|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
avoiding header checks at reinjection after amavisd-new
From: Alain Fauconnet (alain
ait.ac.th)
Date: Tue Dec 14 2004 - 22:37:55 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello,
Due to some policies imposed to me, I've had to come up with a lengthy
set of header_checks regexps. I want these to be applied only when
mail is initially received and not after it is reinjected into Postfix
after the content filtering (amavisd-new).
At this time, my main.cf has:
header_checks = regexp:/etc/postfix/header_checks
and master.cf includes the usual stuff for amavisd-new:
smtp inet n - n - - smtpd
-o content_filter=smtp-amavisd:[127.0.0.1]:10024
smtp-amavisd unix - - n - 10 smtp
-o smtp_data_done_timeout=1200 -o disable_dns_lookups=yes
10025 inet n - n - - smtpd
-o content_filter= -o smtpd_helo_restrictions= -o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o disable_dns_lookups=yes -o header_checks=
[Note: I know, 10025 should be bound only to localhost...]
I see that header (and body) checks are applied at resubmission anyway.
The '-o header_checks=' is ignored.
I've tried to Google around and found that
- Postfix 2.1 supports '-o receive_override_options=no_header_body_checks'
that I should really use instead of '-o header_checks=',
but I'm still using 2.0.7 :-(
- this '-o header_checks=' do not apply to smtpd
(why doesn't it complain then?) and only to the cleanup daemon, so
I should use a separate cleanup entry for the resubmission.
Is this correct?
My understanding is that I should modify master.cf as follows:
(only resubmission part shown)
10025 inet n - n - - smtpd
-o content_filter= -o smtpd_helo_restrictions= -o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o disable_dns_lookups=yes -o cleanup_service_name=cleanup2
cleanup2 unix n - n - 0 cleanup -o header_checks=
Would anyone please confirm that this is what I want to do? This is a busy
production server so I'd better make sure.
Thanks for any help,
Greets,
_Alain_
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]