Loading ...
Sorry, an error occurred while loading the content.
 

Re: rejecting long subject strings with pcre header checks

Expand Messages
  • Victor Duchovni
    ... This is not completely equivalent, it will fail when RFC2047 is used to encode a part of the subject, but unencoded text follows the encoded part. Change
    Message 1 of 24 , Apr 29, 2011
      On Fri, Apr 29, 2011 at 09:30:32AM +0200, Ansgar Wiechers wrote:

      > On 2011-04-29 Troy Piggins wrote:
      > > Check out Victor's reply to my message. He explains the reason, but
      > > I was finding the same as you. This works fine so far:
      > >
      > > if /^Subject:/
      > > if !/=\?\S+\?=(\s|$)/
      > > /\S{60}/ REJECT no spaces
      > > endif
      > > endif
      >
      > For the sake of simplicity:
      >
      > if /^subject: +\S{60}/
      > !/=\?\S+\?=\s*$/ REJECT no spaces
      > endif

      This is not completely equivalent, it will fail when RFC2047 is used to
      encode a part of the subject, but unencoded text follows the encoded part.
      Change the "\s*$" to "(?:\s|$)".

      The rule I posted avoids firing on subjects that contain encoded strings
      anywhere in the subject, not just at the end.

      --
      Viktor.
    • /dev/rob0
      First, a few words on list protocol. You hijacked someone else s thread with a post on an unrelated matter. Not good. You re posting main.cf rather than
      Message 2 of 24 , Apr 30, 2011
        First, a few words on list protocol. You hijacked someone else's
        thread with a post on an unrelated matter. Not good. You're posting
        main.cf rather than "postconf -n". Not ideal. And you're top-posting,
        another problem. In the future please don't do this.

        That said, I think we might have enough to proceed ...

        On Fri, Apr 29, 2011 at 03:56:42PM +0200, Dragan Zubac wrote:
        > /etc/postfix/main.cf
        >
        > myhostname = mx.domain.com
        > myorigin = /etc/mailname
        > mailbox_command = procmail -a "$EXTENSION"
        >
        > virtual_alias_maps = hash:/etc/postfix/virtual
        > mydestination = $myhostname localhost.$mydomain localhost $mydomain
        > relayhost = [10.0.0.202]:52345
        >
        > smtp_sender_dependent_authentication = yes
        > sender_dependent_relayhost_maps = hash:/etc/postfix/sender_relay
        > smtp_sasl_auth_enable = yes
        > smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
        >
        > **********************************************************
        >
        > /etc/postfix/virtual
        >
        > local@... local@localhost

        I bet you don't own "domain.com", either. That's Dotster, the
        registrar. When you mung domain names like this you can make it
        difficult or impossible to figure out the problem. Also, example.TLD
        has been set aside for examples in all gTLDs and many other TLDs. You
        should not use real Internet names as examples.

        It appears that your "domain.com" is not listed in any address class
        definition. There's no sign that you set virtual_alias_domains, and
        your virtual_alias_maps does not have a "domain.com" line. Therefore
        to Postfix, "domain.com" is not your domain.

        > **********************************************************
        >
        > /etc/postfix/sender_relay
        >
        > zubacdragan@... [10.0.0.202]:52345

        What are you trying to do with this? Gmail.com is not your domain
        either.

        > **********************************************************
        >
        > /etc/postfix/sasl_password
        >
        > zubacdragan@... username:password
        >
        > **********************************************************
        >
        > Now I send one email to 'local@...' and it get delivered :
        >
        > Apr 29 14:46:54 mx postfix/smtpd[21720]: connect from
        > f2zubac.test.com[10.0.0.250]
        > Apr 29 14:46:54 mx postfix/smtpd[21720]: 3408B6A0065:
        > client=f2zubac.test.com[10.0.0.250]

        Probably accepted because f2zubac.test.com[10.0.0.250] is in
        mynetworks. BTW there's another real Internet name you have misused.
        Do you own test.com? I bet not.

        > Apr 29 14:46:54 mx postfix/cleanup[21724]: 3408B6A0065:
        > message-id=<4DBAC12E.10900@...>
        > Apr 29 14:46:54 mx postfix/qmgr[21672]: 3408B6A0065:
        > from=<f2zubac@...>, size=919, nrcpt=1 (queue active)
        > Apr 29 14:46:54 mx postfix/smtpd[21720]: disconnect from
        > f2zubac.test.com[10.0.0.250]
        > Apr 29 14:46:54 mx postfix/local[21725]: 3408B6A0065:
        > to=<f2zubac@localhost>, orig_to=<local@...>, relay=local,

        f2zubac@localhost is not what you showed us in the munged
        virtual_alias_maps! You can't even mung consistently. All your
        information, and as a result, my reply, is questionable.

        > delay=0.33, delays=0.26/0.01/0/0.06, dsn=2.0.0, status=sent (delivered
        > to command: procmail -a "$EXTENSION")
        > Apr 29 14:46:54 mx postfix/qmgr[21672]: 3408B6A0065: removed
        >
        > one email to noexist@... and get rejected as expected :
        >
        > Apr 29 14:48:42 mx postfix/smtpd[22073]: connect from
        > f2zubac.test.com[10.0.0.250]
        > Apr 29 14:48:42 mx postfix/smtpd[22073]: NOQUEUE: reject: RCPT from
        > f2zubac.test.com[10.0.0.250]: 550 5.1.1 <noexisting@...>:
        > Recipient address rejected: User unknown in local recipient table;
        > from=<f2zubac@...> to=<noexisting@...> proto=ESMTP
        > helo=<f2zubac.test.com>

        And again, you did not show us "domain.com" in mydestination, so
        these poorly-munged logs are inconsistent with the config shown.

        > Apr 29 14:48:42 mx postfix/smtpd[22073]: disconnect from
        > f2zubac.test.com[10.0.0.250]
        >
        > and now one email from 'zubacdragan@...' ,should be relayed to
        > [10.0.0.202]:52345:
        >
        > Apr 29 14:50:41 mx postfix/smtpd[22394]: connect from
        > mail-fx0-f51.google.com[209.85.161.51]
        > Apr 29 14:50:41 mx postfix/smtpd[22394]: NOQUEUE: reject: RCPT from
        > mail-fx0-f51.google.com[209.85.161.51]: 550 5.1.1
        > <nolocal@...>: Recipient address rejected: User unknown

        Routo-messaging.com wasn't in the mydestination you showed us. There
        is no system user nor alias_maps entry "nolocal". It's rejected.

        > in local recipient table; from=<zubacdragan@...>
        > to=<nolocal@...> proto=ESMTP helo=<mail-fx0-f51.google.com>
        > Apr 29 14:50:41 mx postfix/smtpd[22394]: disconnect from
        > mail-fx0-f51.google.com[209.85.161.51]
        >
        > Shouldn't last email be forwarded to [10.0.0.202]:52345,since it is
        > specified in /etc/postfix/sender_relay ?

        No. It is rejected as described in "ADDRESS_CLASS_README.html".

        What are you trying to do with all this? Start out with a clear
        description of the real-world goal you want to achieve. Also, review
        "DEBUG_README.html#mail" before following up. These pages are in your
        own html_directory or online at www.postfix.org.
        --
        Offlist mail to this address is discarded unless
        "/dev/rob0" or "not-spam" is in Subject: header
      Your message has been successfully submitted and would be delivered to recipients shortly.