Loading ...
Sorry, an error occurred while loading the content.

header_checks pcre

Expand Messages
  • Andrea
    Hello, I m having a problem with header_checks pcre This rule is working: # Block mail from xxx.yyy.zzz.www and russian domain if /.*xxx .yyy .zzz .www/
    Message 1 of 3 , Jul 18, 2014
    • 0 Attachment
      Hello,
      I'm having a problem with header_checks pcre

      This rule is working:

      # Block mail from xxx.yyy.zzz.www and russian domain
      if /.*xxx\.yyy\.zzz\.www/
      /.*from.*\@.*\.ru.*to.*\@.*/
              reject Mail from russian domain
      endif

      This is not:

      # Block mail from xxx.yyy.zzz.www with sender different from domain.com
      if /.*xxx\.yyy\.zzz\.www/
      !/.*(Ff)rom.*\@domain\.com.*/
              reject This seems spam!
      endif

      Second rule seems to block every mail even from domain.com.
      How can I do what I want?
      I want some IP able to send mail just using some domains.

      Thanks!
      Andrea

    • Noel Jones
      ... I doubt the above is doing what you think. If it seems to work, it s by accident, not by design. Remember header_checks operates on a single header. ...
      Message 2 of 3 , Jul 18, 2014
      • 0 Attachment
        On 7/18/2014 9:04 AM, Andrea wrote:
        > Hello,
        > I'm having a problem with header_checks pcre
        >
        > This rule is working:
        >
        > # Block mail from xxx.yyy.zzz.www and russian domain
        > if /.*xxx\.yyy\.zzz\.www/
        > /.*from.*\@.*\.ru.*to.*\@.*/
        > reject Mail from russian domain
        > endif
        >

        I doubt the above is doing what you think. If it seems to work, it's
        by accident, not by design. Remember header_checks operates on a
        single header.


        > This is not:
        >
        > # Block mail from xxx.yyy.zzz.www with sender different from
        > domain.com <http://domain.com>
        > if /.*xxx\.yyy\.zzz\.www/
        > !/.*(Ff)rom.*\@domain\.com.*/
        > reject This seems spam!
        > endif
        >
        > Second rule seems to block every mail even from domain.com
        > <http://domain.com>.

        This is broken, header_checks operates on a single header.

        > How can I do what I want?
        > I want some IP able to send mail just using some domains.
        >

        header_checks is the wrong tool for this. You'll need some
        combination of check_sender_access and check_client_access, possibly
        combined in a smtpd restriction class. Or use a policy service such
        as postfwd.
        http://www.postfix.org/RESTRICTION_CLASS_README.html
        http://www.postfix.org/SMTPD_POLICY_README.html
        http://postfwd.org/



        -- Noel Jones



        > Thanks!
        > Andrea
        >
      • Wietse Venema
        ... Read this very carefully: if /pattern/flags endif If the input string matches /pattern/, then match that input string against the patterns between if
        Message 3 of 3 , Jul 18, 2014
        • 0 Attachment
          Andrea:
          > Hello,
          > I'm having a problem with header_checks pcre
          >
          > This rule is working:
          >
          > # Block mail from xxx.yyy.zzz.www and russian domain
          > if /.*xxx\.yyy\.zzz\.www/
          > /.*from.*\@.*\.ru.*to.*\@.*/
          > reject Mail from russian domain
          > endif
          >
          > This is not:
          >
          > # Block mail from xxx.yyy.zzz.www with sender different from domain.com
          > if /.*xxx\.yyy\.zzz\.www/
          > !/.*(Ff)rom.*\@domain\.com.*/
          > reject This seems spam!

          Read this very carefully:

          if /pattern/flags

          endif If the input string matches /pattern/, then match that input
          string against the patterns between if and endif. The if..endif
          can nest.

          That is, the SAME input line is matched against ``if /pattern/flags''
          AND against the patterns between if/endif.

          Wietse
        Your message has been successfully submitted and would be delivered to recipients shortly.