how to remove received by headers before mail gateway
in [Postfix]
|
Prev: How to accept incoming emails only to the users listed in my application's mysql database
Next: check_recipient_access - negate ldap query to return reject if user is NOT found?
From: Eero Volotinen on 26 Oct 2009 15:15 I am running ssl+sasl authenticated mailgateway and problem is that in some cases clients from world are sending mail from "blacklisted" networks. The main problem is that spamassasin is analyzing received headers and it might tag message as spam by received by headers. So, How I can remove headers only from outgoing mail using: http://www.posluns.com/guides/hedrem.html -- Eero
From: Magnus =?iso-8859-1?Q?B=E4ck?= on 26 Oct 2009 15:27 On Monday, October 26, 2009 at 20:15 CET, Eero Volotinen <eero.volotinen(a)iki.fi> wrote: > I am running ssl+sasl authenticated mailgateway and problem is that > in some cases clients from world are sending mail from "blacklisted" > networks. > > The main problem is that spamassasin is analyzing received headers > and it might tag message as spam by received by headers. > > So, How I can remove headers only from outgoing mail using: > http://www.posluns.com/guides/hedrem.html Yes, header_checks can be used. Howeer, you'd want to avoid doing this to all email. To affect only messages submitted by your clients, define two cleanup(8) services (one with these header checks and one without) and use separate SMTP listener for your SASL clients (which you might have already). http://www.postfix.org/postconf.5.html#cleanup_service_name -- Magnus B�ck magnus(a)dsek.lth.se
From: Eero Volotinen on 26 Oct 2009 15:39 > Yes, header_checks can be used. Howeer, you'd want to avoid doing this > to all email. To affect only messages submitted by your clients, define > two cleanup(8) services (one with these header checks and one without) > and use separate SMTP listener for your SASL clients (which you might > have already). > > http://www.postfix.org/postconf.5.html#cleanup_service_name > Looks like some other people are also tackling with almost same problems: http://www.irbs.net/internet/postfix/0706/0131.html -- Eero
From: Noel Jones on 26 Oct 2009 15:43
On 10/26/2009 2:15 PM, Eero Volotinen wrote: > I am running ssl+sasl authenticated mailgateway and problem is that in > some cases clients from world are sending mail from "blacklisted" networks. > > The main problem is that spamassasin is analyzing received headers and > it might tag message as spam by received by headers. I don't think SA does that by default, but some admins do unreasonable things. A nearby university rejects mail with a blacklisted IP anywhere in the headers, event the Subject!! A local government department adds spam points to mail with no Received: headers, or with a RFC1918 IP somewhere in the headers. (of course, they're the same guys who until recently choked on DKIM signatures.) You just can't win sometimes... set in main.cf: smtpd_sasl_authenticated_header = yes and use a header check something like: (all one line, beware wrapping) /^Received: (.*by myserver.example.com \(Postfix\) with ESMTPS?A id.*)$/ REPLACE X-Submission: $1 Or better, to just rewrite the header on outgoing mail, use the above rule in smtp_header_checks rather than header_checks. -- Noel Jones |