|
|
|
143 |
# match that input string against the patterns
|
|
|
144 |
# between if and endif. The if..endif can nest.
|
|
|
145 |
#
|
|
|
146 |
# blank lines and comments
|
|
|
147 |
# Empty lines and whitespace-only lines are ignored,
|
|
|
148 |
# as are lines whose first non-whitespace character
|
|
|
149 |
# is a `#'.
|
|
|
150 |
#
|
|
|
151 |
# multi-line text
|
|
|
152 |
# A pattern/action line starts with non-whitespace
|
|
|
153 |
# text. A line that starts with whitespace continues
|
|
|
154 |
# a logical line.
|
|
|
155 |
#
|
|
|
156 |
# TABLE SEARCH ORDER
|
|
|
157 |
# For each line of message input, the patterns are applied
|
|
|
158 |
# in the order as specified in the table. When a pattern is
|
|
|
159 |
# found that matches the input line, the corresponding
|
|
|
160 |
# action is executed and then the next input line is
|
|
|
161 |
# inspected.
|
|
|
162 |
#
|
|
|
163 |
# TEXT SUBSTITUTION
|
|
|
164 |
# Substitution of substrings from the matched expression
|
|
|
165 |
# into the action string is possible using the conventional
|
|
|
166 |
# Perl syntax ($1, $2, etc.). The macros in the result
|
|
|
167 |
# string may need to be written as ${n} or $(n) if they
|
|
|
168 |
# aren't followed by whitespace.
|
|
|
169 |
#
|
|
|
170 |
# Note: since negated patterns (those preceded by !) return
|
|
|
171 |
# a result when the expression does not match, substitutions
|
|
|
172 |
# are not available for negated patterns.
|
|
|
173 |
#
|
|
|
174 |
# ACTIONS
|
|
|
175 |
# Action names are case insensitive. They are shown in upper
|
|
|
176 |
# case for consistency with other Postfix documentation.
|
|
|
177 |
#
|
|
|
178 |
# BCC user@domain
|
|
|
179 |
# Add the specified address as a BCC recipient, and
|
|
|
180 |
# inspect the next input line. The address must have
|
|
|
181 |
# a local part and domain part. The number of BCC
|
|
|
182 |
# addresses that can be added is limited only by the
|
|
|
183 |
# amount of available storage space.
|
|
|
184 |
#
|
|
|
185 |
# Note 1: the BCC address is added as if it was spec-
|
|
|
186 |
# ified with NOTIFY=NONE. The sender will not be
|
|
|
187 |
# notified when the BCC address is undeliverable, as
|
|
|
188 |
# long as all down-stream software implements RFC
|
|
|
189 |
# 3461.
|
|
|
190 |
#
|
|
|
191 |
# Note 2: this ignores duplicate addresses (with the
|
|
|
192 |
# same delivery status notification options).
|
|
|
193 |
#
|
|
|
194 |
# This feature is available in Postfix 3.0 and later.
|
|
|
195 |
#
|
|
|
196 |
# This feature is not supported with smtp header/body
|
|
|
197 |
# checks.
|
|
|
198 |
#
|
|
|
199 |
# DISCARD optional text...
|
|
|
200 |
# Claim successful delivery and silently discard the
|
|
|
201 |
# message. Do not inspect the remainder of the input
|
|
|
202 |
# message. Log the optional text if specified, oth-
|
|
|
203 |
# erwise log a generic message.
|
|
|
204 |
#
|
|
|
205 |
# Note: this action disables further header or
|
|
|
206 |
# body_checks inspection of the current message and
|
|
|
207 |
# affects all recipients. To discard only one recip-
|
|
|
208 |
# ient without discarding the entire message, use the
|
|
|
209 |
# transport(5) table to direct mail to the discard(8)
|
|
|
210 |
# service.
|
|
|
211 |
#
|
|
|
212 |
# This feature is available in Postfix 2.0 and later.
|
|
|
213 |
#
|
|
|
214 |
# This feature is not supported with smtp header/body
|
|
|
215 |
# checks.
|
|
|
216 |
#
|
|
|
217 |
# DUNNO Pretend that the input line did not match any pat-
|
|
|
218 |
# tern, and inspect the next input line. This action
|
|
|
219 |
# can be used to shorten the table search.
|
|
|
220 |
#
|
|
|
221 |
# For backwards compatibility reasons, Postfix also
|
|
|
222 |
# accepts OK but it is (and always has been) treated
|
|
|
223 |
# as DUNNO.
|
|
|
224 |
#
|
|
|
225 |
# This feature is available in Postfix 2.1 and later.
|
|
|
226 |
#
|
|
|
227 |
# FILTER transport:destination
|
|
|
228 |
# Override the content_filter parameter setting, and
|
|
|
229 |
# inspect the next input line. After the message is
|
|
|
230 |
# queued, send the entire message through the speci-
|
|
|
231 |
# fied external content filter. The transport name
|
|
|
232 |
# specifies the first field of a mail delivery agent
|
|
|
233 |
# definition in master.cf; the syntax of the next-hop
|
|
|
234 |
# destination is described in the manual page of the
|
|
|
235 |
# corresponding delivery agent. More information
|
|
|
236 |
# about external content filters is in the Postfix
|
|
|
237 |
# FILTER_README file.
|
|
|
238 |
#
|
|
|
239 |
# Note 1: do not use $number regular expression sub-
|
|
|
240 |
# stitutions for transport or destination unless you
|
|
|
241 |
# know that the information has a trusted origin.
|
|
|
242 |
#
|
|
|
243 |
# Note 2: this action overrides the main.cf con-
|
|
|
244 |
# tent_filter setting, and affects all recipients of
|
|
|
245 |
# the message. In the case that multiple FILTER
|
|
|
246 |
# actions fire, only the last one is executed.
|
|
|
247 |
#
|
|
|
248 |
# Note 3: the purpose of the FILTER command is to
|
|
|
249 |
# override message routing. To override the recipi-
|
|
|
250 |
# ent's transport but not the next-hop destination,
|
|
|
251 |
# specify an empty filter destination (Postfix 2.7
|
|
|
252 |
# and later), or specify a transport:destination that
|
|
|
253 |
# delivers through a different Postfix instance
|
|
|
254 |
# (Postfix 2.6 and earlier). Other options are using
|
|
|
255 |
# the recipient-dependent transport_maps or the sen-
|
|
|
256 |
# der-dependent sender_dependent_default_transport-
|
|
|
257 |
# _maps features.
|
|
|
258 |
#
|
|
|
259 |
# This feature is available in Postfix 2.0 and later.
|
|
|
260 |
#
|
|
|
261 |
# This feature is not supported with smtp header/body
|
|
|
262 |
# checks.
|
|
|
263 |
#
|
|
|
264 |
# HOLD optional text...
|
|
|
265 |
# Arrange for the message to be placed on the hold
|
|
|
266 |
# queue, and inspect the next input line. The mes-
|
|
|
267 |
# sage remains on hold until someone either deletes
|
|
|
268 |
# it or releases it for delivery. Log the optional
|
|
|
269 |
# text if specified, otherwise log a generic message.
|
|
|
270 |
#
|
|
|
271 |
# Mail that is placed on hold can be examined with
|
|
|
272 |
# the postcat(1) command, and can be destroyed or
|
|
|
273 |
# released with the postsuper(1) command.
|
|
|
274 |
#
|
|
|
275 |
# Note: use "postsuper -r" to release mail that was
|
|
|
276 |
# kept on hold for a significant fraction of $maxi-
|
|
|
277 |
# mal_queue_lifetime or $bounce_queue_lifetime, or
|
|
|
278 |
# longer. Use "postsuper -H" only for mail that will
|
|
|
279 |
# not expire within a few delivery attempts.
|
|
|
280 |
#
|
|
|
281 |
# Note: this action affects all recipients of the
|
|
|
282 |
# message.
|
|
|
283 |
#
|
|
|
284 |
# This feature is available in Postfix 2.0 and later.
|
|
|
285 |
#
|
|
|
286 |
# This feature is not supported with smtp header/body
|
|
|
287 |
# checks.
|
|
|
288 |
#
|
|
|
289 |
# IGNORE Delete the current line from the input, and inspect
|
|
|
290 |
# the next input line. See STRIP for an alternative
|
|
|
291 |
# that logs the action.
|
|
|
292 |
#
|
|
|
293 |
# INFO optional text...
|
|
|
294 |
# Log an "info:" record with the optional text... (or
|
|
|
295 |
# log a generic text), and inspect the next input
|
|
|
296 |
# line. This action is useful for routine logging or
|
|
|
297 |
# for debugging.
|
|
|
298 |
#
|
|
|
299 |
# This feature is available in Postfix 2.8 and later.
|
|
|
300 |
#
|
|
|
301 |
# PASS optional text...
|
|
|
302 |
# Log a "pass:" record with the optional text... (or
|
|
|
303 |
# log a generic text), and turn off header, body, and
|
|
|
304 |
# Milter inspection for the remainder of this mes-
|
|
|
305 |
# sage.
|
|
|
306 |
#
|
|
|
307 |
# Note: this feature relies on trust in information
|
|
|
308 |
# that is easy to forge.
|
|
|
309 |
#
|
|
|
310 |
# This feature is available in Postfix 3.2 and later.
|
|
|
311 |
#
|
|
|
312 |
# This feature is not supported with smtp header/body
|
|
|
313 |
# checks.
|
|
|
314 |
#
|
|
|
315 |
# PREPEND text...
|
|
|
316 |
# Prepend one line with the specified text, and
|
|
|
317 |
# inspect the next input line.
|
|
|
318 |
#
|
|
|
319 |
# Notes:
|
|
|
320 |
#
|
|
|
321 |
# o The prepended text is output on a separate
|
|
|
322 |
# line, immediately before the input that
|
|
|
323 |
# triggered the PREPEND action.
|
|
|
324 |
#
|
|
|
325 |
# o The prepended text is not considered part of
|
|
|
326 |
# the input stream: it is not subject to
|
|
|
327 |
# header/body checks or address rewriting, and
|
|
|
328 |
# it does not affect the way that Postfix adds
|
|
|
329 |
# missing message headers.
|
|
|
330 |
#
|
|
|
331 |
# o When prepending text before a message header
|
|
|
332 |
# line, the prepended text must begin with a
|
|
|
333 |
# valid message header label.
|
|
|
334 |
#
|
|
|
335 |
# o This action cannot be used to prepend
|
|
|
336 |
# multi-line text.
|
|
|
337 |
#
|
|
|
338 |
# This feature is available in Postfix 2.1 and later.
|
|
|
339 |
#
|
|
|
340 |
# This feature is not supported with mil-
|
|
|
341 |
# ter_header_checks.
|
|
|
342 |
#
|
|
|
343 |
# REDIRECT user@domain
|
|
|
344 |
# Write a message redirection request to the queue
|
|
|
345 |
# file, and inspect the next input line. After the
|
|
|
346 |
# message is queued, it will be sent to the specified
|
|
|
347 |
# address instead of the intended recipient(s).
|
|
|
348 |
#
|
|
|
349 |
# Note: this action overrides the FILTER action, and
|
|
|
350 |
# affects all recipients of the message. If multiple
|
|
|
351 |
# REDIRECT actions fire, only the last one is exe-
|
|
|
352 |
# cuted.
|
|
|
353 |
#
|
|
|
354 |
# This feature is available in Postfix 2.1 and later.
|
|
|
355 |
#
|
|
|
356 |
# This feature is not supported with smtp header/body
|
|
|
357 |
# checks.
|
|
|
358 |
#
|
|
|
359 |
# REPLACE text...
|
|
|
360 |
# Replace the current line with the specified text,
|
|
|
361 |
# and inspect the next input line.
|
|
|
362 |
#
|
|
|
363 |
# This feature is available in Postfix 2.2 and later.
|
|
|
364 |
# The description below applies to Postfix 2.2.2 and
|
|
|
365 |
# later.
|
|
|
366 |
#
|
|
|
367 |
# Notes:
|
|
|
368 |
#
|
|
|
369 |
# o When replacing a message header line, the
|
|
|
370 |
# replacement text must begin with a valid
|
|
|
371 |
# header label.
|
|
|
372 |
#
|
|
|
373 |
# o The replaced text remains part of the input
|
|
|
374 |
# stream. Unlike the result from the PREPEND
|
|
|
375 |
# action, a replaced message header may be
|
|
|
376 |
# subject to address rewriting and may affect
|
|
|
377 |
# the way that Postfix adds missing message
|
|
|
378 |
# headers.
|
|
|
379 |
#
|
|
|
380 |
# REJECT optional text...
|
|
|
381 |
# Reject the entire message. Do not inspect the
|
|
|
382 |
# remainder of the input message. Reply with
|
|
|
383 |
# optional text... when the optional text is speci-
|
|
|
384 |
# fied, otherwise reply with a generic error message.
|
|
|
385 |
#
|
|
|
386 |
# Note: this action disables further header or
|
|
|
387 |
# body_checks inspection of the current message and
|
|
|
388 |
# affects all recipients.
|
|
|
389 |
#
|
|
|
390 |
# Postfix version 2.3 and later support enhanced sta-
|
|
|
391 |
# tus codes. When no code is specified at the begin-
|
|
|
392 |
# ning of optional text..., Postfix inserts a default
|
|
|
393 |
# enhanced status code of "5.7.1".
|
|
|
394 |
#
|
|
|
395 |
# This feature is not supported with smtp header/body
|
|
|
396 |
# checks.
|
|
|
397 |
#
|
|
|
398 |
# STRIP optional text...
|
|
|
399 |
# Log a "strip:" record with the optional text... (or
|
|
|
400 |
# log a generic text), delete the input line from the
|
|
|
401 |
# input, and inspect the next input line. See IGNORE
|
|
|
402 |
# for a silent alternative.
|
|
|
403 |
#
|
|
|
404 |
# This feature is available in Postfix 3.2 and later.
|
|
|
405 |
#
|
|
|
406 |
# WARN optional text...
|
|
|
407 |
# Log a "warning:" record with the optional text...
|
|
|
408 |
# (or log a generic text), and inspect the next input
|
|
|
409 |
# line. This action is useful for debugging and for
|
|
|
410 |
# testing a pattern before applying more drastic
|
|
|
411 |
# actions.
|
|
|
412 |
#
|
|
|
413 |
# BUGS
|
|
|
414 |
# Empty lines never match, because some map types mis-behave
|
|
|
415 |
# when given a zero-length search string. This limitation
|
|
|
416 |
# may be removed for regular expression tables in a future
|
|
|
417 |
# release.
|
|
|
418 |
#
|
|
|
419 |
# Many people overlook the main limitations of header and
|
|
|
420 |
# body_checks rules.
|
|
|
421 |
#
|
|
|
422 |
# o These rules operate on one logical message header
|
|
|
423 |
# or one body line at a time. A decision made for one
|
|
|
424 |
# line is not carried over to the next line.
|
|
|
425 |
#
|
|
|
426 |
# o If text in the message body is encoded (RFC 2045)
|
|
|
427 |
# then the rules need to be specified for the encoded
|
|
|
428 |
# form.
|
|
|
429 |
#
|
|
|
430 |
# o Likewise, when message headers are encoded (RFC
|
|
|
431 |
# 2047) then the rules need to be specified for the
|
|
|
432 |
# encoded form.
|
|
|
433 |
#
|
|
|
434 |
# Message headers added by the cleanup(8) daemon itself are
|
|
|
435 |
# excluded from inspection. Examples of such message headers
|
|
|
436 |
# are From:, To:, Message-ID:, Date:.
|
|
|
437 |
#
|
|
|
438 |
# Message headers deleted by the cleanup(8) daemon will be
|
|
|
439 |
# examined before they are deleted. Examples are: Bcc:, Con-
|
|
|
440 |
# tent-Length:, Return-Path:.
|
|
|
441 |
#
|
|
|
442 |
# CONFIGURATION PARAMETERS
|
|
|
443 |
# body_checks
|
|
|
444 |
# Lookup tables with content filter rules for message
|
|
|
445 |
# body lines. These filters see one physical line at
|
|
|
446 |
# a time, in chunks of at most $line_length_limit
|
|
|
447 |
# bytes.
|
|
|
448 |
#
|
|
|
449 |
# body_checks_size_limit
|
|
|
450 |
# The amount of content per message body segment
|
|
|
451 |
# (attachment) that is subjected to $body_checks fil-
|
|
|
452 |
# tering.
|
|
|
453 |
#
|
|
|
454 |
# header_checks
|
|
|
455 |
#
|
|
|
456 |
# mime_header_checks (default: $header_checks)
|
|
|
457 |
#
|
|
|
458 |
# nested_header_checks (default: $header_checks)
|
|
|
459 |
# Lookup tables with content filter rules for message
|
|
|
460 |
# header lines: respectively, these are applied to
|
|
|
461 |
# the initial message headers (not including MIME
|
|
|
462 |
# headers), to the MIME headers anywhere in the mes-
|
|
|
463 |
# sage, and to the initial headers of attached mes-
|
|
|
464 |
# sages.
|
|
|
465 |
#
|
|
|
466 |
# Note: these filters see one logical message header
|
|
|
467 |
# at a time, even when a message header spans multi-
|
|
|
468 |
# ple lines. Message headers that are longer than
|
|
|
469 |
# $header_size_limit characters are truncated.
|
|
|
470 |
#
|
|
|
471 |
# disable_mime_input_processing
|
|
|
472 |
# While receiving mail, give no special treatment to
|
|
|
473 |
# MIME related message headers; all text after the
|
|
|
474 |
# initial message headers is considered to be part of
|
|
|
475 |
# the message body. This means that header_checks is
|
|
|
476 |
# applied to all the initial message headers, and
|
|
|
477 |
# that body_checks is applied to the remainder of the
|
|
|
478 |
# message.
|
|
|
479 |
#
|
|
|
480 |
# Note: when used in this manner, body_checks will
|
|
|
481 |
# process a multi-line message header one line at a
|
|
|
482 |
# time.
|
|
|
483 |
#
|
|
|
484 |
# EXAMPLES
|
|
|
485 |
# Header pattern to block attachments with bad file name
|
|
|
486 |
# extensions. For convenience, the PCRE /x flag is speci-
|
|
|
487 |
# fied, so that there is no need to collapse the pattern
|
|
|
488 |
# into a single line of text. The purpose of the
|
|
|
489 |
# [[:xdigit:]] sub-expressions is to recognize Windows CLSID
|
|
|
490 |
# strings.
|
|
|
491 |
#
|
|
|
492 |
# /etc/postfix/main.cf:
|
|
|
493 |
# header_checks = pcre:/etc/postfix/header_checks.pcre
|
|
|
494 |
#
|
|
|
495 |
# /etc/postfix/header_checks.pcre:
|
|
|
496 |
# /^Content-(Disposition|Type).*name\s*=\s*"?([^;]*(\.|=2E)(
|
|
|
497 |
# ade|adp|asp|bas|bat|chm|cmd|com|cpl|crt|dll|exe|
|
|
|
498 |
# hlp|ht[at]|
|
|
|
499 |
# inf|ins|isp|jse?|lnk|md[betw]|ms[cipt]|nws|
|
|
|
500 |
# \{[[:xdigit:]]{8}(?:-[[:xdigit:]]{4}){3}-[[:xdigit:]]{12}\}|
|
|
|
501 |
# ops|pcd|pif|prf|reg|sc[frt]|sh[bsm]|swf|
|
|
|
502 |
# vb[esx]?|vxd|ws[cfh]))(\?=)?"?\s*(;|$)/x
|
|
|
503 |
# REJECT Attachment name "$2" may not end with ".$4"
|
|
|
504 |
#
|
|
|
505 |
# Body pattern to stop a specific HTML browser vulnerability
|
|
|
506 |
# exploit.
|
|
|
507 |
#
|
|
|
508 |
# /etc/postfix/main.cf:
|
|
|
509 |
# body_checks = regexp:/etc/postfix/body_checks
|
|
|
510 |
#
|
|
|
511 |
# /etc/postfix/body_checks:
|
|
|
512 |
# /^<iframe src=(3D)?cid:.* height=(3D)?0 width=(3D)?0>$/
|
|
|
513 |
# REJECT IFRAME vulnerability exploit
|
|
|
514 |
#
|
|
|
515 |
# SEE ALSO
|
|
|
516 |
# cleanup(8), canonicalize and enqueue Postfix message
|
|
|
517 |
# pcre_table(5), format of PCRE lookup tables
|
|
|
518 |
# regexp_table(5), format of POSIX regular expression tables
|
|
|
519 |
# postconf(1), Postfix configuration utility
|
|
|
520 |
# postmap(1), Postfix lookup table management
|
|
|
521 |
# postsuper(1), Postfix janitor
|
|
|
522 |
# postcat(1), show Postfix queue file contents
|
|
|
523 |
# RFC 2045, base64 and quoted-printable encoding rules
|
|
|
524 |
# RFC 2047, message header encoding for non-ASCII text
|
|
|
525 |
#
|
|
|
526 |
# README FILES
|
|
|
527 |
# Use "postconf readme_directory" or "postconf html_direc-
|
|
|
528 |
# tory" to locate this information.
|
|
|
529 |
# DATABASE_README, Postfix lookup table overview
|
|
|
530 |
# CONTENT_INSPECTION_README, Postfix content inspection overview
|
|
|
531 |
# BUILTIN_FILTER_README, Postfix built-in content inspection
|
|
|
532 |
# BACKSCATTER_README, blocking returned forged mail
|
|
|
533 |
#
|
|
|
534 |
# LICENSE
|
|
|
535 |
# The Secure Mailer license must be distributed with this
|
|
|
536 |
# software.
|
|
|
537 |
#
|
|
|
538 |
# AUTHOR(S)
|
|
|
539 |
# Wietse Venema
|
|
|
540 |
# IBM T.J. Watson Research
|
|
|
541 |
# P.O. Box 704
|
|
|
542 |
# Yorktown Heights, NY 10598, USA
|
|
|
543 |
#
|
|
|
544 |
# Wietse Venema
|
|
|
545 |
# Google, Inc.
|
|
|
546 |
# 111 8th Avenue
|
|
|
547 |
# New York, NY 10011, USA
|
|
|
548 |
#
|
|
|
549 |
# HEADER_CHECKS(5)
|
| 193 |
- |
550 |
/^Received:/ IGNORE
|